(IJACSA) International Journal of Advanced Computer Science and Applications,

Vol. 15, No. 3, 2024

Enhancing Data Warehouses Security

Muhanad A. Alkhubouli, Hany M. Lala, AbdAllah A. AlHabshy, Kamal A. ElDahshan
Department of Mathematics, Faculty of Science, Al-Azhar University, Cairo, Egypt

Abstract—Data Warehouses (DWs) are essential for always benefit from the decoration that emphasizes security
enterprises, containing valuable business information and thus considerations. Because of this, it is crucial to assess the
becoming prime targets for internal and external attacks. Data security aspect of a data warehouse [5].
warehouses are crucial assets for organizations, serving critical
purposes in business and decision-making. They consolidate data The handling of the significant amount of data gathered
from diverse sources, making it easier for organizations to from the numerous daily transactions is the most crucial
analyze and derive insights from their data. However, as data is responsibility. Data warehouses have seen a growth in data
moved from one source to another, security issues arise. collecting volumes because of the organization’s processes
Unfortunately, current data security solutions often fail in DW becoming more computerized. As a result, more people are
environments due to resource-intensive processes, increased now accessing and utilizing the data [6].
query response times, and frequent false positive alarms. The
structure of the data warehouse is designed to facilitate efficient Data security encompasses concerns regarding the
analysis. Developing and deploying a data warehouse is a difficult confidentiality, integrity, and availability of data. These
process and its security is an even greater concern. This study concerns include ensuring privacy, maintaining accuracy,
provides a comprehensive review of existing data security validity, and consistency of data, and ensuring that data is
methods, emphasizing their implementation challenges in DW immediately accessible. Confidentiality is the act of
environments. Our analysis highlights the limitations of these safeguarding information from being disclosed without
solutions, particularly in meeting scalability and performance authorization, whether it is by direct access or indirect logical
needs. We conclude that current methods are impractical for DW deduction [7].
systems and support for a comprehensive solution tailored to
their specific requirements. Our findings underscore the ongoing The rest of this paper is organized as follows. Section II
significance of data warehouse security in industrial projects, introduces the technology of data warehousing. Section III
necessitating further research to address remaining challenges discusses the security approaches employed in data
and unanswered questions. warehousing. Section IV introduces the research challenges
and possibilities. Ultimately, Section V presents our
Keywords—Data warehouse; data security; encryption; conclusions.
security issues; data integrity; privacy; confidentiality
II. DATA WAREHOUSE TECHNOLOGY
I. INTRODUCTION
A. Fundamental Architecture of Data Warehouses
A data warehouse contains sensitive and confidential The foundational architecture of data warehouses typically
information. Since users’ access data in the data warehouse at follows a structured and layered approach, which includes the
many levels within the organization, protecting this following components [8]:
information is crucial. For each of their organizational
processes, all organizations collect data and input it into 1) Data sources: Data sources are the systems or
computer systems [1]. applications from which data is extracted and loaded into the
The concept of a data warehouse is rooted in storing data in data warehouse. These sources can include transactional
a structured manner for an extended time. This allows the data databases, operational systems, external data feeds,
to be archived and easily accessible for future use. The spreadsheets, or other data repositories. Data extraction
structure of the data warehouse is designed to facilitate techniques are employed to gather the required data and
efficient analysis. Data warehouses are among an prepare it for loading into the data warehouse.
organization's most important assets and are primarily 2) Data integration: Data integration involves the process
employed in crucial business and decision-making processes. of mixing data from various sources and transforming it into a
The data warehouse incorporates data from several sources. As unified and coherent format appropriate for analysis. This step
a result, security risks develop when moving data from one
includes tasks such as data cleaning, data normalization, data
location to another [2].
aggregation, and data enrichment. The transformed data is
Data warehouse security discusses the methods that may be then loaded into the data warehouse.
used to safeguard the data warehouse by preventing access to 3) Staging area: The staging area acts as an intermediary
information by unauthorized users to maintain the data storage space between the data sources and the data
warehouse's reliability [3]. The owner must encrypt critical warehouse. It holds the extracted and transformed data
data before outsourcing to guarantee its secrecy. Developing
temporarily before it is loaded into the main data warehouse.
and deploying a data warehouse is a difficult process and its
security is a major concern [4]. The organization does not The staging area allows for data validation, error handling,

