Database Reference
In-Depth Information
attack. The homogeneity attack is very simple.
If all k datasets have the same values in the field
with sensitive data, privacy is not protected. For
instance, if 5-anonymity is guaranteed and all
patients suffer the same illness, there is no longer
privacy. The background knowledge attack uses
background knowledge to exclude impossible or
unlikely datasets,as shown by Loukides and Shao
(2007). Machanavajjhala et al. (2006) state that l-
diversity is a measure that even the attacker needs
l -1 relevant pieces of background knowledge to
infer a (positive) disclosure.
mainly securing an entire and complex system,
whereas academia strives to establish methods
to preserve privacy of individuals and yet allow
for the computation of meaningful statistics and
detection of patterns.
FUTURE TRENDS AND OUTLOOK
Future research in data warehouse security will ad-
dress several issues. First, with the increasing size
of DWHs containing very personal information,
privacy-preserving techniques will become more
important. This area of research has also received
more attention because nation-wide data gathering
programs for national security are established.
Second, while this theoretical research is certainly
important, there are many more aspects to security
that need to be considered. A nationwide DWH
needs to be secured as an entire system including
the mechanisms of data delivery, data querying,
and usage. Security in DWH rests on three tiers:
(1) technical infrastructure such as firewalls, en-
cryption, (2) security in data gathering, privacy
preserving techniques, and (3) secure applications
including authentication, access control, authori-
zation and auditing[20].
With the increasing number of DWH applica-
tions, incorporating security into training and edu-
cation are important. Guimaraes (2006) describes
a curriculum that addresses both database security
and data warehouse security. Fernández-Medina
et al. (2006) propose a model for access control
and audit in DWHs. This approach is promising
because it supports the specification of security
requirements in early stages of establishing a
DWH.
APPLICATIONS
The previous sections focused on security concepts
that are relevant for databases in general and—as
data warehouses are databases optimized for a cer-
tain type of queries—for data warehouses. When
implementing a data warehouse it is, however, es-
sential that security is considered in an end-to-end
way. The real goal is to protect the data and not
only the data in the data warehouse. Before data
is loaded into the DWH, it needs to be extracted
from the source systems and is subsequently
transformed, cleansed and prepared for loading.
During this process the data has to be secured to
the same standard as in the data warehouse. When
clients query data, client security also becomes
an issue. The data may be well protected in the
DWH but a compromised client with full access
to the DWH will certainly compromise all of the
data. Security considerations need to consider
all layers of the system involved. A DWH is not
secure unless the underlying operating system is
well secured and network security is adequately
addressed.
DWH security and privacy is an active research
area and is also relevant for industrial projects.
Oracle, for instance, provides a detailed white
paper on this topic. In industry, the challenge is
Search WWH ::




Custom Search