Business Intelligence In Cloud Computing A Tokenization Approach Final

Conducted by:
Eng.Hossam El-Din Hassanien

Supervised by:
Prof. Dr. Ahmed Elragal

 Introduction
 Business Intelligence
◦ Technological Approaches
◦ Issues & Challenges
 Cloud Computing
 Tokenization Security
◦ Benefits & Contribution
 The framework
◦ Architecture & Components
◦ Cryptography
◦ Results
 Conclusion & Future work

By: Hossam El-Din Hassanien December, 27th 2011 2

 Introduction
 Cloud Computing
 The framework
◦ Cryptography
◦ Results


Business-Intelligence Solution
•Advanced Multi-Dimensional Analytics
•Efficient and Accurate Enterprise Performance
Decision Support Management

Cap-Ex to Op-Ex •Leveraging sophisticated Business Computing
solutions for SMEs
Transformation •TCO (Total Cost of Ownership)
reduction/management expanding
organizational ROI (Return on Investment)

•Advanced Cryptography mechanisms

Secure Data •Untraceable ciphers omitting reverse
engineering to plain texts
Perimeters


 Introduction
 Cloud Computing
 The framework
◦ Cryptography
◦ Results


 Term Formulated by Howard
Dressner, Vice President and
Research Fellow in Gartner Decision Making

research during the1980’s.
Transactions
and Planning

 Initially known as DSS (Decision
Support System).
Plan Act
 Refers to Computer based Reporting and Extract, Transform

methodologies and techniques Analysis and Load

used to identify, extract and Analyze Measure
analyze crucial historical, current
and predictive business data
through employing advanced
technological tools serving
enhanced decision making. Business Modeling Data Warehouse


 “Getting data in, Getting
information out.”
◦ Data Warehousing:
 Schema structures
 Star
 Snowflake
 OLAP data stores
 Transforming transactional data processing
to analytical data processing.
◦ Tactical and Strategic Analytics
 Dashboards and Scorecards
 Multi-dimension analysis
Data Warehousing Architectures
 Cross functional
comparisons
 Trend analysis

Dashboards and
OLAP cubes Scorecards

 Requires massive amounts resources.
◦ Network
◦ Storage
◦ Processing Power
◦ Advanced technological tools

 Requires extreme secure perimeter
◦ Protecting the tactical and strategic
confidential data
Photo taken during World War II.
 Financial “If you talk too much, this man may
 Inter-departmental die.”
 Etc.

 Limitations in a nutshell
◦ Elevated Security requirements
◦ Increasing TCO and ROI reduction


 Introduction
 Cloud Computing
 The framework
◦ Cryptography
◦ Results


 “Among the top 3
technology trends to
impact IT
Infrastructure, top 10 to
impact Business
Development”. Gartner Inc.

 Is the new utility model of
IT services delivery on a
“Pay-per-Use”
schemes, through
deploying scalable
virtualized resources that
are allocated on a user
choice of combinations of
types and models.


 Cloud Computing Types:

◦ SaaS (Software-as-a-Service)
 Defines the utility services and user
control provided by the SP (Service
Provider) over the application level.
◦ PaaS (Platform-as-a-Service)
control provided by the SP over the
application as well as the platform
level.
◦ IaaS (Infrastructure-as-as-Service)
control provided by the SP over the
application ,the platform level. and
Infrastructure level.


 Cloud Computing
Models: ◦ Community Cloud
◦ Public Cloud  Virtualized to be shared and
 Virtualized to be shared and used used by the public with access
by the public with no segregations to several communityy
done by SPs over user groups.
classifications.  Adopted by community
 Widely adopted groups.
 Least Expensive  Security constrained only by
adversarial frequencies within
 Usually poses security constraints
the community.
◦ Private Cloud ◦ Hybrid Cloud
 Virtual remote privately dedicated
 Combines outsourcing virtual
and leased to the users.
resources with on-premise
 Adopted by enterprises interested resource hosting.
in full resource outsourcing and
 Usually adopted by
highest security measures.
stakeholders seeking
 Comparatively expensive. expanding present
 Security constrained by SP defense infrastructures,
mechanisms.  Security constraints
complemented by merging SP
enforced rules and
stakeholders measures.


