Designing secure data warehouses by using MDA and QVT

The Data Warehouse (DW) design is based on multidimensional (MD) modeling which structures information into facts and dimensions. Due to the confidentiality of the data that it stores, it is crucial to specify security and audit measures from the early stages of design and to enforce them throughout the lifecycle. Moreover, the standard framework for software development, Model Driven Architecture (MDA), allows us to define transformations between models by proposing Query/View/Transformations (QVT). This proposal permits the definition of formal, elegant and unequivocal transformations between Platform Independent Models (PIM) and Platform Specific Models (PSM). This paper introduces a new framework for the design of secure DWs based on MDA and QVT, which covers all the design phases (conceptual, logical and physical) and specifies security measures in all of them. We first define two metamodels with which to represent security and audit measures at the conceptual and logical levels. We then go on to define a transformation between these models through which to obtain the traceability of the security rules from the early stages of development to the final implementation. Finally, in order to show the benefits of our proposal, it is applied to a case study.This work has been partially supported by the METASIGN project (TIN2004-00779) from the Spanish Ministry of Education and Science, of the Regional Government of Valencia, and by the QUASIMODO and MISTICO projects of the Regional Science and Technology Ministry of Castilla-La Mancha (Spain)

Network intrusion detection system for DDoS attacks in ICS using deep autoencoders

Anomaly detection in industrial control and cyber-physical systems has gained much attention over the past years due to the increasing modernisation and exposure of industrial environments. Current dangers to the connected industry include the theft of industrial intellectual property, denial of service, or the compromise of cloud components; all of which might result in a cyber-attack across the operational network. However, most scientific work employs device logs, which necessitate substantial understanding and preprocessing before they can be used in anomaly detection. In this paper, we propose a network intrusion detection system (NIDS) architecture based on a deep autoencoder trained on network flow data, which has the advantage of not requiring prior knowledge of the network topology or its underlying architecture. Experimental results show that the proposed model can detect anomalies, caused by distributed denial of service attacks, providing a high detection rate and low false alarms, outperforming the state-of-the-art and a baseline model in an unsupervised learning environment. Furthermore, the deep autoencoder model can detect abnormal behaviour in legitimate devices after an attack. We also demonstrate the suitability of the proposed NIDS in a real industrial plant from the alimentary sector, analysing the false positive rate and the viability of the data generation, filtering and preprocessing procedure for a near real time scenario. The suggested NIDS architecture is a low-cost solution that uses only fifteen network-based features, requires minimal processing, operates in unsupervised mode, and is straightforward to deploy in real-world scenarios.Axencia Galega de Innovación | Ref. IN854A 2019/15Centro para el Desarrollo Tecnológico Industrial | Ref. CER-20191012Agencia Estatal de Investigación | Ref. MTM2017-89422-PFinanciado para publicación en acceso aberto: Universidade de Vigo/CISU

An MDA approach for developing secure OLAP applications: Metamodels and transformations

Decision makers query enterprise information stored in DataWarehouses (DW) by using tools (such as On-Line Analytical Processing (OLAP) tools) which employ specific views or cubes from the corporate DW or Data Marts, based on multidimensional modelling. Since the information managed is critical, security constraints have to be correctly established in order to avoid unauthorized access. In previous work we defined a Model-Driven based approach for developing a secure DW repository by following a relational approach. Nevertheless, it is also important to define security constraints in the metadata layer that connects the DW repository with the OLAP tools; that is, over the same multidimensional structures that end users manage. This paper incorporates a proposal for developing secure OLAP applications within our previous approach: it improves a UML profile for conceptual modelling; it defines a logical metamodel for OLAP applications; and it defines and implements transformations from conceptual to logical models, as well as from logical models to secure implementation in a specific OLAP tool (SQL Server Analysis Services). © 2015 ComSIS Consortium. All rights reserved.This research is part of the following projects: SIGMA-CC (TIN2012-36904), GEODAS-BC (TIN2012-37493-C01) and GEODAS-BI (TIN2012-37493-C03) funded by the Ministerio de Economía y Competitividad and Fondo Europeo de Desarrollo Regional FEDER

