Conducted by:Eng.Hossam El-Din Hassanien        Supervised by:   Prof. Dr. Ahmed Elragal
   Introduction   Business Intelligence    ◦ Technological Approaches    ◦ Issues & Challenges   Cloud Computing    ◦ T...
   Introduction   Business Intelligence    ◦ Technological Approaches    ◦ Issues & Challenges   Cloud Computing    ◦ T...
Business-Intelligence Solution                   •Advanced Multi-Dimensional Analytics                   •Efficient and Ac...
   Introduction   Business Intelligence    ◦ Technological Approaches    ◦ Issues & Challenges   Cloud Computing    ◦ T...
   Term Formulated by Howard    Dressner, Vice President and    Research Fellow in Gartner                            Dec...
   “Getting data in, Getting    information out.”    ◦ Data Warehousing:         Schema structures             Star    ...
   Requires massive amounts resources.    ◦   Network    ◦   Storage    ◦   Processing Power    ◦   Advanced technologica...
   Introduction   Business Intelligence    ◦ Technological Approaches    ◦ Issues & Challenges   Cloud Computing    ◦ T...
   “Among the top 3    technology trends to    impact IT    Infrastructure, top 10 to    impact Business    Development”....
   Cloud Computing Types:    ◦ SaaS (Software-as-a-Service)       Defines the utility services and user        control p...
   Cloud Computing    Models:                                      ◦   Community Cloud    ◦   Public Cloud               ...
   Security , privacy and trust.    ◦ Third party control over production resources.    ◦ Hosting confidential data, posi...
   Introduction   Business Intelligence    ◦ Technological Approaches    ◦ Issues & Challenges   Cloud Computing    ◦ T...
   Payment Card Industry-Data    Security Standard(PCI-DSS).   Emerged through research and    developments done by Paym...
   Easier to manage and more secure.    ◦ Reducing points of crucial data is stored to      only CDVs, hence less exposur...
   Introduction   Business Intelligence    ◦ Technological Approaches    ◦ Issues & Challenges   Cloud Computing    ◦ T...
Business-Intelligence Solution  Business                       •Advanced Multi-Dimensional                                ...
   Virtual CC resources:    ◦ BI/Reporting Server.    ◦ Data Warehouse back-end (Tokenized).                             ...
Disparate source systems Present inside or outside Cloud                       networks                                   ...
     Customized Token generation.                                                                                        ...
     Customized Token generation.                                                                           1.   maintain...
   Customized Token generation.                 ◦   maintain_Tokenization_lookup_algorithm                 ◦   substitute...
Business                       •Advanced Multi-Dimensional                                  AnalyticsIntelligence/      De...
   Introduction   Business Intelligence    ◦ Technological Approaches    ◦ Issues & Challenges   Cloud Computing    ◦ T...
   Conclusion    ◦ BI is important for organizations.         Performance analysis.         Fact based decision making....
By: Hossam El-Din Hassanien   December, 27th 2011   27
Upcoming SlideShare
Loading in …5
×

Business Intelligence In Cloud Computing A Tokenization Approach Final

866 views
776 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
866
On SlideShare
0
From Embeds
0
Number of Embeds
19
Actions
Shares
0
Downloads
39
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Business Intelligence In Cloud Computing A Tokenization Approach Final