574 | P a g e
www.ijacsa.thesai.org
 (IJACSA) International Journal of Advanced Computer Science and Applications,
Vol. 15, No. 3, 2024

and data quality checks before the data is moved into the warehouse. Data at rest can be protected using techniques such
production environment. as full-disk encryption, database-level encryption, or column-
4) Data warehouse: The data warehouse is the central level encryption. Encryption keys should be securely managed
repository where the integrated and processed data is stored. It and stored to prevent unauthorized access.
is designed to support efficient querying and analysis. The 3) Data masking and anonymization: Data masking and
data warehouse is typically optimized for read-intensive anonymization methodologies involve modifying or
operations and provides a consolidated view of the data from obfuscating sensitive data to protect its confidentiality.
multiple sources. It often employs a relational database Techniques like tokenization, pseudonymization, or data
management system (RDBMS) or a specialized data substitution can be used to replace sensitive information with
warehouse platform. fictitious values while preserving the format and structure of
5) Data marts: Data marts are subsets of the data the data. Data masking can be applied during data extraction
warehouse that are tailored to specific business functions or or as part of the data loading process into the data warehouse.
departments. Data marts contain a subset of the data relevant 4) Auditing and monitoring: Auditing and monitoring
to a particular area, such as sales, marketing, finance, or methodologies involve capturing and analyzing activities
operations. They are designed to provide focused and pre- within the data warehouse to detect and respond to security
aggregated data for faster and more targeted analysis. incidents. Robust logging mechanisms should be implemented
6) Metadata repository: The metadata repository stores to record user activities, system events, data changes, and
information about the structure, semantics, and lineage of the access attempts. Security Information and Event Management
data in the data warehouse. It includes metadata such as data (SIEM) systems can be employed to collect and analyze log
definitions, data mappings, data lineage, business rules, and data, generate alerts, and facilitate incident response.
data transformation rules. The metadata repository helps users 5) Data classification and Data Loss Prevention (DLP):
understand and interpret the data in the data warehouse, Data classification methodologies help identify and categorize
ensuring data consistency and facilitating data governance. sensitive or confidential data within the data warehouse. By
7) Business intelligence tools: Business intelligence (BI) classifying data based on its sensitivity, organizations can
tools are used to access, analyze, and visualize the data stored apply appropriate security controls and data protection
in the data warehouse. These tools provide end-users with the measures. Data Loss Prevention (DLP) technologies can be
ability to create reports, dashboards, and perform ad-hoc used to monitor and prevent unauthorized data exfiltration or
queries to gain insights from the data. BI tools often offer leakage by applying policies and rules to sensitive data.
features like data visualization, data mining, and advanced 6) Vulnerability management: Vulnerability management
analytics to support decision-making processes. The methodologies involve regularly scanning the data warehouse
foundational architecture of data warehouses provides a infrastructure, databases, and applications for known
structured framework for storing, integrating, and analyzing vulnerabilities. Vulnerability assessment tools can identify
large volumes of data. It enables organizations to consolidate security weaknesses and misconfigurations that could be
and transform data from multiple sources into a unified and exploited by attackers. Patch management processes should be
consistent format, making it easier to extract meaningful implemented to promptly apply security patches and updates
insights and support data-driven decision-making. to mitigate identified vulnerabilities.
7) Disaster recovery: Incident response and disaster
B. Security Methodologies
recovery methodologies focus on preparedness and response
Securing data warehouses typically involves a combination to security incidents or catastrophic events. Incident response
of methodologies and best practices. Here are several
plans should be established, outlining the steps to be taken in
commonly employed methodologies [9], [10], and [11]:
the event of a security breach. Disaster recovery strategies
1) Access control: Access control methodologies focus on should be in place to ensure timely recovery of the data
managing user access to the data warehouse. This includes warehouse in case of system failures, cyber-attacks, or natural
implementing strong authentication mechanisms, such as disasters.
multi-factor authentication, to verify the identity of users. 8) Data governance and training: Data governance
Role-based access control (RBAC) is often employed to methodologies establish policies, procedures, and guidelines
assign appropriate privileges and permissions based on user for managing and protecting data within the warehouse. This
roles and responsibilities. Access control lists (ACLs) and includes defining data ownership, accountability, and data
data-level security can be used to restrict access to specific lifecycle management practices. Regular training and
data objects or rows within the warehouse. awareness programs should be conducted to educate users and
2) Encryption: Encryption is a widely adopted stakeholders about data security best practices, policies, and
methodology for protecting data in transit and at rest within a their roles in maintaining data warehouse security. These
data warehouse. Transport Layer Security (TLS) or Secure methodologies, when implemented collectively, contribute to
Sockets Layer (SSL) protocols can be used to encrypt data the overall security of data warehouses. Organizations should
during transmission between components of the data adopt a layered approach, combining multiple security

