5. User Profile Based SecurityReferencesSecurity in Data Warehousing(Invited Talk)Bharat BhargavaComputer Science DepartmentPurdue University, West Lafayette,Indiana [email protected] warehouse is an integrated repository derived from multiple source (operational and legacy)databases. The data warehouse is created by either replicating the different source data or transformingthem to new representation. This process involves reading, cleaning, aggregating and storing the data in thewarehouse model. The software tools are used to access the warehouse for strategic analysis, decision-making, marketing types of applications. It can be used for inventory control of shelf stock in manydepartmental stores.Medical and human genome researchers can create research data that can be either marketed or used by awide range of users. The information and access privileges in data warehouse should mimic the constraintsof source data. A recent trend is to create web-based data warehouses and multiple users can createcomponents of the warehouse and keep an environment that is open to third party access and tools. Giventhe opportunity, users ask for lots of data in great detail. Since source data can be expensive,its privacy and security must be assured. The idea of adaptive querying can be used to limit access aftersome data has been offered to the user. Based on the user profile, the access to warehouse data can berestricted or modified.In this talk, I will focus on the following ideas that can contribute towards warehouse security.1. Replication controlReplication can be viewed in a slightly different manner than perceived in traditional literature. Forexample, an old copy can be considered a replica of the current copy of the data. A slightly out-of date datacan be considered as a good substitute for some users. The basic idea is that either the warehouse keepsdifferent replicas of the same items or creates them dynamically. The legitimate users get the mostconsistent and complete copy of data while casual users get a weak replica. Such replica may be enough tosatisfy the user's need but do not provide information that can be used maliciously or breach privacy. Wehave formally defined the equivalence of replicas [melli's paper in dallas]and this notion can be used to create replicas for different users. The replicas may be at one central site orcan be distributed to proxies who may serve the users efficiently. In some cases the user may be given theweak replica and may be given an upgraded replica if wiling to pay or deserves it. Another idea related tothis is the idea of witness that was discussed in [mitre paper].2. Aggregation and GeneralizationThe concept of warehouse is based on the idea of using summaries and consolidators. This implies thatsource data is not available in raw form. This lends to ideas that can be used for security. Some users canget aggregates only over a large number of records where as others can be given for small data instances.The granularity of aggregation can be lowered for genuine users. The generalization idea can be used togive users a high level information at first but the lower level details can be given after the securityconstraints are satisfied. For example, the user may be given an approximate answer initially based onsome generalization over the domains of the database. Inheritance is another notion that will allowincreasing capability of access for users. The users can inherit access to related data after having access tosome data item.3. Exaggeration and MisleadingThese concepts can be used to mutilate the data. A view may be available to support a particular query, butthe values may be overstated in the view. For security concern, quality of views may depend on the userinvolved and user can be given an exaggerated view of the data. For example, instead of giving any specificsales figures, views may scale up and give only exaggerated data. In certain situations warehouse data cangive some misleading information; information which may be partially incorrect or difficult to verify thecorrectness of the information. For example, a view of a company’s annual report may contain the net profitfigure including the profit from sales of properties (not the actual sales of products). 4. Anonymity Anonymity is to provide user and warehouse data privacy. A user does not know the source warehouse forhis query and warehouse also does not who is the user and what particular view a user is accessing (viewmay be constructed from many source databases for that warehouse). Note that a user must belong to thegroup of registered users and similarly, a user must also get data from only legitimate warehouses. In suchcases, encryption is to be used to secure the connection between the users and warehouse so that no outsideuser (user who has not registered with the warehouse) can access the warehouse. 5. User Profile Based SecurityUser profile is a representation of the preferences of any individual user. User profiles can help inauthentication and determining the levels of security to access warehouse data. User profile must describehow and what has to be represented pertaining to the users information and security level authorizationneeds. The growth in warehouses has made relevant information access difficult in reasonable time due tothe large number of sources differ in terms of context and representation. Warehouse can use data categorydetails in determining the access control. For example, if a user would like to access an unpublished annualcompany report, the warehouse server may deny access to it. The other alternative is to construct a view toreflect only projected sales and profit report. Such a construction of view may be transparent to the user. Aserver can use data given in the profile to decide whether the user should be given the access to associatedgraphical image data. The server has the option to reduce the resolution or later the quality of impagesbefore making them available to users. References [1] Arnon Rosenthal and Edward Sciore, View Security as the Basis for Data Warehouse Security,Proceedings of the International Workshop on Design and Management of