Fig 6
Source publication
Data warehouse (DW) systems integrate data from heterogeneous sources and are used by decision makers to analyze the status and the development of an organization. Traditionally, requirement analysis approaches for DWs have focused purely on information needs of decision makers, without considering other kinds of requirements such as security or pe...
Contexts in source publication
Context 1
... the secure use of medication norms" and "impose maximum level of restriction to the sales prescription"). The security manager depends on the marketing manager to achieve the mentioned softgoals (see Figure 6). Sales Prescription is asso- ciated with the softgoal "impose maximum level of restriction to the sales prescription", which have TopSecret as SLevel. ...
Context 2
... to the fact that Sales Prescription and Prescription allow future refinements of the model, additional restrictions are needed. Figure 6 shows how the SConstraint SRule contributes to fulfil the three softgoals previously obtained, so it is associated with the business process Sales Prescription. The same reasoning assures that the context Prescription will be related to a SConstraint Audit. ...
Similar publications
During the last few years, several frameworks have dealt with Data Warehousing (DW) design issues. Most of these frameworks provide partial answers that focus either on multidimensional (MD) modelling or on Extraction-Transformation-Loading (ETL) modelling. Yet, neither the study of unifying both modelling issues nor their automation have been cons...
Requirement analysis approaches for data warehouse (DW) systems are only focused on information needs of decision makers, without considering other kind of requirement such as security or performance. However, modeling these issues in the early stages of the development is a cornerstone for building a DW that satisfies user expectations. In this pa...
Citations
... Furthermore, the security of ETL processes should be considered at an early stage of its whole development process in order to anticipate possible security problems that can occur and make appropriate decisions. Many research studies, such as Soler et al. (2008a), Rosenthal and Sciore (2000), Kimball and Merz (2000), Villarroel et al. (2006) and Soler et al. (2008a), focused on the security requirements in the context of decisional system. Most of these researches proposed pertinent solutions without taking into account security in ETL processes despite its utility. ...
... Furthermore, the security of ETL processes should be considered at an early stage of its whole development process in order to anticipate possible security problems that can occur and make appropriate decisions. Many research studies, such as Soler et al. (2008a), Rosenthal and Sciore (2000), Kimball and Merz (2000), Villarroel et al. (2006) and Soler et al. (2008a), focused on the security requirements in the context of decisional system. Most of these researches proposed pertinent solutions without taking into account security in ETL processes despite its utility. ...
... Further, this approach creates a business value by enhancing the business process. In [16] requirements analysis for DW were described that considers both information and quality-of-service requirements which is based on Model Driven Architecture. The advantage of this approach was a clear separation of concerns to model requirements without losing the connection between information and quality-of-service requirements. ...
... The collected requirements are used for the design and development of the system. Several authors [5,9,11,12,14,16,18,30] reported requirements engineering methodologies for BI projects, which are primarily focused on DW and DM aspects. The available BI requirement approaches are broadly classified into various categories such as data mining [1], use cases [3,31], model driven [32], data driven [5,42], Goal oriented [12,33,34,43], and business process oriented [35,36,37]. ...
Background: Requirement elicitation is the first step for any project. The available BI requirement elicitation approaches are focused more towards: the top pyramid of the management, less focus on the business aspect of an organization, historical in nature, emphasis on data mining and data warehousing aspects, no clear separation between requirements, and lack of proper linkage between the requirements. The demand of BI shifts towards the operational front for last couple of years. The use of Operational BI is gaining more popularity among industry and business communities because of increased demand of real time BI. It provides a powerful analysis of both operational and business information in current time for all levels of the users in the organization.
Objective: In the modern business environment, the business operates on networks that demands multi-level decision-making capabilities as compared to the traditional business approaches. Operational BI is one of the business information systems that support the modern business environment and provides timely decision-making information to all the users in the organization. The requirement elicitation methodology for Operational BI system is found open for research. A new approach for requirement elicitation for an Operational BI system is presented in this paper, which highly suits to the organizations in the modern business environment.
Methods: A top down technique is employed in the proposed requirements methodology that focuses on the business context of an organization. The proposed requirement elicitation approach is highly suited for the organizations that operate in the modern business environment. This approach overcomes several limitations in the existing BI requirement approaches. A case study is presented to support the proposed requirement elicitation approach for OBI system.