575 | P a g e
www.ijacsa.thesai.org
 (IJACSA) International Journal of Advanced Computer Science and Applications,
Vol. 15, No. 3, 2024

methodologies, to create a robust security framework that media platforms are derived from the examination of
protects critical business information and ensures compliance extensive datasets. The system collects many types of data,
with relevant regulations. such as groups, likes, friends, and geographical mapping, and
saves it in a unified central repository. While several databases
Besides, the architecture impacts the following security keep this information separately, the most important and
aspects: meaningful data is saved in a centralized aggregated database
1) Network security: The architecture influences network [15].
security considerations, particularly in distributed data b) Construction (material-based industries): The
warehouse environments. It determines how data flows utilization of a data warehouse in the construction sector
between different components of the data warehouse, proves to be effective in facilitating decision-making
including data sources, staging area, data warehouse, and data processes. This strategy equips construction managers with
marts. Secure network architecture includes measures like comprehensive access to both internal and external data,
network segmentation, firewalls, encryption, and intrusion enabling them to assess and oversee construction performance.
detection systems to protect data during transmission and The implementation of data warehousing in the construction
prevent unauthorized access. industry demonstrates the ability of construction managers to
2) Scalability and performance: Architecture effectively assess the remaining stock, track inventory trends
considerations impact security implementations concerning associated with materials, and determine the quantity and cost
of each material. To ensure the proper allocation of resources,
scalability and performance. A scalable architecture can
it is important to consider the necessary services, maintenance,
handle increasing data volumes, user loads, and concurrent
and operation of the systems, as well as the allocation of
queries without compromising security. It should
financial budgets. Additionally, good management of long-
accommodate security measures without significantly
term investment plans and identification of potential hazards
impacting system performance, ensuring that security controls are crucial [16], [17].
do not hinder data warehouse operations.
c) Manufacturing industry: Data warehouse plays a
C. Applications of Data Warehouse in Real Life crucial part in the maintenance of household and industrial
The significance of a data warehouse is undeniable due to operations. The manufacturing industry encompasses activities
its numerous advantages. It eliminates the need for such as product and process design, scheduling, planning,
management choices to be based on limited and inaccurate production, maintenance, and substantial investments in
data, while also assisting firms in avoiding various issues. equipment, labor, and heavy machinery. The actions taken in
Therefore, it is imperative for any organization to have a data this situation will have significant impacts on both
warehouse. When discussing the importance of data profitability and long-term strategic considerations. Several
warehousing (DW), it is noted that certain application areas industries are seeking to transform themselves, and it is
require the presence and integration of data across the entire advisable for many of them to embrace data warehousing
organization. Additionally, the ability to make quick decisions (DW) technology instead of relying on traditional decision-
based on both real-time and historical data provides specialized making methods. By implementing a data warehouse,
information for loosely defined systems. organizations can collect, standardize, and store data from
1) Business: The primary motivations for implementing a different applications. This enables them to streamline
data warehouse in a firm are to enhance decision-making and processes and enhance efficiency, as analyzing data across
improve organizational performance [12]. The utilization of multiple applications can be a time-consuming task. During
data warehouses in various applications is influenced by the this phase, manufacturing and construction companies
frequently employ transaction processing systems that are
importance of business. All other non-governmental and
regularly updated to facilitate their ordinary business
partially non-governmental organizations fall under its
operations [18].
authority. A data warehouse employs a unified repository to
conveniently store data that is retrieved from various d) Banking: The banking industry is classified as one of
the most information-intensive sectors in the business world.
databases [13]. This data repository offers forecasting services
The relevance of business intelligence (BI) in banking
that assist business professionals and managers. This
operations has significantly increased due to advancements in
comprehensive process is utilized to facilitate the
the information technology industry [19]. The rapid pace of
identification of business requirements and the formulation of corporate growth and intensifying competition has
a business strategy [14]. The impact of several disciplines on underscored the critical importance of banking intelligence.
data warehousing in business, ranging from significant to Bank intelligence refers to the capacity to collect, oversee, and
trivial, is examined. scrutinize a substantial volume of data pertaining to bank
a) Social media websites: Social media serves as a clientele, products, operations, services, suppliers, partners,
prime illustration of data warehousing. The social media and transactions. As the volume of data grows, the process of
industry is growing, and as a result, there is a growing demand collecting, managing, and converting it into valuable insights
to deploy data warehousing in this sector. Several becomes increasingly challenging. Data warehousing (DW)
characteristics seen on Facebook, Twitter, and other social offers a solution to this challenge. Several data warehouse

