Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data and Applications Security Developments and Directions

Published byShana Shepherd Modified over 5 years ago

Similar presentations

Presentation on theme: "Data and Applications Security Developments and Directions"— Presentation transcript:

1 Data and Applications Security Developments and Directions
Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #17 Secure Data Warehousing March 14, 2007

2 Outline Background on Data Warehousing What is a Data Warehouse?
Data Warehousing Technologies Data Warehouse Design Distributing the Data Warehouse Data Modeling Indexing Security Issues for Data Warehousing

3 What is a Data Warehouse?
A Data Warehouse is a: Subject-oriented Integrated Nonvolatile Time variant Collection of data in support of management’s decisions From: Building the Data Warehouse by W. H. Inmon, John Wiley and Sons Integration of heterogeneous data sources into a repository Summary reports, aggregate functions, etc.

4 Example Data Warehouse
Users Query the Warehouse Data Warehouse: Data correlating Employees With Medical Benefits and Projects Could be any DBMS; Usually based on the relational data model Oracle DBMS for Employees Sybase DBMS for Projects Informix DBMS for Medical

5 Some Data Warehousing Technologies
Heterogeneous Database Integration Statistical Databases Data Modeling Metadata Access Methods and Indexing Language Interface Database Administration Parallel Database Management

6 Data Warehouse Design Appropriate Data Model is key to designing the Warehouse Higher Level Model in stages Stage 1: Corporate data model Stage 2: Enterprise data model Stage 3: Warehouse data model Middle-level data model A model for possibly for each subject area in the higher level model Physical data model Include features such as keys in the middle-level model Need to determine appropriate levels of granularity of data in order to build a good data warehouse

7 Distributing the Data Warehouse
Issues similar to distributed database systems Branch A Branch A Branch B Branch B Branch B Warehouse Branch A Warehouse Central Bank Central Bank Central Warehouse Central Warehouse Non-distributed Warehouse Distributed Warehouse

8 Multidimensional Data Model

9 Indexing for Data Warehousing
Bit-Maps Multi-level indexing Storing parts or all of the index files in main memory Dynamic indexing

10 Metadata Mappings

11 Data Warehousing and Security
Security for integrating the heterogeneous data sources into the repository e.g., Heterogeneity Database System Security, Statistical Database Security Security for maintaining the warehouse Query, Updates, Auditing, Administration, Metadata Multilevel Security Multilevel Data Models, Trusted Components

12 Example Secure Data Warehouse

13 Secure Data Warehouse Technologies

14 Security for Integrating Heterogeneous Data Sources
Integrating multiple security policies into a single policy for the warehouse Apply techniques for federated database security? Need to transform the access control rules Security impact on schema integration and metadata Maintaining transformations and mappings Statistical database security Inference and aggregation e.g., Average salary in the warehouse could be unclassified while the individual salaries in the databases could be classified Administration and auditing

15 Security Policy for the Warehouse
Federated Policy Federated Policy for Federation for Federation F1 F2 Export Policy Export Policy Export Policy Export Policy for Component A for Component B for Component B for Component C Generic Policy Generic Policy Generic policy for Component A for Component B for Component C Component Policy Component Policy Component Policy for Component A for Component B for Component C Security Policy Integration and Transformation Federated policies become warehouse policies?

16 Security Policy for the Warehouse - II

17 Secure Data Warehouse Model

18 Methodology for Developing a Secure Data Warehouse

19 Multi-Tier Architecture
Tier N: Secure Data Warehouse Tier N: Data Warehouse Builds on Tier N Builds on Tier N - - 1 1 * * Each layer builds on the Previous Layer Schemas/Metadata/Policies * * Tier 2: Builds on Tier 1 Tier 2: Builds on Tier 1 Tier 1:Secure Data Sources Tier 1:Secure Data Sources

20 Administration Roles of Database Administrators, Warehouse Administrators, Database System Security officers, and Warehouse System Security Officers? When databases are updated, can trigger mechanism be used to automatically update the warehouse? i.e., Will the individual database administrators permit such mechanism?

21 Auditing Should the Warehouse be audited? Advantages
Keep up-to-date information on access to the warehouse Disadvantages May need to keep unnecessary data in the warehouse May need a lower level granularity of data May cause changes to the timing of data entry to the warehouse as well as backup and recovery restrictions Need to determine the relationships between auditing the warehouse and auditing the databases

22 Multilevel Security Multilevel data models
Extensions to the data warehouse model to support classification levels Trusted Components How much of the warehouse should be trusted? Should the transformations be trusted? Covert channels, inference problem

23 Inference Controller

24 Status and Directions Commercial data warehouse vendors are incorporating role- based security (e.g., Oracle) Many topics need further investigation Building a secure data warehouse Policy integration Secure data model Inference control

Download ppt "Data and Applications Security Developments and Directions"

Similar presentations

Building Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Semantic web technologies for secure interoperability and.

Building Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Semantic web technologies for secure interoperability and.
Secure Data Architectures

Secure Data Architectures
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Multilevel Secure Database.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Multilevel Secure Database.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Multilevel Secure Database.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Multilevel Secure Database.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Multilevel Secure Data Management.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Multilevel Secure Data Management.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #15 Secure Multimedia Data.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #15 Secure Multimedia Data.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Security for Distributed Data Management.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Security for Distributed Data Management.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #17 Data Warehousing, Data.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #17 Data Warehousing, Data.
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011.

Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #11 Secure Heterogeneous.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #11 Secure Heterogeneous.
Data Mining and Data Warehousing: Concepts and Techniques What is a Data Warehouse? Data Warehouse vs. other systems, OLTP vs. OLAP Conceptual Modeling.

Data Mining and Data Warehousing: Concepts and Techniques What is a Data Warehouse? Data Warehouse vs. other systems, OLTP vs. OLAP Conceptual Modeling.
Databases and DBMSs Todd S. Bacastow January 2005.

Databases and DBMSs Todd S. Bacastow January 2005.
Data and Applications Security

Data and Applications Security
Chapter 2: Database System Concepts and Architecture - Outline

Chapter 2: Database System Concepts and Architecture - Outline
Data and Applications Security Developments and Directions

Data and Applications Security Developments and Directions
An Introduction to database system

An Introduction to database system
Chapter 2 Database System Concepts and Architecture

Chapter 2 Database System Concepts and Architecture
Data and Applications Security Developments and Directions

Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions

Data and Applications Security Developments and Directions

Similar presentations

Ads by Google