INTERNATIONAL JOURNAL OF COMPUTERS Volume 9, 2015

Data security approaches and solutions

for data warehouse
Saiqa Aleem, Luiz Fernando Capretz and Faheem Ahmed

that sensitive data does not fall into the wrong hands when
data are consolidated into one big repository and become an
Abstract— Data Warehouse (DWH) contains large amount of easy target for malicious outside or inside attackers. Many
historical data from heterogeneous operational sources and provide published security statistics show that the number of attacks on
multidimensional views, thus supplying sensitive and critical data is increasing continuously [2]. Data security focusses
information which help decision-makers to improve the mainly on three issues: confidentiality, integrity, and
organization’s business processes. The critical business information availability, these concepts are also know by the acronym CIA.
at one place and nature of the aggregated queries make it vulnerable
Confidentiality emphasizes protection of information from
for malicious outside and inside attackers. For database aggregated
queries most of the existing data security solutions are not sufficient, unauthorized disclosure, either by indirect logical inference or
require too many resources along with increase query response time by direct retrieval [3]. Integrity involves data protection from
and results into many false alarms. In this study, we conducted a accidental or malicious changes such as false data insertion,
survey of available data security approaches, solutions, and strategies contamination, or destruction. Availability ensures that data
for data warehouse environment. are accessible to all authorized users at any time. In the past,
many data security solutions for databases have been
Keywords— data warehouse, security issues, data integrity, privacy, proposed.
confidentiality. Although available solutions have been proven to be
scientifically effective, they are infeasible or at least inefficient
I. INTRODUCTION for a DWH environment because this environment requires
specific performance. Most of today’s DWH security solutions
In today’s competitive business environment, organizations lack effective security procedures to protect the data accessed
need to collaborate with each other and track their through them. Existing security methods can be best for
performance for market trend analysis. With the help of restricting security breaches, but cannot completely eliminate
advances in computer and network technology, organizations the risk.
stores, collect, and analyze vast amounts of data efficiently and In this paper, we present a survey of the security
quickly. Data are analyzed by the organization not only for approaches available for DWHs and the issues concerning
market trend identification, but also to examine the each type of security approach. The remainder of the paper is
effectiveness of their activities and to make decisions that organized into two sections. In Section 2, various existing data
affect their bottom line. Therefore, data management has security solutions for DWHs are presented, and specific issues
become crucial because organizations not only need to store in the DWH environment are discussed. Finally, Section 3
and retrieve data, but also need to derive meaningful concludes the paper and highlights future research directions.
information from it. As a consequence, organizations have
come to depend more on knowledge management technologies II. SECURITY APPROACHES FOR DWH
such as interoperable knowledge management, knowledge
repositories, and data warehouses (DWH). A DWH is an integral part of an organization and empowers
A data warehouse may contain massive amounts of its users by enabling them to retrieve information about the
organizational data such as financial information, credit card business process as a whole. According to Devbandu [4],
numbers, organization trade secrets, and personal data, thus security is an important requirement for DWH development,
they are vulnerable to cyberattack [1]. A DWH must ensure starting from requirements and continuing through
implementation and maintenance. Security solutions for on-
line transactional processing (OLTP) systems cannot be
appropriate for DWHs because in OLTP, security controls are
Saiqa Aleem and Dr. Luiz Fernando Capretz are with Department of applied on rows, columns, or tables, while DWHs need to be
Electrical & Computer Engineering,Western University, London, ON, Canada
(Email: {saleem4, lcapretz}@uwo.ca).
accessed by different numbers of users for different content
because multidimensionality is a basic principle of a DWH [1],
Faheem Ahmed is with Department of Computing Science, Thompson
Rivers University, Kamloops, BC, Canada (Email: [email protected]). [5].

ISSN: 1998-4308 91
 INTERNATIONAL JOURNAL OF COMPUTERS Volume 9, 2015

Data extraction, transformation, cleaning, and preparation policies can be defined based on the level of analysis required
have all been done before the data are loaded into the DWH. by the organization, such as hiding of the whole cube, of
Security concerns must be addressed at all layers of a DWH certain measures, of slices of the cube, or of levels of detail. In
system. Moreover, DWH security cannot be ensured unless the advanced requirements, one can define policies like hiding
security of the underlying operating system and the network levels of detail at certain security levels, of certain measures in
have been addressed [6]. Various security solutions have been certain slices, of certain slices in different dimensions, and of
proposed in the DWH literature and are described below, dynamic or data-driven policies. On top of the requirements
categorized according to how they address basic security policies, inference control can be defined. In statistical
concerns such as CIA. research, information inference has already been identified. A
similar problem has been identified through parallel
A. DWH Security Approaches for Confidentiality Issues
classification in OLAP [10].
Confidentiality emphasizes protection of information from
unauthorized disclosure, either by indirect logical inference or B. DWH Security Approaches for Integrity
by direct retrieval [3]. In order to address DWH confidentiality Integrity involves data protection from accidental or malicious
concerns, many approaches have been proposed dealing with changes such as false data insertion, contamination, or
access control. Access-control mechanisms involve controlling destruction. The disadvantage of access-control mechanisms is
both invocation and administration of the DWH and the source that they do not capture inferences on data in the case of an
databases. Authentication and audit mechanisms also fall aggregated OLAP query. Inferences on data lead to the
under access control and must be installed in a DWH integrity issue. For more than thirty years, inference-control
environment. Doshi et al. [7] presented a role-based approaches have been studied in statistical and census
authorization model and identified two categories of roles: the databases [11[, [12], [13]. The proposed approaches can be
developer role, which is responsible for extraction, integration, categorized into restriction-based and perturbation-based
and transformation of data scripts, and the operations role, techniques. Restriction-based inference control techniques
which invokes the corresponding processes. These roles do not simply deny unsafe queries to prevent malicious inference.
require direct data access, but need only to run trusted Perturbation techniques add noise to data, swap data, or
procedures. Based on role assignments, permissions on data modify the original data and can also apply data modification
are allocated. In case of failures or problems, additional to each query dynamically. The approaches presented to solve
permissions can be granted as needed to access additional data the integrity issue can be classified further as described below.
to fix the problem, but such permissions must be monitored by
audits. i) Restriction-based approaches
Conventionally, DWHs have been accessed by high-level In restriction-based inference-control techniques, the safety of
users such as business analysts and executive management. a query is determined based on the maximum number of values
Therefore, critical access-control issues also arise at the front aggregated by dissimilar queries [12], the minimum number of
end of a DWH. Most DWH or OLAP vendors assume that values aggregated by a query [14], and the highest rank of the
there is no need to provide fine-grained access-control support matrix expressing answered queries [15]. Cell suppression and
for a DWH front end because it hinders discovery of analytical partition can also be performed to protect sensitive data. To
information. However, this assumption is not appropriate detect inference on data, suppression can be performed on
because many users can access analytical tools to query the cells that contain small COUNT values. Inferences can be
DWH. Front-end DWH applications can provide both static removed using linear programming-based methods. This type
and dynamic reporting. Imposing access control on static of detection method is effective only for two-dimensional
reports is not a problem because it can be defined on a report tables; it will not work for three- or higher-dimensional tables
basis. For dynamic reporting like data-mining queries, it is [16], [17].
difficult to provide appropriate access-control policies. This Micro-aggregation and partitioning considers specific type
leads to the problem of data inference; for example, a user may of aggregations. In partitioning methods, a partition is defined
not be authorized to obtain particular information, but may on sensitive data, and a restriction is applied on a complete
retrieve it through an aggregated query. block of a partition for aggregate queries [18, 19]. Micro-
Protecting sensitive data from unauthorized access leads to aggregation also replaces cluster averages with their sensitive
the necessity of front-end access-control policies. Priebe & values [20]. Both methods are not based on dimensional
Pernul [8] presented an OLAP security requirements hierarchies and therefore may contain meaningless blocks that
methodology based on a regular database security model [9]. are not useful for users.
However, DWH security requirements are different from a
regular database security model because DWH capabilities are ii) Combined Access- and Inference-Control Approaches
significantly different from those of a relational database In order to remove security threats, access control and
management system. The proposed model provides a inference control together can provide a good solution.
separation between security policies and their implementation. Ensuring security should not affect the usefulness of DWH and
To define access-control security policies, requirements must OLAP systems. Wand & Jajodia [21] proposed a three-tier
be identified by preliminary analysis. security architecture for a DWH. Usually, two tiers can be
Priebe & Pernul [8] divided them into two types of found in statistical databases, such as sensitive data and
requirements: basic and advanced. In basic requirements, aggregation queries. This two-tier architecture has some

