Model Driven Development of Secure XML Data Warehouses - GPLSI
Model Driven Development of Secure XML Data Warehouses: A Case Study
Belén Vela
Rey Juan Carlos University. Madrid. Spain
Carlos Blanco
[email protected]
University of Cantabria. Santander. Spain
Eduardo Fernández-Medina
University of Castilla-La Mancha. Spain
Esperanza Marcos
Rey Juan Carlos University. Madrid. Spain
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
2
1. Introduction • Importance of Information Security The survival of organizations depends on the correct management of information security and confidentiality Security constraints should be defined from early stages of the development process
• Data Warehouses (DWs) Manage enterprise information for the decision making process Sensitive information which should be protected
The Web and XML Technology Great amount of data available on the Web DWs are considering the Web as data source And XML to interchange data and metadata
3
1. Introduction • Model Driven Architecture (MDA) Is a model oriented approach for software development Is based on the separation between the specification of the system functionality and its implementation by using specific platforms
Defines: Models at different abstraction levels Transformations between models Business Level
Conceptual Level
Logical Level
PSM 1 CIM
Code
Code 1 Code n
PIM PSM n
Code 1 Code n 4
1. Introduction • Our proposal: • Development of Secure XML DWs by using • • •
A methodological approach based on MDA Confidentiality issues (related with read operations) A concrete technology based on the Web and XML Conceptual design • Implementation-independent MD model Mapping Logical design • Technology-dependent MD model (XML) Mapping Implementation 5
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
6
Secure Conceptual Metamodel (PIM) UML profile for DWs - Cubes - Dimensions - Bases - …
Access Control and Audit (ACA) model - Classification: Levels (SL) Roles (SR) Compartments (SC) - Security Rules: Information Security Authorization Auditing 7
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM) • XML Technology • Mappings from conceptual models (PIM) 1. Security Configuration • Security Levels, Roles and Compartments used in the model • Definition of a user profile 2. Star Package • Structural aspects • Fact, Dimensions, Bases,… • Security constraints • Security rules asociated with MD elements 8
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM) Security Configuration
9
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM)
Star Package - Structural aspects - Fact - Dimensions - Bases - Attributes …
10
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM)
Star Package - Security constraints - Security rules associated with MD elements (fact, dimensions,…)
11
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
12
3. Case Study • Case Study DW which manages airport’s information about trips involving passengers, baggage, flights, dates and places This example shows a partial view of this model A fact “Trip” A dimension “Place” related with a base “Airport” A dimension “Passenger” Security configuration used in this example Levels of security Hierarchy of security roles Top Secret (TS)
User
Secret (S) Confidential (C) Unclassified (U)
Airport Security
Administration
Passenger
13
3. Case Study • Conceptual Model (structural aspects)
14
3. Case Study • Conceptual Model (security constraints)
15
3. Case Study • Logical Model
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose +ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C} AUR_Passenger
Schema - <xs:schema xmlns:xs="http://www.w3.org/2001/ XMLSchema" elementFormDefault="qualified"> <xs:element name="SecureMDXML" type="SecureMDXML_Type" /> + <xs:complexType name="SecureInformation_Type"> <xs:sequence /> … … …
> Airport
+ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
User Profile <xs:complexType name="UserProfile_Type"> - <xs:sequence> <xs:element name="userCode" type="xs:integer" /> <xs:element name="name" type="xs:string" /> <xs:element name="SecureInformation" type="SecureInformation_Type" />
16
3. Case Study • Logical Model
Fact
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose
- <xs:complexType name="StarPackage_Type"> - <xs:sequence> - <xs:element name="SecureFactClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name="Trip" maxOccurs="unbounded"> - <xs:complexType>- <xs:sequence> <xs:element name="SecurityLevel" fixed="C" /> <xs:element name="price" type="xs:integer" /> - <xs:element name="purpose"> - <xs:complexType>- <xs:sequence> <xs:element name="S_purpose" type="xs:string" /> <xs:element name="SecurityRole" type="xs:string" fixed="AirportSecurity" /> <xs:element name="seat" type="xs:string" /> <xs:element name="distance" type="xs:string" /> <xs:element name="flightTime" type="xs:string" /> <xs:element name="checkIn" type="xs:string" /> <xs:element name="boarding" type="xs:string" />
> Airport
+ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C} AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
17
3. Case Study • Logical Model
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose +ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C}
Security Rule Associated with the Fact “Trip”
> Airport {SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
<xs:element name="SecurityRules“> <xs:complexType> <xs:sequence> <xs:element name="SIAR_TripPurpose“> <xs:complexType> <xs:sequence> <xs:element name="CABEXP" type="xs:string" fixed="Trip.purpose==military" /> <xs:element name="CABTHEN"> <xs:complexType> <xs:sequence> <xs:element name="SecurityLevel" type="xs:string" fixed="AirportSecurity" /> <xs:element name="SecurityRole" type="xs:string" fixed="S" /> <xs:element name="CABELSE" minOccurs="0“> <xs:complexType> <xs:sequence> <xs:element name="SecurityRole" type="xs:string" fixed="C”/> <xs:attribute name="ownedSCObjects" fixed="Trip" /> <xs:attribute name="involvedClasses" fixed="Passenger" /> <xs:attribute name="idTrip" type="xs:ID" />
> UserProfile +userCode +name +securityLevel +securityRoles
18
3. Case Study • Logical Model
Dimensions and Bases
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose
- <xs:element name="SecureDimensionClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name="Place" maxOccurs="unbounded"> - <xs:complexType>- <xs:sequence> <xs:element name="SecurityLevel" fixed="C" /> <xs:element name="gate" type="xs:string" /> <xs:element name="terminal" type="xs:string" /> <xs:attribute name="placeCode" type="xs:ID" / > <xs:attribute name="AirPort_Base_Ref" type="xs:IDREF" />
+ <xs:element name="SecureBaseClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name="Airport" maxOccurs="unbounded"> - <xs:complexType>- <xs:sequence> <xs:element name="SecurityLevel" fixed="U" /> <xs:attribute name="airportCode" type="xs:ID" />
> Airport
+ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C} AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
- <xs:element name="SecureDimensionClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name=”Passenger" maxOccurs="unbounded"> … …
19
3. Case Study • Logical Model
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose +ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C}
Security Rule Associated with the Dimension “Passenger”
> Airport
AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
- <xs:element name="AutorizationRules"> - <xs:complexType>- <xs:sequence>- <xs:element name="AUR_Passenger"> - <xs:complexType>- <xs:sequence> <xs:element name="Sign" type="xs:string" fixed="+" /> <xs:element name="Privilege" type="xs:string" fixed="read" /> <xs:element name="CABEXP" type="xs:string" fixed="UserProfile.name ==Passenger.name" /> <xs:element name="SecInf" type="SecureInformation_Type" minOccurs="0" /> <xs:attribute name="ownedSCObjects" fixed="Passenger" />
20
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
21
4. Conclusions • Conclusions Development of Secure XML DWs Use of the Model Driven Approach (MDA) Secure Conceptual MD Model (PIM) Independent of the target logical MD model Secure Logical MD Model (PSM) Focused on the XML Technology Including structural and security issues Semi-automatic Mapping from conceptual models
22
4. Conclusions • Further work To define the mappings by using QVT transformations To transform security constraints defined with OCL into XPATH To apply the propossal to new case studies
• Discussion Since DWs mainly deals with read operations we focus our security work on confidentiality ¿Should other security issues be modeled for DWs? Integrity,… ¿Does cloud warehouses include new security aspects that should be modeled?