Experiencia acumulada en el uso de Angio-Seal™ durante el procedimiento de retirada de balón de contrapulsación intraaórtico

ResumenEl dispositivo de cierre de punción femoral Angio-Seal™ (St. Jude Medical, St. Paul, Minnesota) es actualmente el más utilizado en nuestro medio para el cierre de las punciones femorales en los que se utilizan introductores hasta 8F, con excelentes resultados, sin apenas complicaciones, y que permite una movilización precoz del paciente (incluso a las 3h del procedimiento).Dada la amplia experiencia en nuestro medio con dicho dispositivo, decidimos el inicio de un protocolo de retirada de los dispositivos de contrapulsación intraaórtica mediante el uso del Angio-Seal™ para la hemostasia. Todos los procedimientos se llevan a cabo en la unidad de cuidados intensivos cardiológicos. Desde el inicio del protocolo (junio de 2014 hasta septiembre de 2015) hemos realizado un total de 33 procedimientos de retirada de balón de contrapulsación intraaórtica con el dispositivo Angio-Seal™ 8F.Hemos incluido un total de 33 pacientes consecutivos (19 varones y 12 mujeres) con una edad media de 64,1 años (rango: 50-83) a los que se les ha implantado un dispositivo de contrapulsación intraaórtica por distintas causas.Como objetivo primario del estudio se ha incluido la ausencia de complicaciones mayores y únicamente una complicación menor (hematoma > 10 cm), siendo la efectividad en la liberación del dispositivo del 100.La retirada de los dispositivos de contrapulsación intraaórtica mediante el uso de Angio-Seal™ 8F para la hemostasia se considera un dispositivo rápido, efectivo y seguro, por lo que podemos recomendar su uso, aunque sería necesario un estudio con más pacientes y aleatorizado con respecto a la compresión manual tradicional para recomendar su uso rutinario.AbstractDue to the big experience with Angio-Seal™ Device (St. Jude Medical) in our center to close femoral puncture during cardiac catheterization, we investigated whether the Angio-Seal™ could be used safely and could achieve hemostasis fastly when removing an IABP.We prospectely studied 33 consecutive patients (Age: mean 64,1 years [50-83 years]) in which the Angio-Seal™ 8F device was planned to be used to achieve vascular hemostasis after removal of an IABP between January to December of 2015 in the Cardiac Intensive care unit of Cruces University Hospital. IABP was implanted due to several causes (cardiogenic shock due to STEMI, after cardiac surgery, high risk PCI...).The primary endpoint was a composite of any type of major (retroperitoneal bleeding, vessel occlusion, loss of distal pulses, vascular surgery and death) and minor vascular complication (hematoma, AV fistula or pseudoaneurism).IABP was continued for 1-7 days (mean 4 days). The device was successfully deployed in all of the patients. There were no major and only 2 minor complications (hematoma >10 cm). No patients required additional compression although most of them were treated with antiplatelet drugs.Removal of IABP with the Angio-Seal™ 8F device is a fast, effective and safe procedure that could improve the hemostasis and the confort of the patients compared with the manual compression or other compression decides. We need further randomized studies comparing Angio-Seal™ with conventional methods of compression to recommend routine use

Showing the Benefits of Applying a Model Driven Architecture for Developing Secure OLAP Applications