ISSN: 1998-4308 92
 INTERNATIONAL JOURNAL OF COMPUTERS Volume 9, 2015

inherent drawbacks: inference checking during run-time query user behaviours at all stages and points at the conceptual level.
processing may result in unacceptable delays, and also under During multi-dimensional modelling, the ACA model can be
this two-tier architecture, inference-control techniques cannot included because it extends UML capabilities for designing
benefit from the special characteristics of OLAP. To overcome secure DWH systems.
these drawbacks, the research has defined a three-tier A multi-dimensional (MD) model of a DWH system was
architecture to provide access control between the first and also proposed by Lujan et al. [25] based on an UML profile
second tiers and inference control between the second and extension. The work defined sets of stereotypes, tagged values
third tiers. and constraints to represent main MD properties at the
The proposed architecture helps to reduce unnecessary conceptual level. The constraints for stereotypes were
delays resulting from inference checking in several ways. By specified using Object Constraint Language (OCL) to prevent
adopting these methods, the size of the inputs to inference- their arbitrary use. Furthermore, the same extended UML
control algorithms can be reduced, consequently reducing approach was used in Secure DWH [26]. The work identified
complexity. A cardinality-based method [22] is an example of security constraints in conceptual MD modelling [27] and
a technique in which aggregations can be defined based on the proposed a system which was independent of the target
dimension hierarchy and queries are limited to data-cube cells. platform.
For access control, the paper described a framework which
specifies authorization objects in data cubes. iv) Data Masking and Perturbation-Based Security
An authorization object must satisfy certain desired Approaches
properties: like any cell in an object, the ancestors of that cell Data disclosure can be easily avoided by data-masking
must be included in the particular object. The object may also approaches. Using data masking, original data values can be
contain detailed information about the ancestors of a sensitive replaced or changed. Currently, the best practices for data
cell and should also be considered as sensitive. The basic masking are used by Oracle in their DBMS [28]. In data
lattice-based inference method [55] can be used and masking, encryption is an advanced form of enforcing privacy.
implemented on the three-tier inference-control model. The Oracle has also developed Transparent Data Encryption (TDE)
first methodology used existing inference-control methods for in the 10g and 11g versions of its DBMS. TDE incorporates
statistical databases, whereas the second methodology was the well-known AES and 3DES encryption algorithms [29],
designed to remove the limitations of existing inference- [30].
control methods. The work claims that both methods could be Santos et al. [31] proposed a data-masking technique for
applied on the basis of a three-tier inference control data warehouses consisting only of numerical values. The
architecture that is more appropriate for DWH and OLAP proposed approach was based on mathematical modulus
systems specifically. operators such as division, remainder, and two simple
arithmetic operations, which can be used without changing
iii) Modelling-based Approaches to DWH Security DBMS source code and user applications. They claimed that
Triki et al. [23] proposed approach provides semi-automatic the proposed formula required low computational effort and
inference detection at the DWH design level. The approach that as a result, query response-time overheads became
presented consists of three phases. The first phase identifies relatively small while still providing an appropriate security
sensitive data from DWH schemata with the collaboration of level.
security designers and experts in the field. In the second phase, K-anonymity-based approaches [32], [33] also reveal
an inference graph based on a class diagram is constructed to sensitive information without threatening privacy. In K-
detect elements which may cause inferences in future. The anonymity, each record will remain indistinguishable from at
security designer also distinguishes between elements leading least k-1 others because the others have the same identifying
to precise and partial inferences. Precise inference means that attribute values. K-anonymity and inference-control methods
exact information is disclosed, whereas partial inference leads can be combined to obtain a better solution.
only to partial disclosure of information.
The inference graph consists of a set of nodes representing
C. DWH Security Approaches for the Availability Issues
the data. Then nodes are connected to each other by oriented
arcs representing the direction of inference and its type (partial Data availability is of utmost importance in any DWH system.
or precise). In the third phase, DWH schemata are enriched This involves data recovery from real-time corruption or
automatically by UML annotations which flag the elements incorrect data modification and continuous 24/7 user access.
that may lead to both types of inferences. The work claimed Data replication is performed to be able to restore damaged
that their approach had two advantages: independence of the data using many proposed solutions. In this way, database
data domain, and use of available data to detect inferences. downtime because of maintenance interventions can also be
Fernandez-Medina et al. [24] proposed an Access and avoided, and query-processing efforts can be divided, avoiding
Audit Control (ACA) model for data-warehouse modelling at data-access hotspots. Well-known RAID architectures can be
the conceptual level based on data classification. It specified used for mirroring data [34], [35] on systems where
three security rules: authorization rules for users and objects, centralized servers contain the database. However,
sensitive information assignment rules identifying multilevel organizations have been implementing their DWHs in low-cost
security policies, and audit rules which are used to analyze machines for cost-optimization purposes. RAID technology is

