Enabling policy-based access control in BI applications

Protecting the sensitive information in a company’s data warehouse from unauthorized access is an important component of regulatory compliance and privacy protection for Business Intelligence (BI) applications. The access control features in current database systems are not suitable to meet this requirement since they are limited to base table accesses whereas BI applications typically use materialized views for better performance. In this paper, we provide a middleware-enabled policy-based framework that allows access control to be uniformly applied to both base tables and materialized views to enable selective access to data warehouse. We also provide empirical evaluation of our approach.