576 | P a g e
www.ijacsa.thesai.org
 (IJACSA) International Journal of Advanced Computer Science and Applications,
Vol. 15, No. 3, 2024

variants are specifically tailored to cater to the needs of the for a specific treatment. This information is then used for
banking industry [20]. scheduling treatments and providing support to medical
e) Education: Data warehousing (DW) is gaining personnel in the field of human resources [24].
increasing popularity in the realm of education. The utilization b) Fraud and threat detection: Governments are
of Data Warehousing (DW) in the educational sector offers actively engaged in detecting and mitigating threats and
numerous advantages in facilitating informed decision-making fraudulent activities perpetrated by individuals with malicious
and timely data evaluation, which are the primary objectives intentions. Regrettably, there is a scarcity of available known
of the DW process. DW offers a comprehensive and unified implementations of data warehouses. Government entities
perspective of an institute. Most of the relevant departments have access to data warehouses; nevertheless, they require a
utilize a data warehouse as a primary source of information comprehensive data warehouse system that is interconnected
regarding teachers and students. DW facilitates expedient to all areas to effectively monitor threats and terrorists [23].
access to students' results and notes from a web-based
database via a student portal. Additionally, it aids in decision- III. SECURITY APPROACHES FOR DWH
making by offering both current and historical information A data warehouse is a crucial component of an
pertaining to the institute [21]. organization, providing users with the ability to access
f) Finance: The progress of technology, particularly in comprehensive information about the whole business process.
the IT industry, has introduced innovative approaches to As stated in reference [25], ensuring security is a crucial
managing financial processes in business. The government necessity in all stages of data warehouse construction,
and business sectors play equally significant roles in the field including requirements, implementation, and maintenance. The
security measures implemented for online transactional
of finance. Financial systems encompass many institutions
processing (OLTP) systems are not suitable for data
such as banks, post offices, insurance firms, income tax
warehouses [26]. In OLTP, security controls are applied at the
departments, and other tax agencies. The use of a data level of rows, columns, or tables. However, data warehouses
warehouse in the financial industry offers numerous require access by varying numbers of users for different
advantages, such as enhancing transparency in account content due to their multidimensional nature, which is a
opening and transactions. Likewise, the government has the fundamental principle of a data warehouse. Prior to loading the
authority to make decisions to address any financial crises. data into the data warehouse, the processes of data extraction,
These systems possess sufficient intelligence to detect transformation, cleansing, and preparation have all been
individuals who have failed to meet their obligations and may completed. Security considerations must be considered at every
respond accordingly based on the circumstances. Efficient level of a data warehouse system. Furthermore, it is imperative
decision-making can be easily achieved in this case due to the to address the security of the underlying operating system and
maintenance of data warehousing [22]. network to maintain data warehouse security [27]. The data
2) Government: The government can employ data warehouse literature has presented several security solutions,
warehousing techniques in various sectors, such as looking for which can be classed based on how they meet fundamental
security concerns, including Confidentiality, Integrity, and
terrorist profiles and conducting threat assessments, improving Availability.
agricultural practices, enhancing educational systems,
optimizing financial operations, streamlining medical A. DWH Security Approaches for Confidentiality Issues
departments, and detecting fraudulent activities. The The emphasis of confidentiality is on preventing
telecommunication and banking industries are plagued by information from being improperly discovered, either directly
numerous difficulties pertaining to user fraud [23]. or through logical inference [28]. Numerous access control-
a) Medical: The medical sector is currently leading in the related strategies have been put out to resolve concerns about
implementation of data warehousing technology. The data warehouse confidentiality. The administration and
invocation of the source databases and the data warehouse are
importance of data quality and the need for high-quality
both under the supervision of access-control mechanisms. In a
medical services has significantly increased in the field of data warehouse setting, authentication and auditing systems are
health care. The complexity and diversity of medical and likewise categorized as access control and need to be set up. In
clinical data resulted in a slower adoption of data warehouses [29], the author introduced a role-based authorization model
in the healthcare industry compared to other sectors. In recent and distinguished between two types of roles: the operations
years, there has been a significant increase in the utilization of role, which initiates the associated procedures, and the
data warehouses in both administrative and clinical domains. developer role, which oversees extracting, integrating, and
Data warehouses have the potential to enhance the quality of transforming data scripts. These positions just need to execute
care provided to individual patients. These healthcare trustworthy procedures; they do not require direct access to
organizations are implementing data warehousing as a tool to data. Permissions to access data are assigned based on roles.
help strategic decision-making. It offers the means to obtain Additional rights may be issued as needed to access more data
medical data, extract pertinent information from that data, and in the event of failures or issues, but audits must keep an eye
disseminate this knowledge to all relevant individuals. The on these permissions. Traditionally, high-level users like
administrative data stored in a data warehouse can be utilized business analysts and upper management have had access to
to obtain information regarding the required competent staff data warehouses. As a result, serious problems with access
control also surface at the data warehouse's front end. Since it