ISSN: 1998-4308 93
 INTERNATIONAL JOURNAL OF COMPUTERS Volume 9, 2015

not suitable for this kind of situation because typically only recovery methods to repair or restore corrupted data
one disk drive is present. quickly, efficiently, and effectively.
In today’s market, commercial solutions for the DWH data- 4) Evaluation methods for DWH security are also needed.
availability issue are available, such as Oracle RAC [36] and None of the approaches examined addresses the issue of
Aster Data [37]. Hamming codes provide another approach to how one can assess the maturity level of security in a
recover corrupted data using error-correction codes. The DWH.
proposed data-storage system makes it possible to recover 5) Confidentiality, data integrity, and availability are also basic
corrupted data blocks by using error-correcting codes, requirements for DWH security. A combination of the
remapping bad blocks, and replicating blocks [38], [39]. approaches discussed above could be helpful in providing a
Marsh & Schneider [40] proposed a technique for distributed solution.
storage used the same features as described earlier plus 6) Most of the approaches are domain-dependent, not generic,
encryption methods. Other researchers [41], [42], [43], [44], or are somehow constraints-based.
[45] have also proposed architecture assessment and self- 7) A DWH security maintenance mechanism is needed that
healing methods to address the availability issue. Recently, takes specific security requirements into consideration and
Darwish et al. [46] have establish cloud-based protocols to applies them appropriately.
defend against denial-of-services attacks. 8) A model is needed that helps to identify security
requirements automatically throughout the DWH life cycle
III. DISCUSSION and makes it possible to provide proper authentication.
A literature review of the various approaches to DWH security None of the existing approaches addressed this issue. The
has been presented above. Table 1 summarizes a comparison proper identification of security policies is a highly critical
of various security approaches for DWHs. A DWH needs starting point in implementing security in a DWH.
powerful security features in addition to its normal 9) Most of the approaches used standard encryption methods
functionalities. The primary security requirements are and tried to provide strong data privacy. However, use of
summarized by the Confidentiality, Integrity and Availability this type of encryption method makes them inefficient for
(CIA) acronym. A full set of security features can be defined DWH use. Encryption algorithms like AES and 3DES
under these three basic properties, such as access control, require large computational effort and have a huge impact
inference control, non-repudiation, authentication, on performance. A technique is therefore needed that
authorization, and availability. The best security model is one provides strong data privacy with less computational effort
that provides end-to-end security in all phases of DWH, and also maintains high performance, which is the basic
starting from modelling and continuing through requirement of DWH use.
implementation and maintenance. Moreover, the security 10)A method is also needed that specifically addresses the
model must address the three basic CIA security requirements. DWH availability issue. It will improve existing data
Some of these approaches consider security requirement recovery methods to repair or restore corrupted data
confidentiality. The proposed methods provide secure role- quickly, efficiently, and effectively.
based authorization [7] and identification of general and 11)Evaluation methods for DWH security are also needed.
advanced requirements for access-control techniques [8]. None of the approaches examined addresses the issue of
Security approaches which discussed integrity issues were how one can assess the maturity level of security in a
further classified by how they address this type of security DWH.
concern. Some of the approaches also tried to address the issue 12)Confidentiality, data integrity, and availability are also
of DWH availability. In short, all the proposed approaches basic requirements for DWH security. A combination of
addressed only some aspects of security, and a DWH security the approaches discussed above could be helpful in
model are needed that covers all the security requirements and providing a solution to this problem.
also help in developing a secure DWH. The identified issues 13)Most of the approaches are domain-dependent, not generic,
with security approaches in DWHs are listed below: or are somehow constraints-based.
14)A DWH security maintenance mechanism is needed that
1) Proper identification of security policies is a highly critical takes specific security requirements into consideration and
starting point in implementing security in a DWH. applies them appropriately.
2) Most of the approaches used standard encryption methods
and tried to provide strong data privacy. However, use of In order to provide DWH security, the real goal is to protect
this type of encryption method makes them inefficient for data Security and to preserve an appropriate level of privacy
DWH use. Encryption algorithms like AES and 3DES requirements must be considered in all layers of the system
require large computational effort and have a huge impact involved. No efforts have been made until now to integrate
on performance. A technique is therefore needed that security into the complete DWH development cycle. Some
provides strong data privacy with less computational effort approaches consider security requirements in the early stages
and also maintains high performance, which is the basic of the DWH development life cycle. More efforts have been
requirement of DWH use. put in logical modelling of DWH security requirements, but
3) A method is also needed that specifically addresses the they have not provided any tool support for implementing the
DWH availability issue. It will improve existing data- modelled security requirements automatically in the target

