12 May 2009
SEAD Seminar - "An MDA architecture for developing Secure Data Warehouses" & Visibility Constraints in Java
Carlos Blanco - University of Castilla-La Mancha & Andreas Thies - University of Bonn, Germany
Data Warehouses (DW) manage enterprise information for the decision making process, so the establishment of security measures in all stages of the DW development process is highly important since unauthorized users may discover vital business information. Model Driven Architecture (MDA) based approaches allow us to define models describing a system at different abstraction levels along with the automatic transformations between them. Taking advantages from this standard we have defined an MDA architecture for the development of secure DWs taking into consideration confidentiality issues in all models and sets of Query/View/Transformation (QVT) rules to produce the different models involved in the architecture from the initial secure DW model. Following the MDA model chain (that is CIM, PIM, PSM, Code) this proposal was focused on a relational path obtaining relational PSM models and generating secure code for database management systems (DBMS). In our later research activities, we have worked on fulfilling this architecture providing a new multidimensional path towards OLAP tools (a new multidimensional PSM, PIM2PSM transformations and PSM2code transformations) and reengineering features (PSM2PIM transformations, re-documentation, platform migration, etc.). Since security aspects considered in our approach are limited, our further work is focused on including new security issues and also modeling dynamic security concerns to avoid the inference problem.
Carlos Blanco has an MSc in Computer Science from the University of Castilla-La Mancha. He is currently a PhD student and a member of the Alarcos Research Group at the School of Computer Science at the University of Castilla-La Mancha (Spain), and his research activity is in the field of security in Data Warehouses, MDA, Information Systems and Ontologies.
Access modifier were introduced into programming languages to support access restriction thus information hiding. Unfortunately in context of tremendous complexity of the programming languages used today changing an access modifier may also lead to side affects as change of static and dynamic binding or ambiguous access. We figured out a set of visibility constraints to analyse and handle access restriction in Java.
This talk will give an overview of the constraints themselves and the widespread range of applications. By now we were able to improve the Eclipse refactorings "Move Class" and "Pull up Method" measurable by adding additional precondition checks. Also we work on a static dead code detection tool and suggest novel ideas for mutation testing.
Andreas Thies received his Master Degree in Computer Science
("Diplom-Informatiker") 2008 from the University of Bonn, Germany. Now, he works as a research assistant and PhD-student at FernUniversitšt in Hagen. Affiliated to the Chair of Programming Systems his current research interests concern object-oriented programming, declarative programming, refactoring and testing.
Save to your Calendar