577 | P a g e
www.ijacsa.thesai.org
 (IJACSA) International Journal of Advanced Computer Science and Applications,
Vol. 15, No. 3, 2024

impedes the discovery of analytical information, the majority of OLAP. To address these limitations, the study has
of data warehouse or OLAP suppliers believe that fine-grained established a three-tier framework to facilitate access control
access-control functionality for a data warehouse front end is between the first and second layers, as well as inference
unnecessary. This assumption is incorrect, though, as many control between the second and third tiers. The suggested
users have access to analytical tools that allow them to query
design mitigates superfluous delays caused by inference
the data warehouse. Applications for front-end data
warehouses can offer both dynamic and static reporting. checking through various means. Implementing these
Because access control may be specified report-by-report, it is techniques can decrease the size of the inputs to inference
not problematic to impose it on static reports. It is challenging control systems, hence reducing complexity.
to implement suitable access-control measures for dynamic 3) Modeling-based approaches to DWH security: In their
reporting, such as data-mining queries. This brings up the issue publication [37], the author introduced a conceptual-level
of data inference; for instance, a person could be able to access Access and Audit Control (ACA) model for data-warehouse
specific information through an aggregated query even when modeling. This model is founded on data classification. The
they are not permitted to do so [30]. document outlined three security regulations: permission
B. DWH Security Approaches for Integrity regulations for people and objects, assignment regulations for
Integrity refers to safeguarding data from unauthorized or sensitive information that establish multilevel security
malevolent modifications, including the insertion, infection, or procedures, and audit regulations that examine user actions at
deletion of false data [31]. One drawback of access-control all stages and points at the conceptual level. The ACA model
techniques is that, in the event of an aggregated OLAP query, is incorporated in multi-dimensional modeling to enhance
they are unable to capture conclusions about the data. Data UML skills in the design of secure data warehouse systems.
inferences result in integrity problems. Inference-control 4) Data masking and perturbation-based security
techniques have been researched in statistics and census approaches: In their publication [38], the author introduced a
databases for over thirty years [32], [33], and [34]. The data-masking technique specifically designed for data
suggested methods fall into two categories: perturbation-based warehouses that exclusively contain numerical values. The
and restriction-based methods. To stop malicious inference,
proposed methodology relied on mathematical modulus
restriction-based inference control systems merely refuse
unsafe queries. Perturbation approaches can dynamically apply operators, including division, remainder, and two basic
data modification to each query in addition to adding noise, arithmetic operations. These operators can be implemented
swapping, or altering the original data. The methods put out to without modifying the source code of the database
address the integrity problem can be further categorized as management system (DBMS) or user applications. According
outlined below. to their assertion, the suggested formula necessitated minimal
computational resources. Consequently, the additional time
1) Restriction-based approaches: The greatest number of
required for query response was insignificant, while
values aggregated by distinct questions, the minimum number
maintaining an adequate level of security.
of values aggregated by a query, and the highest rank of the
matrix expressing answered queries are used in restriction- C. DWH Security Approaches for Availability Issues
based inference-control techniques to establish the safety of a Ensuring the availability of data is crucial in every data
query. Sensitive data can also be protected by partitioning and warehouse system. This entails the retrieval of data that has
cell suppression. Cells with low COUNT values can have been affected by immediate corruption. Data replication is
suppression applied to them to identify inference in the data. implemented to facilitate the restoration of corrupted data using
Techniques based on linear programming can be used to various suggested methods. By using this approach, it is
eliminate inferences. This kind of detection technique only possible to prevent database downtime caused by maintenance
interventions and distribute query-processing efforts to prevent
functions with two-dimensional tables; three- or higher-
data-access hot spots. Familiar RAID architectures can be
dimensional tables are not compatible with it [35]. employed to mirror data [39], [40] in systems where
2) Combined access-and inference-control approaches: centralized servers house the database. Nevertheless,
To effectively eliminate security risks, the combination of corporations have started deploying their data warehouses on
access control and inference control can offer a robust inexpensive processors to achieve cost efficiency. RAID
solution. Preserving the security of data warehouse and OLAP technology is unsuitable for this situation due to the presence
systems should not compromise their functionality. The author of only one disk drive, which is normally the case.
in [36] suggested three-tier security architecture for a data
IV. RESEARCH CHALLENGES AND OPPORTUNITIES
warehouse. Statistical databases typically consist of two tiers:
sensitive data and aggregate queries. The two-tier design While typical encryption methods can offer robust data
mentioned above has certain inherent limitations. One privacy and are present in today's main DBMS, their influence
problem is that doing inference checking during run-time on database speed renders their use in data warehouses
impractical. As previously demonstrated, the computational
query processing might lead to undesirable delays.
overhead incurred by methods such as AES and 3DES
Additionally, under this architecture, inference-control significantly affects performance. Options that can provide a
techniques are unable to take advantage of the unique features high degree of privacy while reducing the overhead in query

578 | P a g e
www.ijacsa.thesai.org
 (IJACSA) International Journal of Advanced Computer Science and Applications,
Vol. 15, No. 3, 2024