ISSN: 1998-4308 94
 INTERNATIONAL JOURNAL OF COMPUTERS Volume 9, 2015

Table 1. Comparison of various DWH security approaches

Approaches Scope Underlying Applicability Advantages Limitations

Methodology

Confidentiality-Based Approaches
[7] ETL process Role-based Administrative Simpler implementation Limited scope
authorization process for DWH
[8] Security policy Based on database Requirements Policies identified earlier Limited scope
identification security model engineering

Integrity-Based Approaches
[12][14][15][16] Query-based Restriction-based OLAP queries Simpler Limited to two dimensions &
[17][18][19][20] may contain meaningless
blocks that are not useful for
users
[21] Access & inference Cardinality & lattice- Maintenance of Three-tier based Depends on previously
control based inference DWH architecture, improved computed aggregated queries
methods query response time & limits analytical processing

[23] Semi-automatic UML modelling Design of DWH Independent of data Limited scope
detection of domain
inference
[24][25][26][27] Access & audit Data classification DWH modelling Independent of target Limited to design of DWH
control based platform

[28] Inference control Perturbation and Maintenance of Independent of user Delayed query response time
encryption of data DWH source code change

[31] Inference control Data masking Maintenance of Improved query response Limited to numeric values
DWH time

Availability-Based Approaches
[34][35][36][37] Data replication & RAID architecture Maintenance of Downtime can be avoided Requires more resources &
mirroring DWH limited scope
[38][39][40] Data recovery Hamming codes Maintenance of Downtime can be avoided Complex computations
DWH

DWH system. A holistic approach of security throughout the REFERENCES

software life cycle [47], may also benefit from a neuro-fuzzy [1] H. Inmon, “Building the Data Warehouse”, 3rd ed., John Wiley, USA,
framework [48]-[54] - like it has been applied to other 2002.
application domains [55]. [2] N. Yuhanna, “Your enterprise database security strategy”, Forrester
Research, 2010.
[3] C. Farkas, and S. Jajodia, “The inference problem: a survey”, ACM
SIGKDD Explorations Newsletter, Vol. 4, Issue 2, pp. 6-11, December
IV. CONCLUSION 2002.
This study has provided a literature review of existing DWH [4] P. Devbandu, and S. Stubblebine, “Software engineering for security: a
road map”, Proceedings of Conference on the Future of Software
security solutions, discussing their issues and their impact on Engineering, pp. 227-239, 2000.
DWH scalability and performance requirements. It has become [5] N. Kaite, M. Stolba and A.Y. Tjoa, “A prototype model for Data
apparent that the proposed solutions are infeasible or Warehouse security based on metadata”, International Conference of
inefficient for use in DWH environments. A DWH requires Database and Expert Systems, Vienna, pp. 300-308, 1998.
[6] E.R. Weippl, “Security in Data Warehouses, Data Warehousing design
specific functionality with tight scalability and performance
and advanced engineering applications: Methods for complex
requirements. A complete solution is therefore needed that construction”, L. Bellatreche (Ed.), Chp 15, pp. 272-27, Hershey, PA:
makes it possible to address these directives. DWH security is Information Science Reference, 2010.
an active research relevance to any industrial project. Further [7] V. Doshi, S. Jajoda, and A. Rosenthal, “A programmatic approach to
research in DWH security is needed to address the issues access control in the Data Warehouse”, personal notes, 1999.
[8] T. Priebe, and G.Pernul, “Towards OLAP security design: Survey and
discussed above because many more aspects remain to be research issues”, Proc. 3rd ACM International Workshop on Data
considered, and there many open questions to be answered. Warehousing and OLAP, pp. 33-40, 2000.