23
Model Driven Development of Secure XML Data Warehouses: A Case Study
Thanks for your attention
Belén Vela
Rey Juan Carlos University. Madrid. Spain
Carlos Blanco
[email protected]
University of Cantabria. Santander. Spain
Eduardo Fernández-Medina
University of Castilla-La Mancha. Spain
Esperanza Marcos
Rey Juan Carlos University. Madrid. Spain
Belén Vela
Rey Juan Carlos University. Madrid. Spain
Carlos Blanco
[email protected]
University of Cantabria. Santander. Spain
Eduardo Fernández-Medina
University of Castilla-La Mancha. Spain
Esperanza Marcos
Rey Juan Carlos University. Madrid. Spain
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
2
1. Introduction • Importance of Information Security The survival of organizations depends on the correct management of information security and confidentiality Security constraints should be defined from early stages of the development process
• Data Warehouses (DWs) Manage enterprise information for the decision making process Sensitive information which should be protected
The Web and XML Technology Great amount of data available on the Web DWs are considering the Web as data source And XML to interchange data and metadata
3
1. Introduction • Model Driven Architecture (MDA) Is a model oriented approach for software development Is based on the separation between the specification of the system functionality and its implementation by using specific platforms
Defines: Models at different abstraction levels Transformations between models Business Level
Conceptual Level
Logical Level
PSM 1 CIM
Code
Code 1 Code n
PIM PSM n
Code 1 Code n 4
1. Introduction • Our proposal: • Development of Secure XML DWs by using • • •
A methodological approach based on MDA Confidentiality issues (related with read operations) A concrete technology based on the Web and XML Conceptual design • Implementation-independent MD model Mapping Logical design • Technology-dependent MD model (XML) Mapping Implementation 5
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
6
Secure Conceptual Metamodel (PIM) UML profile for DWs - Cubes - Dimensions - Bases - …
Access Control and Audit (ACA) model - Classification: Levels (SL) Roles (SR) Compartments (SC) - Security Rules: Information Security Authorization Auditing 7
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM) • XML Technology • Mappings from conceptual models (PIM) 1. Security Configuration • Security Levels, Roles and Compartments used in the model • Definition of a user profile 2. Star Package • Structural aspects • Fact, Dimensions, Bases,… • Security constraints • Security rules asociated with MD elements 8
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM) Security Configuration
9
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM)
Star Package - Structural aspects - Fact - Dimensions - Bases - Attributes …
10
Secure XML Logical Metamodel (PSM) • Secure XML Logical Metamodel (PSM)
Star Package - Security constraints - Security rules associated with MD elements (fact, dimensions,…)
11
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
12
3. Case Study • Case Study DW which manages airport’s information about trips involving passengers, baggage, flights, dates and places This example shows a partial view of this model A fact “Trip” A dimension “Place” related with a base “Airport” A dimension “Passenger” Security configuration used in this example Levels of security Hierarchy of security roles Top Secret (TS)
User
Secret (S) Confidential (C) Unclassified (U)
Airport Security
Administration
Passenger
13
3. Case Study • Conceptual Model (structural aspects)
14
3. Case Study • Conceptual Model (security constraints)
15
3. Case Study • Logical Model
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose +ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C} AUR_Passenger
Schema - <xs:schema xmlns:xs="http://www.w3.org/2001/ XMLSchema" elementFormDefault="qualified"> <xs:element name="SecureMDXML" type="SecureMDXML_Type" /> + <xs:complexType name="SecureInformation_Type"> <xs:sequence /> … … …
> Airport
+ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
User Profile <xs:complexType name="UserProfile_Type"> - <xs:sequence> <xs:element name="userCode" type="xs:integer" /> <xs:element name="name" type="xs:string" /> <xs:element name="SecureInformation" type="SecureInformation_Type" />
16
3. Case Study • Logical Model
Fact
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose
- <xs:complexType name="StarPackage_Type"> - <xs:sequence> - <xs:element name="SecureFactClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name="Trip" maxOccurs="unbounded"> - <xs:complexType>- <xs:sequence> <xs:element name="SecurityLevel" fixed="C" /> <xs:element name="price" type="xs:integer" /> - <xs:element name="purpose"> - <xs:complexType>- <xs:sequence> <xs:element name="S_purpose" type="xs:string" /> <xs:element name="SecurityRole" type="xs:string" fixed="AirportSecurity" /> <xs:element name="seat" type="xs:string" /> <xs:element name="distance" type="xs:string" /> <xs:element name="flightTime" type="xs:string" /> <xs:element name="checkIn" type="xs:string" /> <xs:element name="boarding" type="xs:string" />