Conclusion: This approach has several advantages like fast development, clear definition, classification of various types of requirements and proper linkage between the requirements without any loss or missing of gathering requirements. Finally, it is to conclude that the proposed approach acts as a one-pot synthesis of requirements elicitation for Operational BI system.
Keywords:
Business Context, Business, Intelligence, Business Networks, Protocols, Modern Business, Environment, Operational Business, Intelligence Requirement, Elicitation, Requirement, Methodology
... Afin de garantir la confidentialité d'ED au niveau conception, certains auteurs (Rosenthal, 2000), (Saltor, et al., 2002) ont proposé l'utilisation des autorisations définit au niveau des sources de l'ED. Alors que d'autres auteurs (Trujillo, et al., 2009) (Soler, et al., 2008) ont considèrent cette proposition non performante puisque l'ED à ces propres caractéristiques. Dans des travaux recent, le langage UML (Unified Modeling Language) présente un standard afin de modéliser les regles de sécurité d'un ED. ...
... Afin de garantir la confidentialité d'ED au niveau conception, certains auteurs (Rosenthal, 2000), (Saltor, et al., 2002) ont proposé l'utilisation des autorisations définit au niveau des sources de l'ED. Alors que d'autres auteurs (Trujillo, et al., 2009) (Soler, et al., 2008) ont considèrent cette proposition non performante puisque l'ED à ces propres caractéristiques. Dans des travaux recent, le langage UML (Unified Modeling Language) présente un standard afin de modéliser les regles de sécurité d'un ED. ...
Un entrepôt de données (ED) présente un facteur primordial de l'entreprise qui donne une vue clair sur ses activités et une source riche pour les décideurs. Il contient les données sensibles sur l'entreprisse et ses clients, et par consé- quence elles ne doivent pas être accessibles sans contrôle d’accès.(El ouazzani 2018) La solution de l’hébergement de l’ED dans le CC (Cloud Computing) gagne progressivement plus de popularité dans les entreprises, car elle permet de surmonter l’expansion sans fin des données et bénéficier de sa capacité de traitement et le stockage de ces données. Cependant la confidentialité de ces EDs dans le CC a besoin de nombreuses améliorations et de la mise en place des normes précises, en raison de l’évolutivité et l’élasticité du paradigme CC, car il n’y a pas un protocole standard pour gérer la connectivité des utilisateurs du CC aux ressources hébergés en prenant compte la performance d’exécution des requêtes. L’objectif de nos travaux est de proposer un cadre garantissant la confidentialité des EDs hébergés dans le CC à base de profil utilisateur.
... La protection des ED contre les accès illégaux s'est fait sentir d'une manière incontestable depuis plusieurs années (Fernandez-Medina, et al., 2006) , (Soler, et al., 2008), (Trujillo, et al., 2009), (Arora, et al., 2016). D'après les auteurs (Eavis, et al., 2012), la modélisation La detection des inférences par la combinaison de plusieurs profils du contrôle d'accès à l'ED est le processus de construction d'un modèle abstrait qui doit être stockée dans l'ED. ...
INTIS 2017: La 6ème édition de la conférence Internationale sur l'Innovation et Nouvelles Tendances dans les Systèmes d'Information, poursuit ses engagements pour créer un potentiel d’échange « Connaissance, Ingénierie et Référentiels » pour partager les principaux concepts et les nouvelles théories consolidant les systèmes d’information émergents, ainsi que les tendances techniques innovantes et les nouvelles pratiques qui pourraient influencer les développements des systèmes d’information. Le chalenge de cette édition concerne les thématiques suivantes : le data mining spatial Big Data, la gestion et la fouille de données mobiles issues des objets connectés, et enfin la gestion et l’analyse des données complexes. Les écosystèmes d’avant-garde pour les traitements distribués dans le cloud, la gestion des événements complexes ainsi que l’intégration des données IoT seront paraphrasés durant cette édition.
... La protection des ED contre les accès illégaux s'est fait sentir d'une manière incontestable depuis plusieurs années (Fernandez-Medina, et al., 2006) , (Soler, et al., 2008), (Trujillo, et al., 2009), (Arora, et al., 2016). D'après les auteurs (Eavis, et al., 2012), la modélisation du contrôle d'accès à l'ED est le processus de construction d'un modèle abstrait qui doit être stockée dans l'ED. ...