Data Warehouses (DW) manage enterprise information that is queried for decision making purposes by using On-Line Analytical Processing (OLAP) tools. The establishment of security constraints in all development stages and operations of the DW is highly important since otherwise, unauthorized users may discover vital business information. The final users of OLAP tools access and analyze the information from the corporate DW by using specific views or cubes based on the multidimensional modelling containing the facts and dimensions (with the corresponding classification hierarchies) that a decision maker or group of decision makers are interested in. Thus, it is important that security constraints will be also established over this metadata layer that connects the DW's repository with the decision makers, that is, directly over the multidimensional structures that final users manage. In doing so, we will not have to define specific security constraints for every particular user, thereby reducing the developing time and costs for secure OLAP applications. In order to achieve this goal, a model driven architecture to automatically develop secure OLAP applications from models has been defined. This paper shows the benefits of this architecture by applying it to a case study in which an OLAP application for an airport DW is automatically developed from models. The architecture is composed of: (1) the secure conceptual modelling by using a UML profile; (2) the secure logical modelling for OLAP applications by using an extension of CWM; (3) the secure implementation into a specific OLAP tool, SQL Server Analysis Services (SSAS); and (4) the transformations needed to automatically generate logical models from conceptual models and the final secure implementation.This research is part of the following projects: SERENIDAD (PEII11- 037-7035) financed by the ”Viceconsejería de Ciencia y Tecnología de la Junta de Comunidades de Castilla-La Mancha” (Spain) and FEDER, and SIGMA-CC (TIN2012-36904) and GEODAS (TIN2012-37493-C03-01) financed by the ”Ministerio de Economía y Competitividad” (Spain)

An architecture for automatically developing secure OLAP applications from models

Context: Decision makers query enterprise information stored in Data Warehouses (DW) by using tools (such as On-Line Analytical Processing (OLAP) tools) which use specific views or cubes from the corporate DW or Data Marts, based on the multidimensional modeling. Since the information managed is critical, security constraints have to be correctly established in order to avoid unauthorized accesses. Objective: In previous work we have defined a Model-Driven based approach for developing a secure DWs repository by following a relational approach. Nevertheless, is also important to define security constraints in the metadata layer that connects the DWs repository with the OLAP tools, that is, over the same multidimensional structures that final users manage. This paper defines a proposal to develop secure OLAP applications and incorporates it into our previous approach. Method: Our proposal is composed of models and transformations. Our models have been defined using the extension capabilities from UML (conceptual model) and extending the OLAP package of CWM with security (logical model). Transformations have been defined by using a graphical notation and implemented into QVT and MOFScript. Finally, this proposal has been evaluated through case studies. Results: A complete MDA architecture for developing secure OLAP applications. The main contributions of this paper are: improvement of a UML profile for conceptual modeling; definition of a logical metamodel for OLAP applications; and definition and implementation of transformations from conceptual to logical models, and from logical models to the secure implementation into a specific OLAP tool (SSAS). Conclusion: Our proposal allows us to develop secure OLAP applications, providing a complete MDA architecture composed of several security models and automatic transformations towards the final secure implementation. Security aspects are early identified and fitted into a most robust solution that provides us a better information assurance and a saving of time in maintenance.This research is part of the following Projects: SIGMA-CC (TIN2012-36904), GEODAS-BC (TIN2012-37493-C01) and GEODAS-BI (TIN2012-37493-C03) funded by the Ministerio de Economía y Competitividad and Fondo Europeo de Desarrollo Regional FEDER. SERENIDAD (PEII11-037-7035) and MOTERO (PEII11- 0399-9449) funded by the Consejería de Educación, Ciencia y Cultura de la Junta de Comunidades de Castilla La Mancha, and Fondo Europeo de Desarrollo Regional FEDER

Nanoscale zero-valent iron-assisted soil washing for the removal of potentially toxic elements

The present study focuses on soil washing enhancement via soil pretreatment with nanoscale zero-valent iron (nZVI) for the remediation of potentially toxic elements. To this end, soil polluted with As, Cu, Hg, Pb and Sb was partitioned into various grain sizes (500?2000, 125?500 and <125??m). The fractions were pretreated with nZVI and subsequently subjected, according to grain size, to Wet-High Intensity Magnetic Separation (WHIMS) or hydrocycloning. The results were compared with those obtained in the absence of nanoparticles. An exhaustive characterization of the magnetic signal of the nanoparticles was done. This provided valuable information regarding potentially toxic elements (PTEs) fate, and allowed a metallurgical accounting correction considering the dilution effects caused by nanoparticle addition. As a result, remarkable recovery yields were obtained for Cu, Pb and Sb, which concentrated with the nZVI in the magnetically separated fraction (WHIMS tests) and underflow (hydrocyclone tests). In contrast, Hg, concentrated in the non-magnetic fraction and overflow respectively, while the behavior of As was unaltered by the nZVI pretreatment. All things considered, the addition of nZVI enhanced the efficiency of soil washing, particularly for larger fractions (125?2000??m). The proposed methodology lays the foundations for nanoparticle utilization in soil washing operations.This work was supported by Project CTM2016-75894-P (MINECO). Carlos Boente obtained a grant from the “Formación del Profesorado Universitario” program, financed by the “Ministerio de Educación, Cultura y Deporte de España”. The authors thank the “Servicio Cientifico-Técnico de Medidas Magnéticas” of the University of Oviedo

