Modeling of secure data extraction in ETL processes using UML 2.0

One of the major causes for developing distributed systems is wide variety of target domain and project characteristics. Especially to implement security policies required for such software systems become more complicated. Modeling of these types of scenarios with security constraints is crucial in producing quality software. The scenario is more complicated in case of ETL processes. In this paper, we propose an object-oriented approach using UML 2.0 for secure data extraction in ETL processes. We exploit the features of UML 2.0 for modeling the complex features to implement security policies. We discuss the validity of the model using a case study on Banking application.

[1]  Donald Firesmith,et al.  Security Use Cases , 2003, J. Object Technol..

[2]  Gio Wiederhold,et al.  Mediators in the architecture of future information systems , 1992, Computer.

[3]  Ralph Kimball,et al.  The Data Warehouse Lifecycle Toolkit , 2009 .

[4]  Ian F. Alexander,et al.  Modelling the Interplay of Conflicting Goals with Use and Misuse Cases , 2002, GBPM.

[5]  Panos Vassiliadis,et al.  A generic and customizable framework for the design of ETL scenarios , 2005, Inf. Syst..

[6]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.

[7]  Andreas L. Opdahl,et al.  Templates for Misuse Case Description , 2001 .

[8]  Patrick Valduriez,et al.  Scaling Access to Heterogeneous Data Sources with DISCO , 1998, IEEE Trans. Knowl. Data Eng..

[9]  Panos Vassiliadis,et al.  On the Logical Modeling of ETL Processes , 2002, CAiSE.

[10]  Panos Vassiliadis,et al.  Conceptual modeling for ETL processes , 2002, DOLAP '02.

[11]  Tim Kelly,et al.  Deriving safety requirements using scenarios , 2001, Proceedings Fifth IEEE International Symposium on Requirements Engineering.

[12]  David W. Embley,et al.  Conceptual-Model-Based Data Extraction from Multiple-Record Web Pages , 1999, Data Knowl. Eng..

[13]  Dianxiang Xu,et al.  Integrating functional and security requirements with use case decomposition , 2006 .

[14]  I. Alexander,et al.  Misuse cases help to elicit non-functional requirements , 2003 .

[15]  Ian F. Alexander,et al.  Misuse Cases: Use Cases with Hostile Intent , 2003, IEEE Softw..