A UML 2.0 profile to define security requirements for Data Warehouses

Many Data Warehouses (DWs) fail to provide the appropriate information because the users' requirements are not correctly modeled. In addition, the security requirements are considered in the final implementation, and do not take the users' necessities into consideration. However, as DWs store confidential and sensitive information, it is crucial to take security measures into account from early DW design phases, and to enforce them. This paper proposes a profile which uses the Unified Modeling Language (UML) extensibility mechanisms. This profile allows us to define security requirements for DWs at the business level, taking into account the information requirements modeled with a previous profile. Our proposal is aligned with Model Driven Architecture (MDA), thus permitting the transformation of security requirements throughout the entire DW life cycle. Finally, in order to show the benefits of our profile, we develop a case study related to the management of a pharmacy consortium business.