response time are required. Given bitwise operations' [13] Dinesh, L. and K.G. Devi, An efficient hybrid optimization of ETL
simplicity and speed, bit-based encryption algorithms might process in data warehouse of cloud architecture. Journal of Cloud
Computing, 2024. 13(1): p. 12.
offer a means of achieving novel, workable solutions.
[14] Joseph, M.V., Significance of Data Warehousing and Data Mining in
Naturally, the degree of privacy will decrease if the encryption Business Applications. International Journal of Soft Computing and
procedure is simplified to increase database speed. It is Engineering, 2013. 3(1): p. 2231-2307.
necessary to create a tradeoff compromise that minimizes the [15] Thusoo, A., et al. Data warehousing and analytics infrastructure at face. .
impact on performance while maintaining the desired level of in Proceedings of the 2010 ACM SIGMOD International Conference on
privacy. A further option would be the creation of query Management of data (SIGMOD '10). 2010. . New York, NY, USA:
engines that could handle queries on encrypted data directly, Association for Computing Machinery.
i.e., without the need to first decrypt the data[41]. [16] R. Chowdhury, et al., Implementation of Central Dogma Based
Cryptographic Algorithm in Data Warehouse Architecture for
V. CONCLUSION Performance Enhancement. International Journal of Advanced Computer
Science and Applications, 2015. 6.
This study has conducted a comprehensive analysis of the [17] Park, T. and H. Kim, A data warehouse-based decision support system
security solutions available for data warehouses, examining for sewer infrastructure management. Automation in Construction 2013.
their limitations and the effects they have on the scalability and 30: p. 37–49.
performance needs of these warehouses. The suggested [18] Sarda, N.L. Temporal issues in data warehouse systems. in Proceedings
methods are impractical or ineffective for implementation in 1999 International Symposium on Database Applications in Non-
Traditional Environments (DANTE'99). 1999. Japan.
data warehouse systems. A data warehouse necessitates
[19] Bany Mohammed, A., et al., Towards an understanding of business
specific capabilities that must adhere to strict scalability and intelligence and analytics usage: Evidence from the banking industry.
performance criteria. Hence, a comprehensive solution is International Journal of Information Management Data Insights, 2024.
required to effectively tackle these directives. Data warehouse 4(1): p. 100215.
security is a pertinent area of ongoing research that holds [20] Sarkar, A., Data Warehouse Requirements Analysis Framework:
significance for all industrial projects. Additional investigation Business-Object Based Approach. International Journal of Advanced
into data warehouse security is necessary to tackle the Computer Science and Applications, 2012. 3.
difficulties, as there are other variables that still need to be [21] Goyal, M. and R. Vohra, Applications of data mining in higher
education. International Journal of Computer Science Issues (IJCSI),
considered and some unanswered questions. 2012. 9(2).
REFERENCES [22] Chau, K.W., et al., Application of data warehouse and Decision Support
System in construction management. Automation in construction, 2003.
[1] Keshta, I. and A. Odeh., Security and privacy of electronic health 12(2): p. 213–224.
records: Concerns and challenges. Egyptian Informative Journal, 2021. [23] Bilal, M., et al., Application of Data Warehouse in Real Life: State-of-
22(2): p. 177–183. the-art Survey from User Preferences’ Perspective. International Journal
[2] Wixom, B.H. and H.J. Watson., An Empirical Investigation of the of Advanced Computer Science and Applications, 2016. 7.