 Security , privacy and trust.
◦ Third party control over production resources.
◦ Hosting confidential data, posing leakage threats.

 Currently based on Open-Standards
◦ Ad-hoc standards as the only real standards.
 Customized SLAs between customers and SPs.

 Data lock-in
◦ Probable inabilities towards completely relinquishing outsized restricted
organizational data.

 Random instance placement
◦ Multi-tenancy over the different types and models of CC.


 Introduction
 Cloud Computing
 The framework
◦ Cryptography
◦ Results


 Payment Card Industry-Data
Security Standard(PCI-DSS).

 Emerged through research and
developments done by Payment
Card Industry- Security Standards
Council (PCI-SSC).

 Originally adopted to elevate
security measures in PCI.

 Token Servers originates
surrogate values called
tokens, replacing sensitive data
in applications and databases.
These tokens are stored in
Central Data Vaults that is
unlocked only by proper
authorization credentials.


 Easier to manage and more secure.
◦ Reducing points of crucial data is stored to
only CDVs, hence less exposure.
◦ Consolidating and centralizing security
systems to be audited.

 Eliminates impedance introduced by
inconsistencies aroused from
random encryption.
◦ Records created only once in CDV (Reducing
storage space).
◦ DW sensitive encrypted data values used in
referential integral analytics queries are
consistent.
Absolutely Simpler to

Reverse-Engineering Omission:
Secure Implement

◦ Eliminates mathematical relations between
Simpler to Simpler to
plain-texts and cipher-texts. Manage Audit


 Introduction
 Cloud Computing
 The framework
◦ Cryptography
◦ Results


Business-Intelligence Solution
Business •Advanced Multi-Dimensional
Analytics
Intelligence/ Decision •Efficient and Accurate
Enterprise Performance
Data Support Management

Warehouse

•Leveraging sophisticated
Cap-Ex to Op-
Hybrid Cloud Business Computing solutions
Ex for SMEs
Computing Transformation
•Cost reduction/management
expanding organizational ROI
Model

•Advanced Cryptography
mechanisms

Tokenization Secure Data •Untraceable ciphers omitting
reverse engineering to plain
Perimeters
Data Security texts


 Virtual CC resources:
◦ BI/Reporting Server.
◦ Data Warehouse back-end (Tokenized).
BI/Reporting
Server
◦ Extraction, Transform and Load Server.

 On-premise/Private-Cloud resources:
◦ Virtual Private Cloud (VPC) interlink.
◦ Tokenization Server
ETL Server and Data-Warehouse

 Tokenization Data Vault.
 Algorithmic packages and functions orchestrating/maintaining tokens:
 Fine Grained Audit conditional policies (DBMS_FGA) over DB DML operations.
 maintain_Tokenization_lookup_algorithm.
 substitute_values_Actual_to_Token.
 Supervisory global_Algorithm.

Tokenization
Server


Disparate source systems Present inside or outside Cloud
networks
Tokenization Sever present on-
premise or inside a Private Cloud
Network

Tokenization Server

ETL Server and Data-Warehouse

BI/Reporting
Server

Legen
d:
BI/DWH components hosted inside a Cloud Actual Sensitive
(Public, Private Etc.) Data Flow:

Logical Sensitive
Data Flow:


 Customized Token generation.
1. maintain_Tokenization_lookup_algorithm
2. substitute_values_Actual_to_Token
 Global algorithm:
•Algorithm
maintain_Tokenization_lookup_algorithm:

