Abstract: Context Decision makers query enterprise information stored in Data Warehouses (DW) by using tools (such as On-Line Analytical Processing (OLAP) tools) which use specific views or cubes from the corporate DW or Data Marts, based on the multidimensional modeling. Since the information managed is critical, security constraints have to be correctly established in order to avoid unauthorized accesses. Objective In previous work we have defined a Model-Driven based approach for developing a secure DWs repository by following a relational approach. Nevertheless, is also important to define security constraints in the metadata layer that connects the DWs repository with the OLAP tools, that is, over the same multidimensional structures that final users manage. This paper defines a proposal to develop secure OLAP applications and incorporates it into our previous approach. Method Our proposal is composed of models and transformations. Our models have been defined using the extension capabilities from UML (conceptual model) and extending the OLAP package of CWM with security (logical model). Transformations have been defined by using a graphical notation and implemented into QVT and MOFScript. Finally, this proposal has been evaluated through case studies. Results A complete MDA architecture for developing secure OLAP applications. The main contributions of this paper are: improvement of a UML profile for conceptual modeling; definition of a logical metamodel for OLAP applications; and definition and implementation of transformations from conceptual to logical models, and from logical models to the secure implementation into a specific OLAP tool (SSAS). Conclusion Our proposal allows us to develop secure OLAP applications, providing a complete MDA architecture composed of several security models and automatic transformations towards the final secure implementation. Security aspects are early identified and fitted into a most robust solution that provides us a better information assurance and a saving of time in maintenance. © 2014 Elsevier B.V. All rights reserved.
Other publications of the same journal or congress with authors from the University of Cantabria