ISSN: 1998-4308 95
 INTERNATIONAL JOURNAL OF COMPUTERS Volume 9, 2015

[9] S. Castano, M.G. Fugini, G. Manella and P. Samarati, “Database [35] IBM Corporation, “Understanding RAID level 6”, IBM Systems
Security”, 1994. Software Information Center, 2007.
[10] A. Shoshani, “OLAP and statistical databases: Similarities and [36] Oracle Corporation, “Oracle Real Application Clusters (RAC)”,
differences”, Proceedings of the 16th ACM SIGACT-SIGMOD-SIGART www.oracle.com/us/products/database/options/real-
Symposium on Principles of Database Systems, pp. 185-196, Tucson, applicationclusters/index.htm, 2010.
AZ, 1997. [37] AsterData Systems, “Aster Data nCluster: always on, for 24x7 Big Data
[11] N. M. Adam and J. C. Wortmann, “Security-Control methods for analytics”, http://www.asterdata.com/product/alwayson.php, 2010.
statistical databases: a Comparative Study”, ACM Computing Surveys, [38] V. Prabhakaran, L.N. Bairavasundaram, N. Agrawal, H.S. Gunawi, A.C.
Vol. 21, Issue 4, pp. 515–556, 1989. Arpaci-Dusseau and R.H. Arpaci-Dusseau, “IRON file systems”,
[12] D.E. Denning and J. Schlorer, “Inference controls for statistical International Symposis on Operating System Principles, pp. 206-220,
databases”, IEEE Computer, Vol. 16, Issue 7, pp. 69–82, 1983. Brighton, UK, 2005.
[13] L. Willenborg, and T. DeWalal, “Statistical disclosure control in [39] K. Vijayasankar, G. Sivathanu, S. Swaminathan and E. Zadok,
practice”, Springer, 1996. “Exploiting type-awareness in a self-recovery disk”, Proceedings of
[14] D. Dobkin, A.K. Jones and R.J. Lipton, “Secure databases: Protection Workshop on Storage Security and Surveillance, VA, USA, pp. 25-30,
against user influence”, ACM Transactions on Database Systems, Vol. 2007.
4, Issue 1, pp. 97–106, 1979. [40] M.A. Marsh and F.B. Schneider, “CODEX: a robust and secure secret
[15] F. H. Chin and G. Ozsoyoglu, “Auditing and inference control in distribution system”, IEEE Transactions on Dependable and Secure
statistical databases”, IEEE Transactions on Software Engineering, Computing, Vol. 1, Issue 1, pp. 34-47, 2004.
Vol. 8, Issue 6, pp. 574–582, 1982. [41] P. Bohannon, R. Rastogi, S. Seshadri, A. Silberschatz and S. Sudarshan,
[16] L. H. Cox, “On properties of Multi-dimensional statistical tables”, “Detection and recovery techniques for database corruption”, IEEE
Journal of Statistical Planning and Inference, Vol. 117, Issue 2, pp. Trans. on Knowledge and Data Engineering, Vol. 15, Issue 5, pp.
251–273, 2003. 1120-1136, 2003.
[17] D.E. Denning, “Cryptography and data security”, Addison-Wesley, [42] A. Chakraborty, A.K. Majumdar and S. Sural, “A column dependency-
Reading, Massachusetts, 1982. based approach for static and dynamic recovery of databases from
[18] F. H. Chin and G. Ozsoyoglu, “Statistical database design”, ACM malicious transactions”, Int. Jorn. of Information Security, Vol. 9 , Issue
Transactions on Database Systems, Vol. 6, Issue 1, pp. 113–139, 1981. 1, pp. 51-67, 2010.
[19] C.T. Yu. and F.Y. Chin, “A study on the protection of statistical data- [43] T. Chiueh, and D. Pilania, “Design, implementation, and evaluation on
bases”, Proceedings of ACM SIGMOD International Conference on a repairable database management system”, Proceedings of 20th Annual
Management of Data, pp. 169–181, 1977. Computer Security Applications Conference, pp. 179-188, 2004.
[20] J.M. Mateo-Sanz, J.M. and J. Domingo-Ferrer, “A method for data- [44] P. Liu and J. Jing, “Architectures for self-healing databases under cyber-
oriented multivariate micro aggregation”, Proceeding of Conference on Attacks”, International. Journal of Computer Science and Network
Statistical Data Protection, pp. 89–99, 1998. Security, Vol. 6, Issue 1B, pp. 204-215, 2006.
[21] L. Wang and S. Jajodia, “Security in Data Warehouses and OLAP [45] P. Luenam, and P. Liu, “ODAM: An on-the-fly damage assessment and
systems”, in Handbook of Database Security, Springer, pp. 191-212, repair system for commercial database applications”, Proceedings of
2008. International Conference on DataBase Security (DBSec), pages 10,
[22] D. Dobkin, A.K. Jones and R.J. Lipton, “Secure databases: Protection 2001.