> Airport
+ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C} AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
17
3. Case Study • Logical Model
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose +ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C}
Security Rule Associated with the Fact “Trip”
> Airport {SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
<xs:element name="SecurityRules“> <xs:complexType> <xs:sequence> <xs:element name="SIAR_TripPurpose“> <xs:complexType> <xs:sequence> <xs:element name="CABEXP" type="xs:string" fixed="Trip.purpose==military" /> <xs:element name="CABTHEN"> <xs:complexType> <xs:sequence> <xs:element name="SecurityLevel" type="xs:string" fixed="AirportSecurity" /> <xs:element name="SecurityRole" type="xs:string" fixed="S" /> <xs:element name="CABELSE" minOccurs="0“> <xs:complexType> <xs:sequence> <xs:element name="SecurityRole" type="xs:string" fixed="C”/> <xs:attribute name="ownedSCObjects" fixed="Trip" /> <xs:attribute name="involvedClasses" fixed="Passenger" /> <xs:attribute name="idTrip" type="xs:ID" />
> UserProfile +userCode +name +securityLevel +securityRoles
18
3. Case Study • Logical Model
Dimensions and Bases
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose
- <xs:element name="SecureDimensionClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name="Place" maxOccurs="unbounded"> - <xs:complexType>- <xs:sequence> <xs:element name="SecurityLevel" fixed="C" /> <xs:element name="gate" type="xs:string" /> <xs:element name="terminal" type="xs:string" /> <xs:attribute name="placeCode" type="xs:ID" / > <xs:attribute name="AirPort_Base_Ref" type="xs:IDREF" />
+ <xs:element name="SecureBaseClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name="Airport" maxOccurs="unbounded"> - <xs:complexType>- <xs:sequence> <xs:element name="SecurityLevel" fixed="U" /> <xs:attribute name="airportCode" type="xs:ID" />
> Airport
+ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C} AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
- <xs:element name="SecureDimensionClasses"> - <xs:complexType>- <xs:sequence> - <xs:element name=”Passenger" maxOccurs="unbounded"> … …
19
3. Case Study • Logical Model
> Trip
> Place
{SL=C}
+idTrip +price +purpose {SR=Airport Security} +seat +distance +flightTime +checkIn +boarding
{SL=C}
+deptPlace +arrvPlace
> SIAR_TripPurpose +ownedSCObjects = {Trip} +involvedClasses = {Passenger} +CABExp = "Trip.purpose=='military'" +CATHENSecInf = {SL=S; SR=Airport Security} +CAELSESecInf = {SL=C}
Security Rule Associated with the Dimension “Passenger”
> Airport
AUR_Passenger +ownedSCObjects = {Passenger} +ExceptSign = + +ExceptPrivilege = read +CABExp = "UserProfile.name == Passenger.name"
{SL=U}
+placeCode +gate +terminal
+airportCode
> Passenger {SL=S}
+passengerCode +name +address +fingerprint {SR=Airport Security} +passportPhoto {SR=Airport Security} +suspicious {SR=Airport Security}
> UserProfile +userCode +name +securityLevel +securityRoles
- <xs:element name="AutorizationRules"> - <xs:complexType>- <xs:sequence>- <xs:element name="AUR_Passenger"> - <xs:complexType>- <xs:sequence> <xs:element name="Sign" type="xs:string" fixed="+" /> <xs:element name="Privilege" type="xs:string" fixed="read" /> <xs:element name="CABEXP" type="xs:string" fixed="UserProfile.name ==Passenger.name" /> <xs:element name="SecInf" type="SecureInformation_Type" minOccurs="0" /> <xs:attribute name="ownedSCObjects" fixed="Passenger" />
20
Contents
Contents
1. INTRODUCTION
2. MDD OF SECURE XML DWs
3. CASE STUDY
4. CONCLUSIONS
21
4. Conclusions • Conclusions Development of Secure XML DWs Use of the Model Driven Approach (MDA) Secure Conceptual MD Model (PIM) Independent of the target logical MD model Secure Logical MD Model (PSM) Focused on the XML Technology Including structural and security issues Semi-automatic Mapping from conceptual models
22
4. Conclusions • Further work To define the mappings by using QVT transformations To transform security constraints defined with OCL into XPATH To apply the propossal to new case studies
• Discussion Since DWs mainly deals with read operations we focus our security work on confidentiality ¿Should other security issues be modeled for DWs? Integrity,… ¿Does cloud warehouses include new security aspects that should be modeled?
23
Model Driven Development of Secure XML Data Warehouses: A Case Study
Thanks for your attention
Belén Vela
Rey Juan Carlos University. Madrid. Spain
Carlos Blanco
[email protected]
University of Cantabria. Santander. Spain
Eduardo Fernández-Medina
University of Castilla-La Mancha. Spain
Esperanza Marcos
Rey Juan Carlos University. Madrid. Spain