Factors Affecting Data Warehousing Success,. MIS quarterly, 2001. 25: [24] Stolba, N. and A.M. Tjoa, The relevance of data warehousing and data
p. 17-41. mining in the field of evidence-based medicine to support healthcare
[3] Santos, R.J., J. Bernardino, and M. Vieira, A survey on data security in decision making. International Journal of Computer Systems Science
data warehousing: Issues, challenges and opportunities. 2011 IEEE and Engineering, 2006. 3.
EUROCON - International Conference on Computer as a Tool,, 2011: p. [25] Devanbu, P.T. and S. Stubblebine. Software engineering for security: a
1-4. roadmap. In Proceedings of the Conference on The Future of Software
[4] Lincke, S., Attending to Information Privacy, in Information Security Engineering (ICSE '00). in Association for Computing Machinery. 2000.
Planning: A Practical Approach. 2024, Springer. p. 185-200. [26] Hoi, L.M., W. Ke, and S.K. Im, Manipulating Data Lakes Intelligently
[5] Samarati, P. and S.D.C.d. Vimercati. Data protection in outsourcing With Java Annotations. IEEE Access, 2024. 12: p. 34903-34917.
scenarios. in Proceedings of the 5th ACM Symposium on Information, [27] Bellatreche, L., ed., Security in Data Warehouses, Data Warehousing
Computer and Communications Security - ASPICS ’2010. Design and Advanced Engineering Applications: Methods for Complex
[6] Dash, S., et al., Big data in healthcare: management, analysis and future Construction. 2010: IGI Global.
prospects. Journal of Big Data, 2019. 6. [28] Farkas, C. and S. Jajodia, The inference problem: a survey. ACM
[7] Santos, R.J., J. Bernardino, and M. Vieira, A survey on data security in SIGKDD Explorations Newsletter 2002. 4(2): p. 6-11.
data warehousing: Issues, challenges and opportunities. 2011 IEEE [29] Doshi, V., S. Jajoda, and A. Rosenthal, A programmatic approach to
EUROCON - International Conference on Computer as a Tool,, Apr. access control in the Data Warehouse. Personal notes, 1999.
2011.
[30] Aleem, S., Luiz Fernando Capretz and F. Ahmed, Data security
[8] Ariyachandra, T. and H. Watson, Key organizational factors in data approaches and solutions for data warehouse. International Journal of
warehouse architecture selection. Decision Support Systems, 2010. 49. Computers, 2015. 9: p. 91-97.
[9] Santos, R.J., J. Bernardino, and M. Vieira. A data masking technique for [31] Georgiev, A. and V. Valkanov, Custom data quality mechanism in Data
data warehouses. In Proceedings of the 1st Symposium on International Warehouse facilitated by data integrity checks. Mathematics and
Database Engineering & Applications (IDEAS '11). in Association for Education in Mathematics, 2024. 53: p. 67-75.
Computing Machinery. 2011. New York, NY, USA.
[32] Adam, N.R. and J.C. Worthmann, Security-control methods for
[10] Santos, R.J., et al. A Specific Encryption Solution for Data Warehouses. statistical databases: a comparative study. ACM Computing Surveys
in Database Systems for Advanced Applications: 18th International (CSUR), 1989. 21(4): p. 515–556.
Conference, DASFAA 2013. 2013. China: Springer
[33] Denning, D.E. and J. Schlorer, Inference Controls for Statistical
[11] Fernández-Medina, E., R.V. J. Trujillo, and M. Piattini, Access control Databases. Computer, 1983. 16(7): p. 69–82.
and audit model for the multidimensional modeling of data warehouses.
Decision Support Systems, 2006. 42(3): p. 1270–1289. [34] Willenborg, L. and T.D. Waal., Statistical disclosure control in practice
Springer Science & Business Media, T1996. 111.
[12] Watson, H.J., D.L. Goodhue, and B.H. Wixom, The benefits of data
warehousing: why some organizations realize exceptional payoffs. [35] Cox, L.H., On properties of multi-dimensional statistical tables. Journal
Information & Management, 2002. 39(6): p. 491-502. of Statistical Planning and Inference, 2003. 117(2): p. 251–273.

