Two Level Signature Based Authorization Model for Secure Data Warehouse

  • Anjana Gosain
  • Amar AroraEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 625)


Data Warehouse (DW) security has emerged as a crucial aspect since for the sake of high availability data warehouses started connected to internet. In order to comply with the security requirements, the authentication of legitimate users by verification of user credentials like username, password, etc. has become a standard. On successful verification, different variations of Role Based Access Control (RBAC) techniques are being used restricting user access to the facts and dimensions. But these RBAC’s can only restrict the user access as per their respective roles and there is no check on the behavior pattern of the user access. In this paper, a two level signature based behavior analysis model has been introduced to keep a check on the user’s access pattern. At the first level, the user provides its authentication credentials. On successful verification of these credentials, the user has been allowed to access elements as per its role. Once the user tries to access the DW elements his access pattern will be recorded to form usage access signature. Over the period of time user access profile is created which is used to match the signature of the user. If in case, the user’s signature does not fit in the user access profile created over the period of time, the second level of verification will be performed in a form of secret question etc. The user query will be processed only on successful clearing of the second authentication level; else the current query will be suspended with regret message from the system. This further strengthens the security of the DW even on the compromise of the user’s initial entry credentials.


Data warehouse security Signature based authorization Two level authorization 


  1. Inmon, W.H.: Building the Data Warehouse. Wiley, Hoboken (1991)Google Scholar
  2. Becker, B., Kimball, R., Mundy, J., Ross, M., Thorthwaite, W.: The Data Warehousing Lifecycle Toolkit. Wiley, Hoboken (2008)Google Scholar
  3. Kirkgoze, R., Katic, N., Stolba, M., Tjoa, A.: A security concept for OLAP. In: Proceedings Eighth International Workshop on Database and Expert Systems Applications (DEXA). IEEE (1997)Google Scholar
  4. Berson, A., Smith, J.S.: Data Warehousing Data Mining & OLAP. Series on Data Warehousing and Data Management. McGraw-Hill, New York (1997)Google Scholar
  5. Santos, R., Bernardino, J., Vieira, M.: A survey on data security in data warehousing: issues, challenges and opportunities. In: EUROCON - International Conference on Computer as a Tool (EUROCON), pp. 1–4. IEEE (2011)Google Scholar
  6. Cognos Incorporated: Schrittweise Anleitungen for Transformer. Cognos Power-Play Version 6.0 (1998)Google Scholar
  7. Microsoft Corporation: Microsoft SQL Server OLAP Services Cell-level. Security White-paper (1999)Google Scholar
  8. MicroStrategy Incorporated: MicroStrategy. 7 Administrator Guide (2000)Google Scholar
  9. Oracle Corporation: Oracle Express Database Administration Guide. Release 6.2, Part No. A59962-01 (1998)Google Scholar
  10. Chase, D., Spofford, G., Thomsen, E.: Microsoft OLAP Solutions. Wiley, New York (1999)Google Scholar
  11. Fernández-Medina, E., Trujillo, J., Villarroel, R., Piattini, M.: Extending UML for designing secure data warehouses. In: Atzeni, P., Chu, W., Lu, H., Zhou, S., Ling, T.-W. (eds.) ER 2004. LNCS, vol. 3288, pp. 217–230. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. Fernandez-Medina, E., Piattini, M., Trujillo, J., Villarroel, R.: A UML profile for designing secure data warehouses. Latin Am. Trans. 3(1), 40–48 (2005). IEEEGoogle Scholar
  13. Villarroel, R., Soler, E., Fernández-Medina, E., Trujillo, J., Piattini, M.: Using UML packages for designing secure data warehouses. In: Gavrilova, M.L., Gervasi, O., Kumar, V., Tan, C., Taniar, D., Laganá, A., Mun, Y., Choo, H. (eds.) ICCSA 2006. LNCS, vol. 3982, pp. 1024–1034. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. Eduardo, F., Juan, T., Rodolfo, V.: A UML 2.0/OCL extension for designing secure data warehouses. J. Res. Pract. Inf. Technol. 38(1), 31–44 (2006)Google Scholar
  15. Eduardo, F., Juan, T., Rodolfo, V., Mario, P.: Developing secure data warehouses with a UML extension. Inf. Syst. 32(6), 826–856 (2007). ElsevierCrossRefGoogle Scholar
  16. Emilio, S., Eduardo, F., Juan, T., Mario, P.: A UML 2.0 profile to define security requirements for Data Warehouses. Comput. Stand. Interfaces 31(5), 969–983 (2009). ElsevierCrossRefGoogle Scholar
  17. Salem, A., Triki, S., Ben-Abdallah, H., Harbi, N., Boussaid, O.: Verification of security coherence in data warehouse designs. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 207–213. Springer, Heidelberg (2012)Google Scholar
  18. Dhillon, G.: Information Security Management: Global Challenges in the New Millennium. IGI Global, Hershey (2000)Google Scholar
  19. Iyer, S., Kantarcioglu, M., Thuraisingham, B.: Extended RBAC-based design and implementation for a secure data warehouse. Int. J. Bus. Intell. Data Min. (IJBIDM) 2(4), 367–382 (2007)CrossRefGoogle Scholar
  20. Belén, V., Carlos, B., Eduardo, F., Esperanza, M.: A practical application of our MDD approach for modeling secure XML data warehouses. Decis. Support Syst. 52(4), 899–925 (2012). ElsevierCrossRefGoogle Scholar
  21. Lopes, C.C., Times, V.C., Matwin, S., Ciferri, R.R., Ciferri, C.: Processing OLAP queries over an encrypted data warehouse stored in the cloud. In: Bellatreche, L., Mohania, M.K. (eds.) DaWaK 2014. LNCS, vol. 8646, pp. 195–207. Springer, Heidelberg (2014)Google Scholar
  22. Ali, S., Rauf, A., Khusro, S., Zubair, M., Farman, H., Ullah, S.: An authorization model to access the summarized data of data warehouse. Life Sci. J. 11(6 s) (2014)Google Scholar
  23. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)CrossRefGoogle Scholar
  24. Uzun, E., Atluri, V., Vaidya, J., Sural, S., Ferrara, A.L., Parlato, G.: Security analysis for temporal role based access control. J. Comput. Secur. 22, 961–996 (2014)CrossRefGoogle Scholar
  25. dos Santos, R.J.R.: Enhancing data security in data warehousing. Ph.D. thesis submitted at Department of Informatics Engineering, Faculty of Sciences and Technology, University of Coimbra (2014)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2016

Authors and Affiliations

  1. 1.USICT, Guru Gobind Singh Indraprastha UniversityDelhiIndia
  2. 2.National Informatics Centre, DeitY, Government of IndiaDelhiIndia

Personalised recommendations