against user influence”, ACM Transactions on Database Systems, Vol. [46] M. Darwish, A. Ouda and L.F. Capretz, “Cloud-based DDoS attacks
4, Issue 1, pp. 97–106, 1979. and defenses”, IEEE International Conference on Information Society
[23] S. Triki, H. Ben-Abdallah, N. Harbi, and O. Boussaid, “Securing the Toronto, Canada, pp. 67-71, June 2013.
Data Warehouse: a semi-automatic approach for inference prevention at [47] L.F. Capretz and P.A. Lee, “Reusability and life cycle issues within an
the design level”, Model and Data Engineering Lecture Notes in Object-Oriented design methodology” (refereed). Ege R., Singh M. and
Computer Science, Vol. 6918, pp. 71-84, Springer, 2011. Meyer B. (editors), in book: Technology of Object-Oriented Languages
[24] E. Fernandez-Medina, J. Trujillo, R. Villarroel M. Piattini., “Access and Systems, pp. 139-150, 1992.
control and audit model for the multidimensional modeling of data [48] F. Ahmed, L.F. Capretz and S. Sheikh, “Institutionalization of software
warehouses”, Decision Support Systems, Vol. 42, pp. 1270-1289, 2006. product line: An empirical investigation of key organizational factors”,
[25] S. Lujan-Mora, S, J. Trujillo and I.Y. Song, “A UML profile for Journal of Systems and Software, Vol. 80, Number 6, pp. 836-849, June
multidimensional modeling in Data Warehouses”, Data & Knowledge 2007.
Engineering, Vol. 59, Issue 3, pp. 725–769, Science Direct, 2006. [49] F. Ahmed and L.F. Capretz, “An architecture process maturity model of
[26] E. Fernandez-Medina, J. Trujillo, P. Villarroel and M. Piattini, software product line engineering”, Innovations in Systems and
“Extending UML for designing a secure data warehouse, conceptual Software Engineering: A NASA Journal, Vol. 7, Issue 3, pp. 191-207,
modeling”, Lecture Notes in Computer Science, Vol. 3288, pp. 217- September 2011.
230, 2006. [50] A.B Nassif, L.F. Capretz and D. Ho, “Estimating software effort based
[27] E. Fernandez-Medina, E., J. Trujillo and R. Villarroel, “Developing on use case point model using Sugeno fuzzy inference system”, 23rd
secure data warehouses with a UML extension”, Information Systems, IEEE International Conference on Tools with Artificial Intelligence,
Vol. 32, pp. 826-856, Science Direct, 2007. Boca Raton, FL, pp. 393-398, 2011.
[28] Oracle Corporation, “Oracle advanced security transparent data [51] A.B. Nassif, L.F. Capretz, D. Ho and M.A. Azzeh, “Treeboost model for
encryption best practices”, Oracle White Paper, July 2010. software effort estimation based on use case points”, 11th IEEE
[29] Oracle Corporation, “Security and the Data Warehouse”, Oracle White International Conference on Machine Learning and Applications, Boca
Paper, April 2005. Raton, FL, pp. 314-319, 2012.
[30] Oracle Corporation, “Data masking best practices”, Oracle White [52] A.B. Nassif, L.F. Capretz and D. Ho, “Enhancing use case points
Paper, July 2010. estimation method using soft computing techniques”, Journal of Global
[31] R. J. Santos, J. Bernardino and M. Vieira , “A Data masking technique Research in Computer Science, Vol. 1, No. 4, pp. 12-21, 2010.
for Data Warehouses”, Proceedings of the 15th Symposium on [53] L.F. Capretz and V.A. Marza, “Improving effort estimation by voting
International Database Engineering & Applications, pp. 61-69, 2011. software estimation models”, Journal of Advances in Software
[32] P. Samarati, “Protecting respondents’ identities in micro data release”, Engineering, Vol. 2009, pp. 1-8.
IEEE Transactions on Knowledge and Data Engineering, Vol. 13, Issue [54] F. Ahmed, L.F. Capretz and J. Samarabandu, “Fuzzy inference system
6, pp. 1010–1027, 2001. for software product family process evaluation”, Information Sciences,
[33] C. Yao, X. Wang and S. Jajodia, “Checking for K-anonymity violation Vol. 178, Issue 13, pp. 2780-2793, July 2008.
by views”, Proceedings of 31st Conference on Very Large Data Bases [55] L.Wang, S. Jajodia and D. Wijesekera, “Lattice-based inference control
(VLDB’05), pp. 910-921, 2005. in data cubes”, in book Preserving Privacy in On-Line Analytical
[34] IBM Corporation, “Understanding RAID level 5”, IBM Systems Processing (OLAP), Springer, pp. 119-145, 2007.
Software Information Center, 2007.

