학술논문
Matching Procedure for NVD Vulnerabilities to Secure ETL Processes Steps
Document Type
Conference
Author
Source
2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA) AICCSA Computer Systems and Applications (AICCSA), 2017 IEEE/ACS 14th International Conference on. :1322-1329 Oct, 2017
Subject
Language
ISSN
2161-5330
Abstract
ETL (Extract, Transform, Load) processes presents the main complex task in data warehouse project. Since, they are exposed to several unauthorized attacks, security aspects should be considered in their design phase to better match the security requirements and to avoid later fundamental, cost-intensive adaptations. To this end, we propose a matching procedure between vulnerabilities and ETL processes steps. The vulnerabilities categorization aims to prevent and protect these processes. We select vulnerabilities from the National Vulnerability Database (NVD), which maintains standardized information about reported software vulnerabilities. The selected vulnerabilities belong to SGBD environment (SQL server, business intelligence, oracle database server products). In this paper, we describe the matching procedure steps and explain the criteria of classification.