579 | P a g e
www.ijacsa.thesai.org
 (IJACSA) International Journal of Advanced Computer Science and Applications,
Vol. 15, No. 3, 2024

[36] Jajodia, L.W.a.S., Security in Data Warehouses and OLAP systems. [39] Wu, X., et al. RAID-Aware SSD: Improving the Write Performance and
Handbook of Database Security: Applications and Trends 2008: p. 191- Lifespan of SSD in SSD-Based RAID-5 System. in IEEE Fourth
212. International Conference on Big Data and Cloud Computing. 2014.
[37] Fernández-Medina, E., et al., Access control and audit model for the Australia.
multidimensional modeling of data warehouses. Decision Support [40] Liu, W., et al. Understanding the SWD-based RAID System. in
Systems, 2006 42(3): p. 1270-1289. International Conference on Cloud Computing and Big Data. 2014.
[38] Santos, R.V., J. Bernardino, and M. Vieira. A data masking technique China.
for data warehouses. in Proceedings of the 15th Symposium on [41] Santos, R.J., J. Bernardino, and M. Vieira, A survey on data security in
International Database Engineering & Applications. 2011. data warehousing: Issues, challenges and opportunities. 2011 IEEE
EUROCON - International Conference on Computer as a Tool, 2011.

580 | P a g e
www.ijacsa.thesai.org