ELSE
maintain_Tokenization_lookup_algorithm
SELECT <sensitive_Data_Column_Name>_Token
(
FROM tokenization_lookup_table
SET unique_Token = 0;
WHERE ROWID=(SELECT MAX(ROWID) FROM
tokenization_lookup_table);
GET <sensitive_Data_column_name>;
GET <sensitive_Data_table_name>;
IF sensitive_Data_Cursor.current_Actual_Data exists in
tokenization lookup table;
THEN
CURSOR sensitive_Data_Cursor
END;
IS SELECT <sensitive_Data_Column_Name> FROM <sensitive_Data_Table_Name>;
ELSE
INSERT INTO tokenization_lookup_table
(token,
FOR I = 0 TO sensitive_Data_Cursor.length
corresponding_Sensitive_Data)
(
VALUES
IF SELECT COUNT(token) FROM
(unique_Token,
tokenization_lookup_table
sensitive_Data_Cursor.current_Actual_Data);
=0;
unique_Token ++;
THEN
ENDIF;
INSERT INTO tokenization_lookup_table
I ++;
(token,
corresponding_Sensitive_Data)
) End LOOP;
VALUES
) End maintain_Tokenization_lookup_algorithm;;
(unique_Token,
sensitive_Data_Cursor.current_Actual_Data);

unique_Token ++;


1. maintain_Tokenization_lookup_algorithm
2. substitute_values_Actual_to_Token
•Algorithm substitute_values_Actual_to_Token:
substitute_values_Actual_to_Token
(
GET <sensitive_Data_column_name>;
GET <sensitive_Data_table_name>;

CURSOR sensitive_Data_Cursor
IS SELECT <sensitive_Data_Column_Name> FROM <sensitive_Data_Table_Name>;

FOR I = 0 TO sensitive_Data_Cursor.length
(
Token_Value = SELECT token
FROM tokenization_lookup_table
WHERE sensitive_Data_Cursor.
current_sensitive_Data
=
tokenization_lookup_table.
current_Corresponding_Sensitive_Data;

INSERT INTO <actual_table_name>
(<actual_column_name>_token)
VALUES
(Token_Value);

DELETE <actual_table_name>.<actual_column_name>
WHERE <actual_table_name>.<actual_column_name>_token
=
tokenization_lookup_table.token;

) End LOOP;
) End substitute_values_Actual_to_Token;


◦ maintain_Tokenization_lookup_algorithm
◦ substitute_values_Actual_to_Token


Business •Advanced Multi-Dimensional
Analytics
Intelligence/ Decision •Efficient and Accurate
Enterprise Performance
Data Support Management

Warehouse

•Leveraging sophisticated
Cap-Ex to Op-
Hybrid Cloud Business Computing solutions
Ex for SMEs
Computing Transformation
•Cost reduction/management
expanding organizational ROI
Model

•Advanced Cryptography
mechanisms

Tokenization Secure Data •Untraceable ciphers omitting
reverse engineering to plain
Perimeters
Data Security texts


 Introduction
 Cloud Computing
 The framework
◦ Cryptography
◦ Results


 Conclusion
◦ BI is important for organizations.
 Performance analysis.
 Fact based decision making.
◦ Cloud Computing extensively addresses expense issues with large scale
implementations.
 CapEx to OpEx.
 Undermined resources.
◦ Non-convenitional data security approaches imperative combining BI with CC.
 Simplified Infrastructure management, Data audit, Implementations.
 Elevated levels of data security.
◦ Almost all the current applications does not support Tokenization Data Security.

 Future work
◦ Driving motivations for vendors to support out-of-the-box Tokenization Data
Security.
◦ Sophisticated Tokenization algorithms.
◦ Propagation and Replication of current approaches to different frameworks in
organizations, forming complete center points of truth for data security.


Business Intelligence In Cloud Computing A Tokenization Approach Final

More Related Content

What's hot (18)

Similar to Business Intelligence In Cloud Computing A Tokenization Approach Final (20)

Business Intelligence In Cloud Computing A Tokenization Approach Final