ISSN: 1998-4308 96
 INTERNATIONAL JOURNAL OF COMPUTERS Volume 9, 2015

Saiqa Aleem received her MS in Computer Science (2004) from University

of Central Punjab, Pakistan and MS in Information Technology (2013) from
UAEU, United Arab Emirates. Currently, she is pursuing her PhD. in
software engineering from University of Western Ontario, Canada. She had
many years of academic and industrial experience holding various technical
positions. She is Microsoft, CompTIA, and CISCO certified professional with
MCSE, MCDBA, A+ and CCNA certifications.

Dr. Luiz Fernando Capretz has vast experience in the software engineering
field as practitioner, manager and educator. Before joining the University of
Western Ontario (Canada), he worked at both technical and managerial levels,
taught and did research on the engineering of software in Brazil, Argentina,
England, Japan and the United Arab Emirates since 1981.
He is currently a professor of Software Engineering and Assistant Dean (IT
and e-Learning), and former Director of the Software Engineering Program at
Western. He was the Director of Informatics and Coordinator of the computer
science program in two universities in Brazil. He has published over 200
academic papers on software engineering in leading international journals and
conference proceedings, and co-authored two books: Object-Oriented
Software: Design an Maintenance published by World Scientific, and
Software Product Lines published by VDM-Verlag. His current research
interests are software engineering, human aspects of software engineering,
software analytics, and software engineering education.
Dr. Capretz received his Ph.D. from the University of Newcastle upon Tyne
(U.K.), M.Sc. from the National Institute for Space Research (INPE-Brazil),
and B.Sc. from UNICAMP (Brazil). He is a senior member of IEEE, a
distinguished member of the ACM, a MBTI Certified Practitioner, and a
Certified Professional Engineer in Canada (P.Eng.). He can be contacted at
[email protected]; further information can be found at:
http://www.eng.uwo.ca/people/lcapretz/

Dr. Faheem Ahmed received his MS (2004) and Ph.D. (2006) in Software
Engineering from the Western University, London, Canada. Currently he is
Associate Professor and Chair at Thompson Rivers University, Canada.
Ahmed had many years of industrial experience holding various technical
positions in software development organizations. During his professional
career he has been actively involved in the life cycle of software development
process including requirements management, system analysis and design,
software development, testing, delivery and maintenance. Ahmed has
authored and co-authored many peer-reviewed research articles in leading
journals and conference proceedings in the area of software engineering. He is
a senior member of IEEE.

ISSN: 1998-4308 97