Un Entrepôt de données (ED) regroupe les données sensibles de l'en-treprise et les données secrètes sur la vie privée des individus. Ce qui rend la gestion des accès à cette source une tâche difficile qui doit prendre en compte la détection des inférences possibles. Dans ce sens plusieurs auteurs ont pro-posé des méthodes pour faciliter la gestion des inférences, en analysant les permissions accordées à un utilisateur. Cependant aucun travail n'a traité la gestion des inférences dans le cas d'un utilisateur qui combine entre deux ou plusieurs profils au sein de l'entreprise. Dans cet article, nous allons présenter notre approche qui permet de détecter les déductions possibles entre deux ou plusieurs rôles affectés à un seul utilisateur.
... The proposed classification methods in the literature don't ensure a relation between software criteria development and security context. On the other hand and despite the large number of works that discussed the security of data warehouses [21,22,23,24,25], this subject is not considered at the ETL processes level. In the literature, there is few works handling security during ETL processes development. ...
... After the matching, we proceed to the quantitative assessment of vulnerabilities. Whave defined a scoring method defined in [21]. This method aims us to define for each vulnerability a pair of scores: a preventive Score PS and a corrective score CS based on the CVSS [16] and the COSMIC standards [17]. ...
... The proposed classification methods in the literature don't ensure a relation between software criteria development and security context. On the other hand and despite the large number of works that discussed the security of data warehouses [21,22,23,24,25], this subject is not considered at the ETL processes level. In the literature, there is few works handling security during ETL processes development. ...
... After the matching, we proceed to the quantitative assessment of vulnerabilities. Whave defined a scoring method defined in [21]. This method aims us to define for each vulnerability a pair of scores: a preventive Score PS and a corrective score CS based on the CVSS [16] and the COSMIC standards [17]. ...
... [21] Soler and al. (2008) have used extension mechanisms provided by the CWM (Common Warehouse Meta-model) to extend the relational package and build a star schema, which represents security and verification rules captured during the conceptual phase of the DW. ...
... Figure 26 represents the textual notation for the main QVT transformations, i.e., the SMD PIM to SMD PSM transformation [EMILIO et al. 2007]. [ EMILIO et al. 2008a] presented comprehensive requirement analysis approach for considering security in early stages of DW development life cycle. In this paper, they focus on describing a comprehensive requirement analysis approach for DWs that comprises two parts. ...
... The first one is Functional Requirement analysis and the second one is QoS requirement analysis. Requirement analysis approaches for DWs have focused attention merely on information needs of top management and decision makers, without taking into consideration other kinds of QoS requirements such as performance or security [EMILIO et al. 2008a]. ...
... Modeling these requirements in the early stages of the development is a foundation stone for building a DW that satisfies user wants and needs. [EMILIO et al. 2008a] specified the two kinds of requirements for data warehousing as QoS requirements and Functional Requirements and jointed them in a broad approach based on MDA. This permitted a separation of concerns to model requirements without losing the connection between Functional Requirements and quality-of-service requirements [EMILIO et al. 2008a]. ...
Model driven architecture (MDA) is playing a major role in today's system development methodologies. In the last few years, many researchers tried to apply MDA to Data Warehouse Systems (DW). Their focus was on automatic creation of Multidimensional model (Start schema) from Conceptual Models. Furthermore, they addressed the conceptual modeling of QoS parameters such as Security in early stages of system development using MDA concepts. However, there is a room to improve further the DW development using MDA concepts. In this survey we identify critical knowledge gaps in MDA and DWs and make a chart for future research to motivate researchers to close this breach and improve DW solution's quality and performance, and also minimize drawbacks and limitations. We identified promising challenges and potential research areas that need more work on it. Using MDA to handle DW performance, multidimensionality and friendliness aspects, applying MDA to other stages of DW development life cycle such as Extracting, Transformation and Loading (ETL) Stage, developing On Line Analytical Processing(OLAP) end user Application, applying MDA to Spatial and Temporal DWs, developing a complete, self-contained DW framework that handles MDA-technical issues together with managerial issues using Capability Maturity Model Integration(CMMI) standard or International standard Organization (ISO) are parts of our findings.