Homonota horrida (South American Marked Gecko): Aquatic locomotion

On 26 November 2017 at 2134 h, in at La Majadita, Valle Fértil, San Juan, Argentina (30.7152°S, 67.4940°W; WGS 84; 1006 m elev.), an adult H. horrida was observed floating on water in a slow-flowing stream (Fig. 1),while hunting hemipterans (Gerridae). The lizard was suspended on the surface of the water and swam in it, making snake-like motions, to try to capture approaching insects.Fil: Valdez Ovallez, Franco Miguel. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - San Juan; Argentina. Universidad Nacional de San Juan. Facultad de Ciencias Exactas, Físicas y Naturales; ArgentinaFil: Gómez Alés, Carlos Rodrigo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - San Juan; Argentina. Universidad Nacional de San Juan. Facultad de Ciencias Exactas, Físicas y Naturales; ArgentinaFil: Acosta, Juan Carlos. Universidad Nacional de San Juan. Facultad de Ciencias Exactas, Físicas y Naturales; ArgentinaFil: Corrales, Lucas. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina. Universidad Nacional de San Juan. Facultad de Ciencias Exactas, Físicas y Naturales; ArgentinaFil: Fernández, Rubén. Universidad Nacional de San Juan. Facultad de Ciencias Exactas, Físicas y Naturales; ArgentinaFil: Acosta, Rodrigo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - San Juan; Argentina. Universidad Nacional de San Juan. Facultad de Ciencias Exactas Físicas y Naturales. Departamento de Biología; ArgentinaFil: Martínez, Tomás Agustín. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - San Juan; Argentina. Universidad Nacional de San Juan. Facultad de Ciencias Exactas, Físicas y Naturales; ArgentinaFil: Blanco, Mirta Blanco. Universidad Nacional de San Juan. Facultad de Ciencias Exactas, Físicas y Naturales; Argentin

A model for the biochemical degradation of inosine monophosphate in hake (Merluccius merluccius)

7 páginas, 3 tablas, 3 figuras, 1 apéndiceATP-derived products are typically used as early indicators of fish quality loss during storage. In this work, we explore different biochemical routes that are potentially relevant in contributing to nucleotide degradation in hake (Merluccius merluccius). A major motivation of this study is to get more insight on the biochemical degradation mechanisms of nucleotide catabolites in hake muscle at fish storage and transport conditions. This requires the identification of its relevant pathways. To that purpose, different degradation routes proposed in the literature are considered and a mathematical model for the degradation process is derived. First order kinetics are assumed for all the reactions and temperature dependence is taken into account through the Arrhenius equation. Unknown model parameters, namely activation energies and pre-exponential Arrhenius coefficients, are estimated via fitting to experimental data. From the estimation results, relevant routes are identified. The kinetic study is performed on sterile fish juice to avoid coupling with microbial degradation mechanisms or possible interferences of the food matrix that might hide biochemical interactions. The proposed scheme adequately describes biochemical changes in nucleotide catabolites under variable temperature profiles. It also reveals a pathway which at least seems relevant for nucleotide degradation in hakeThe authors acknowledge financial support from the Spanish Ministry of Science and Innovation (Projects ISFORQUALITY AGL2012-39951-C02-01, PIE 201230E042 and RESISTANCE DPI2014-54085-JIN)Peer reviewe