Security Measures for Web ETL Processes

  • Salma DammakEmail author
  • Faiza Ghozzi Jedidi
  • Faiez Gargouri
Conference paper
Part of the Studies in Computational Intelligence book series (SCI, volume 614)


Securityaspectscurrently play a vital role in software systems. As security managers have to operate within limited budgets they also have to patch up the increasing number of software security vulnerabilities. They need to perform a risk evaluation in order to determine the priority of patching-up vulnerabilities. The use of quantitative security assessment methods enables efficient prioritization of security efforts and investments to mitigate the discovered vulnerabilities and thus an opportunity to lower expected losses. Elsewhere, Extraction Transformation Load (ETL) processes, known as a core, development of WeBhouse. Securing these processes is highly important and helps in mitigating security defects in decisional system. For this purposes, this paper adopts the Common Vulnerability Scoring System (CVSS) and proposes a Meta model for security measure in Web ETL processes enabling security manager to asset anticipated vulnerabilities.


Security Requirement Data Warehouse Activity Diagram Security Manager Meta Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    OMG, O.M.: Omg unified modeling language (omg uml), superstructure, v2.1.2 (2007)Google Scholar
  2. 2.
    Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system version 2.0, NIST and Carnegie Mellon University, 1st edn, June 2007Google Scholar
  3. 3.
    Mehedintu, A., Bulgiu, I., Pirvy, C.: Web-enabled Data Warehouse and Data WebhouseGoogle Scholar
  4. 4.
    Hernndez, P., Garrigs, J.: Model-driven development of multidimensional models from web log files, ER?10 Proceedings of the international conference on Advances in conceptual modeling: applications and challenges, pp. 170–179 (2010)Google Scholar
  5. 5.
    Liu, J., Hu Chaou, J., YuanHeJin: Application of Web Services on The Real-time Data Warehouse Technology (2010)Google Scholar
  6. 6.
    Kimball, R., Merz, R.: Le DATA WEBHOUSE:Analyser les comportements client sur le Web, Eyrolles Edition, 2000Google Scholar
  7. 7.
    Muralini, M., Kumar, T.V.S., Kanth, K.R: Simulating Secure Data Extraction in Extraction Transformation Loading (ETL) Processes, In Third UKSim European Symposium on Computer Modeling and Simulation, pp. 142–147 (2009)Google Scholar
  8. 8.
    Muralini, M., Kumar, T.V.S, Kanth, K.R.: Simulating: Secure ETL Process Model: An Assessment of Security in Different Phases of ETL, In Software Engineering Competence Center (2013)Google Scholar
  9. 9.
    Kiran, P., Sathish Kumar, S., Kavya, NP.: Modelling Extraction Transformation Load embedding Privacy Preservation using UML, Int. j. comput. Appl. (2012)Google Scholar
  10. 10.
    National Institute of Standards and Technology Special Publication 800–30, Risk Management Guide for Information Technology Systems, June 2001Google Scholar
  11. 11.
    National Institute of Standards and Technology Special Publication 800–53, Recommended Security Controls for Federal Information Systems, December 2007Google Scholar
  12. 12.
    National Institute of Standards and Technology Special Publication 800–55, Performance Measurement Guide for Information Security, July 2008Google Scholar
  13. 13.
    Cheng, P., Wang,L., Jajodia, S., Singhal, A.: Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics, In SRDS, 2012, pp. 31–40Google Scholar
  14. 14.
    Pengsu, C., Lingyu, W., Anoop, J.: Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics, pp. 31–40. IEEE, SRDS (2012)Google Scholar
  15. 15.
    Siv, H. Virginia, H., Franqueira, N.L., Erlend A. Engum.: Quantifying security risk level from CVSS estimates of frequency and impact, J. sys. softw. 83 (9), ISSN 0164-1212, pp. 1622–1634 (2010)Google Scholar
  16. 16.
    Mallek, H., Walha, A., Faiza, G.J., Gargouri, Faiez: ETL-Web process modeling, 8me edition de la confrence sur les Avancs des Systmes Dcisionnels, Hamamet Tunisia (2014)Google Scholar
  17. 17.
    Bellovin, S.: On the Brittleness of Software and the Infeasibility of Security Metrics, IEEE Security and Privacy (2006)Google Scholar
  18. 18.
    Thompson Lord Kelvin, W.: Electrical Units of Measurement,? Lecture at the Institution of Civil Engineers, London, 3 May 1883, Popular Lectures and Addresses, vol. 1, pp. 73–136 (1889)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Salma Dammak
    • 1
    Email author
  • Faiza Ghozzi Jedidi
    • 1
  • Faiez Gargouri
    • 1
  1. 1.MIRACL-ISIMS Pole technologique de SFAX BP 242-3021Sakiet Ezzit SfaxSfaxTunisia

Personalised recommendations