Managing vulnerabilities during the development of a secure ETL processes Online publication date: Tue, 17-May-2022
by Salma Dammak; Faiza Ghozzi; Asma Sellami; Faiez Gargouri
International Journal of Information and Computer Security (IJICS), Vol. 18, No. 1/2, 2022
Abstract: Vulnerabilities in information systems (ISs) are high-value assets to a cybercriminal. These vulnerabilities can be targeted for exploitation which results in unauthorised access to the IS. Due to the increasing demand of preventing cyber-crimes, decisional systems should focus on extract, transform, and load (ETL) processes security which is one of the most critical and complex issues considered during DW development. The intent of this paper is to provide a structured method for managing vulnerabilities that can affect ETL processes throughout its development (preventive) and along its exploitation (corrective). We anticipate and evaluate vulnerabilities by defining an impact of severity score measured based on CVSS standard and two scores presented the required preventive and corrective actions based on the COSMIC method. We propose an algorithm to order and prioritise these vulnerabilities using the defined scores. The prioritisation algorithm helps and assists the ETL designers in ensuring security.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook