An MDA approach for developing secure OLAP applications: Metamodels and transformations

Decision makers query enterprise information stored in DataWarehouses (DW) by using tools (such as On-Line Analytical Processing (OLAP) tools) which employ specific views or cubes from the corporate DW or Data Marts, based on multidimensional modelling. Since the information managed is critical, security constraints have to be correctly established in order to avoid unauthorized access. In previous work we defined a Model-Driven based approach for developing a secure DW repository by following a relational approach. Nevertheless, it is also important to define security constraints in the metadata layer that connects the DW repository with the OLAP tools; that is, over the same multidimensional structures that end users manage. This paper incorporates a proposal for developing secure OLAP applications within our previous approach: it improves a UML profile for conceptual modelling; it defines a logical metamodel for OLAP applications; and it defines and implements transformations from conceptual to logical models, as well as from logical models to secure implementation in a specific OLAP tool (SQL Server Analysis Services). © 2015 ComSIS Consortium. All rights reserved.This research is part of the following projects: SIGMA-CC (TIN2012-36904), GEODAS-BC (TIN2012-37493-C01) and GEODAS-BI (TIN2012-37493-C03) funded by the Ministerio de Economía y Competitividad and Fondo Europeo de Desarrollo Regional FEDER

UNA HERRAMIENTA BASADA EN METAMODELOS PARA LA GENERACIÓN AUTOMÁTICA DE APLICACIONES WEB

RESUMEN En este artículo, se describe la arquitectura de una herramienta que genera aplicaciones web de tres capas a partir de bases de datos relacionales. La herramienta está dotada de un conjunto de metamodelos que nos permiten desarrollar el proceso completo de reingeniería. Mediante el acceso al diccionario de la base de datos, la herramienta crea una instancia delmetamodelo de la base de datos aplicando una técnica de ingeniería inversa; a partir de esta instancia y, mediante un proceso de reestructuración, se obtiene una instancia de un metamodelo de clases que nos permite transformar el esquema relacional en un diagrama de clases. Por último y según las necesidades del usuario, a través de un proceso de ingeniería directa, la herramienta genera una nueva instancia del metamodelo de clases para poder así representar la aplicación final. A nivel conceptual, se define un conjunto de funciones para implementar las transformaciones mencionadas; dichas funciones son implementadas por la herramienta mediante un conjunto de fábricas. Los metamodelos aquí citados son el núcleo de nuestra aplicación. PALABRAS CLAVES Metamodelo, Reingeniería, Ingeniería Inversa, Aplicación Web, Base de Datos, EJ

An architecture for automatically developing secure OLAP applications from models

Context: Decision makers query enterprise information stored in Data Warehouses (DW) by using tools (such as On-Line Analytical Processing (OLAP) tools) which use specific views or cubes from the corporate DW or Data Marts, based on the multidimensional modeling. Since the information managed is critical, security constraints have to be correctly established in order to avoid unauthorized accesses. Objective: In previous work we have defined a Model-Driven based approach for developing a secure DWs repository by following a relational approach. Nevertheless, is also important to define security constraints in the metadata layer that connects the DWs repository with the OLAP tools, that is, over the same multidimensional structures that final users manage. This paper defines a proposal to develop secure OLAP applications and incorporates it into our previous approach. Method: Our proposal is composed of models and transformations. Our models have been defined using the extension capabilities from UML (conceptual model) and extending the OLAP package of CWM with security (logical model). Transformations have been defined by using a graphical notation and implemented into QVT and MOFScript. Finally, this proposal has been evaluated through case studies. Results: A complete MDA architecture for developing secure OLAP applications. The main contributions of this paper are: improvement of a UML profile for conceptual modeling; definition of a logical metamodel for OLAP applications; and definition and implementation of transformations from conceptual to logical models, and from logical models to the secure implementation into a specific OLAP tool (SSAS). Conclusion: Our proposal allows us to develop secure OLAP applications, providing a complete MDA architecture composed of several security models and automatic transformations towards the final secure implementation. Security aspects are early identified and fitted into a most robust solution that provides us a better information assurance and a saving of time in maintenance.This research is part of the following Projects: SIGMA-CC (TIN2012-36904), GEODAS-BC (TIN2012-37493-C01) and GEODAS-BI (TIN2012-37493-C03) funded by the Ministerio de Economía y Competitividad and Fondo Europeo de Desarrollo Regional FEDER. SERENIDAD (PEII11-037-7035) and MOTERO (PEII11- 0399-9449) funded by the Consejería de Educación, Ciencia y Cultura de la Junta de Comunidades de Castilla La Mancha, and Fondo Europeo de Desarrollo Regional FEDER

Showing the Benefits of Applying a Model Driven Architecture for Developing Secure OLAP Applications

Data Warehouses (DW) manage enterprise information that is queried for decision making purposes by using On-Line Analytical Processing (OLAP) tools. The establishment of security constraints in all development stages and operations of the DW is highly important since otherwise, unauthorized users may discover vital business information. The final users of OLAP tools access and analyze the information from the corporate DW by using specific views or cubes based on the multidimensional modelling containing the facts and dimensions (with the corresponding classification hierarchies) that a decision maker or group of decision makers are interested in. Thus, it is important that security constraints will be also established over this metadata layer that connects the DW's repository with the decision makers, that is, directly over the multidimensional structures that final users manage. In doing so, we will not have to define specific security constraints for every particular user, thereby reducing the developing time and costs for secure OLAP applications. In order to achieve this goal, a model driven architecture to automatically develop secure OLAP applications from models has been defined. This paper shows the benefits of this architecture by applying it to a case study in which an OLAP application for an airport DW is automatically developed from models. The architecture is composed of: (1) the secure conceptual modelling by using a UML profile; (2) the secure logical modelling for OLAP applications by using an extension of CWM; (3) the secure implementation into a specific OLAP tool, SQL Server Analysis Services (SSAS); and (4) the transformations needed to automatically generate logical models from conceptual models and the final secure implementation.This research is part of the following projects: SERENIDAD (PEII11- 037-7035) financed by the ”Viceconsejería de Ciencia y Tecnología de la Junta de Comunidades de Castilla-La Mancha” (Spain) and FEDER, and SIGMA-CC (TIN2012-36904) and GEODAS (TIN2012-37493-C03-01) financed by the ”Ministerio de Economía y Competitividad” (Spain)

Evaluating GSD-Aware: A Serious Game for Discovering Global Software Development Challenges

Global Software Development (GSD) is currently a strong industry trend. This means that if computer science engineers are to be trained to deal with this model, it is very important to include the topic in software engineering courses, attempting to ensure that students learn about GSD and become familiar with its advantages and challenges. However, software engineering courses do not always consider including it in their curricula. It must also be recognized that it is difficult to find a suitable method to teach/develop the different skills needed for GSD. There is often a lot of content and not a great deal of time available to teach it. In this article, we propose the use of a serious game called GSD-Aware, with which students can “suffer” some of the typical challenges of GSD by interacting with avatars and by using several means of communication to solve a number of problems posed. The article focuses on the description of the game and on the empirical study conducted to analyze whether GSD-Aware helps students to be conscious of GSD challenges. It was discovered that after 50 minutes playing the game, the students were aware of the greater influence that the following factors can have: lack of coordination, lack of trust, cultural differences, lack of face-to-face and informal communication, time difference, and lack of team spirit. In their final analysis, students agreed that the serious game scenarios helped them to understand what GSD is and to grasp the importance of some GSD challenges.El desarrollo global de software (GSD) es actualmente una fuerte tendencia en la industria. Esto significa que si se quiere formar ingenieros informáticos para manejar este modelo, es muy importante incluir el tema en los cursos de ingeniería de software, tratando de que los estudiantes aprendan sobre GSD y se familiaricen con sus ventajas y desafíos. Sin embargo, los cursos de ingeniería de software no siempre consideran incluirlo en sus planes de estudio. También se debe reconocer que es difícil encontrar un método adecuado para enseñar/desarrollar las diferentes habilidades necesarias para GSD. A menudo hay mucho contenido y no mucho tiempo disponible para enseñarlo. En este artículo, proponemos el uso de un juego serio llamado GSD-Aware, con el que los alumnos pueden “sufrir” algunos de los retos típicos de GSD interactuando con avatares y utilizando varios medios de comunicación para resolver una serie de problemas planteados. El artículo se centra en la descripción del juego y en el estudio empírico realizado para analizar si GSD-Aware ayuda a los estudiantes a ser conscientes de los desafíos de GSD. Se descubrió que después de 50 minutos de jugar el juego, los estudiantes eran conscientes de la mayor influencia que pueden tener los siguientes factores: falta de coordinación, falta de confianza, diferencias culturales, falta de comunicación cara a cara e informal, diferencia horaria. y falta de espíritu de equipo. En su análisis final, los estudiantes acordaron que los escenarios de juegos serios les ayudaron a comprender qué es GSD y a comprender la importancia de algunos desafíos de GSD. El artículo se centra en la descripción del juego y en el estudio empírico realizado para analizar si GSD-Aware ayuda a los estudiantes a ser conscientes de los desafíos de GSD. Se descubrió que después de 50 minutos de jugar el juego, los estudiantes eran conscientes de la mayor influencia que pueden tener los siguientes factores: falta de coordinación, falta de confianza, diferencias culturales, falta de comunicación cara a cara e informal, diferencia horaria. y falta de espíritu de equipo. En su análisis final, los estudiantes acordaron que los escenarios de juegos serios les ayudaron a comprender qué es GSD y a comprender la importancia de algunos desafíos de GSD. El artículo se centra en la descripción del juego y en el estudio empírico realizado para analizar si GSD-Aware ayuda a los estudiantes a ser conscientes de los desafíos de GSD. Se descubrió que después de 50 minutos de jugar el juego, los estudiantes eran conscientes de la mayor influencia que pueden tener los siguientes factores: falta de coordinación, falta de confianza, diferencias culturales, falta de comunicación cara a cara e informal, diferencia horaria. y falta de espíritu de equipo. En su análisis final, los estudiantes acordaron que los escenarios de juegos serios les ayudaron a comprender qué es GSD y a comprender la importancia de algunos desafíos de GSD. los estudiantes fueron conscientes de la mayor influencia que pueden tener los siguientes factores: falta de coordinación, falta de confianza, diferencias culturales, falta de comunicación cara a cara e informal, diferencia horaria y falta de espíritu de equipo. En su análisis final, los estudiantes acordaron que los escenarios de juegos serios les ayudaron a comprender qué es GSD y a comprender la importancia de algunos desafíos de GSD. los estudiantes fueron conscientes de la mayor influencia que pueden tener los siguientes factores: falta de coordinación, falta de confianza, diferencias culturales, falta de comunicación cara a cara e informal, diferencia horaria y falta de espíritu de equipo. En su análisis final, los estudiantes acordaron que los escenarios de juegos serios les ayudaron a comprender qué es GSD y a comprender la importancia de algunos desafíos de GSD

Automated generation of oracled test cases with regular expressions and combinatorial techniques

One of the main challenges of software testing research is the automated addition of oracles to the generated test cases: Whereas the automated generation of operation sequences (which is one of the essential components of test cases) is in practice a solved problem, the automated addition of the oracle (another indispensable element) is still an important problem and an open research question. This article proposes an approach to get executable test suites composed by complete test cases (i.e., they include the oracle). The core of the method is based on annotated regular expressions. The test generation process, which is supported by a tool, follows three steps: (1) creation of annotated regular expressions, where each regular expression describes a set of sequences of operations to be executed against the system under test; (2) expansion of the regular expressions to get sequences of operations, which still do not have parameter values; and (3) generation of the executable test cases with oracle. In this third step, each test case is generated with the suitable oracle, depending on the conditions specified in the regular expression

ProFit – Performing Dynamic Analysis of Software Systems

Dynamic analysis offers the possibility of studying software at runtime, documenting its internal behavior. This dynamic information about the software is very interesting for the purpose of identifying many aspects of its operation, such as detection of dead code, security problems, complexity, and so on. However, not all software systems have the capacity to generate detailed information about what happens at runtime. It is with that consideration in mind that in this work we present ProFit, an environment conceived to improve software with the capacity to generate dynamic information about its execution, thus complementing the static analysis that can be performed on it. ProFit implements two strategies for such purpose: (i) instrumentation of the source code, through the insertion of sentences that generate execution traces in log files, and (ii) automatic generation of aspects for the generation of execution traces. None of those strategies produces any alteration in the behavior of the software, so the information generated truly reflects what happens during the software execution. Finally, the execution logs are represented by means of a tree-like structure that makes it quite easy to implement several kinds of analysis on it

Showing the Benefits of Applying a Model Driven Architecture for

Data Warehouses (DW) manage enterprise information that is queried for decision making purposes by using On-Line Analytical Processing (OLAP) tools. The establishment of security constraints in all development stages and operations of the DW is highly important since otherwise, unauthorized users may discover vital business information. The final users of OLAP tools access and analyze the information from the corporate DW by using specific views or cubes based on the multidimensional modelling containing the facts and dimensions (with the corresponding classification hierarchies) that a decision maker or group of decision makers are interested in. Thus, it is important that security constraints will be also established over this metadata layer that connects the DW's repository with the decision makers, that is, directly over the multidimensional structures that final users manage. In doing so, we will not have to define specific security constraints for every particular user, thereby reducing the developing time and costs for secure OLAP applications. In order to achieve this goal, a model driven architecture to automatically develop secure OLAP applications from models has been defined. This paper shows the benefits of this architecture by applying it to a case study in which an OLAP application for an airport DW is automatically developed from models. The architecture is composed of: (1) the secure conceptual modelling by using a UML profile; (2) the secure logical modelling for OLAP applications by using an extension of CWM; (3) the secure implementation into a specific OLAP tool, SQL Server Analysis Services (SSAS); and (4) the transformations needed to automatically generate logical models from conceptual models and the final secure implementation.This research is part of the following projects: SERENIDAD (PEII11- 037-7035) financed by the ”Viceconsejería de Ciencia y Tecnología de la Junta de Comunidades de Castilla-La Mancha” (Spain) and FEDER, and SIGMA-CC (TIN2012-36904) and GEODAS (TIN2012-37493-C03-01) financed by the ”Ministerio de Economía y Competitividad” (Spain)

Enseñando a los estudiantes cómo mejorar su atención y gestión del tiempo

En este artículo se describe un estudio empírico realizado para cuantificar las interrupciones a las que se ven sometidos los estudiantes a través de las aplicaciones de sus portátiles y teléfonos móviles, normalmente redes sociales, que tantas veces utilizan en el aula. En base a los resultados obtenidos en el mismo, los estudiantes realizaron un taller de gestión del tiempo, los pensamientos y la atención. Se evaluó la participación en este taller y los efectos que tuvo sobre sus participantes. Los resultados obtenidos, bastante optimistas, se describen en este trabajo para animar a otros centros universitarios a llevar a cabo iniciativas similares.This article describes an empirical study conducted to quantify the disruptions students are subjected to through the applications on their laptops and mobile phones, usually social networks, which they often use in the classroom. Based on the results obtained in this study, the students carried out a workshop on time, thought and attention management. Participation in this workshop and the effects it had on its participants were evaluated. The quite optimistic results obtained are described in this paper to encourage other university schools to perform similar initiatives

BiP Heterozigosity Aggravates Pathological Deterioration in Experimental Amyotrophic Lateral Sclerosis

In the present study, we investigated the involvement of the chaperone protein BiP (also known as GRP78 or Hspa5), a master regulator of intracellular proteostasis, in two mouse models of neurodegenerative diseases: amyotrophic lateral sclerosis (ALS) and Parkinson’s disease (PD). To this end, we used mice bearing partial genetic deletion of the BiP gene (BiP+/− mice), which, for the ALS model, were crossed with mutant SOD1 (mSOD1) transgenic mice to generate mSOD1/BiP+/− double mutant mice. Our data revealed a more intense neurological decline in the double mutants, reflected in a greater deterioration of the neurological score and rotarod performance, with also a reduced animal survival, compared to mSOD1 transgenic mice. Such worsening was associated with higher microglial (labelled with Iba-1 immunostaining) and, to a lesser extent, astroglial (labelled with GFAP immunostaining) immunoreactivities found in the double mutants, but not with a higher loss of spinal motor neurons (labelled with Nissl staining) in the spinal cord. The morphological analysis of Iba-1 and GFAP-positive cells revealed a higher presence of activated cells, characterized by elevated cell body size and shorter processes, in double mutants compared to mSOD1 mice with normal BiP expression. In the case of the PD model, BiP+/− mice were unilaterally lesioned with the parkinsonian neurotoxin 6-hydroxydopamine (6-OHDA). In this case, however, we did not detect a greater susceptibility to damage in mutant mice, as the motor defects caused by 6-OHDA in the pole test and the cylinder rearing test, as well as the losses in tyrosine hydroxylase-containing neurons and the elevated glial reactivity (labelled with CD68 and GFAP immunostaining) detected in the substantia nigra were of similar magnitude in BiP+/− mice compared with wildtype animals. Therefore, our findings support the view that a dysregulation of the protein BiP may contribute to ALS pathogenesis. As BiP has been recently related to cannabinoid type-1 (CB1) receptor function, our work also opens the door to future studies on a possible link between BiP and the neuroprotective effects of cannabinoids that have been widely reported in this neuropathological context. In support of this possibility, preliminary data indicate that CB1 receptor levels are significantly reduced in mSOD1 mice having partial deletion of BiP gene