  1. 1. Conducted by:Eng.Hossam El-Din Hassanien Supervised by: Prof. Dr. Ahmed Elragal
  2. 2.  Introduction Business Intelligence ◦ Technological Approaches ◦ Issues & Challenges Cloud Computing ◦ Technological Approaches ◦ Issues & Challenges Tokenization Security ◦ Technological Approaches ◦ Benefits & Contribution The framework ◦ Architecture & Components ◦ Cryptography ◦ Results Conclusion & Future work By: Hossam El-Din Hassanien December, 27th 2011 2
  3. 3.  Introduction Business Intelligence ◦ Technological Approaches ◦ Issues & Challenges Cloud Computing ◦ Technological Approaches ◦ Issues & Challenges Tokenization Security ◦ Technological Approaches ◦ Benefits & Contribution The framework ◦ Architecture & Components ◦ Cryptography ◦ Results Conclusion & Future work By: Hossam El-Din Hassanien December, 27th 2011 3
  4. 4. Business-Intelligence Solution •Advanced Multi-Dimensional Analytics •Efficient and Accurate Enterprise PerformanceDecision Support ManagementCap-Ex to Op-Ex •Leveraging sophisticated Business Computing solutions for SMEs Transformation •TCO (Total Cost of Ownership) reduction/management expanding organizational ROI (Return on Investment) •Advanced Cryptography mechanisms Secure Data •Untraceable ciphers omitting reverse engineering to plain texts Perimeters By: Hossam El-Din Hassanien December, 27th 2011 4
  5. 5.  Introduction Business Intelligence ◦ Technological Approaches ◦ Issues & Challenges Cloud Computing ◦ Technological Approaches ◦ Issues & Challenges Tokenization Security ◦ Technological Approaches ◦ Benefits & Contribution The framework ◦ Architecture & Components ◦ Cryptography ◦ Results Conclusion & Future work By: Hossam El-Din Hassanien December, 27th 2011 5
  6. 6.  Term Formulated by Howard Dressner, Vice President and Research Fellow in Gartner Decision Making research during the1980’s. Transactions and Planning Initially known as DSS (Decision Support System). Plan Act Refers to Computer based Reporting and Extract, Transform methodologies and techniques Analysis and Load used to identify, extract and Analyze Measure analyze crucial historical, current and predictive business data through employing advanced technological tools serving enhanced decision making. Business Modeling Data Warehouse By: Hossam El-Din Hassanien December, 27th 2011 6
  7. 7.  “Getting data in, Getting information out.” ◦ Data Warehousing:  Schema structures  Star  Snowflake  OLAP data stores  Transforming transactional data processing to analytical data processing. ◦ Tactical and Strategic Analytics  Dashboards and Scorecards  Multi-dimension analysis Data Warehousing Architectures  Cross functional comparisons  Trend analysis Dashboards and OLAP cubes Scorecards By: Hossam El-Din Hassanien December, 27th 2011 7
  8. 8.  Requires massive amounts resources. ◦ Network ◦ Storage ◦ Processing Power ◦ Advanced technological tools Requires extreme secure perimeter ◦ Protecting the tactical and strategic confidential data Photo taken during World War II.  Financial “If you talk too much, this man may  Inter-departmental die.”  Etc. Limitations in a nutshell ◦ Elevated Security requirements ◦ Increasing TCO and ROI reduction By: Hossam El-Din Hassanien December, 27th 2011 8
  9. 9.  Introduction Business Intelligence ◦ Technological Approaches ◦ Issues & Challenges Cloud Computing ◦ Technological Approaches ◦ Issues & Challenges Tokenization Security ◦ Technological Approaches ◦ Benefits & Contribution The framework ◦ Architecture & Components ◦ Cryptography ◦ Results Conclusion & Future work By: Hossam El-Din Hassanien December, 27th 2011 9
  10. 10.  “Among the top 3 technology trends to impact IT Infrastructure, top 10 to impact Business Development”. Gartner Inc. Is the new utility model of IT services delivery on a “Pay-per-Use” schemes, through deploying scalable virtualized resources that are allocated on a user choice of combinations of types and models. By: Hossam El-Din Hassanien December, 27th 2011 10
  11. 11.  Cloud Computing Types: ◦ SaaS (Software-as-a-Service)  Defines the utility services and user control provided by the SP (Service Provider) over the application level. ◦ PaaS (Platform-as-a-Service)  Defines the utility services and user control provided by the SP over the application as well as the platform level. ◦ IaaS (Infrastructure-as-as-Service)  Defines the utility services and user control provided by the SP over the application ,the platform level. and Infrastructure level. By: Hossam El-Din Hassanien December, 27th 2011 11
  12. 12.  Cloud Computing Models: ◦ Community Cloud ◦ Public Cloud  Virtualized to be shared and  Virtualized to be shared and used used by the public with access by the public with no segregations to several communityy done by SPs over user groups. classifications.  Adopted by community  Widely adopted groups.  Least Expensive  Security constrained only by adversarial frequencies within  Usually poses security constraints the community. ◦ Private Cloud ◦ Hybrid Cloud  Virtual remote privately dedicated  Combines outsourcing virtual and leased to the users. resources with on-premise  Adopted by enterprises interested resource hosting. in full resource outsourcing and  Usually adopted by highest security measures. stakeholders seeking  Comparatively expensive. expanding present  Security constrained by SP defense infrastructures, mechanisms.  Security constraints complemented by merging SP enforced rules and stakeholders measures. By: Hossam El-Din Hassanien December, 27th 2011 12
  13. 13.  Security , privacy and trust. ◦ Third party control over production resources. ◦ Hosting confidential data, posing leakage threats. Currently based on Open-Standards ◦ Ad-hoc standards as the only real standards.  Customized SLAs between customers and SPs. Data lock-in ◦ Probable inabilities towards completely relinquishing outsized restricted organizational data. Random instance placement ◦ Multi-tenancy over the different types and models of CC. By: Hossam El-Din Hassanien December, 27th 2011 13
  14. 14.  Introduction Business Intelligence ◦ Technological Approaches ◦ Issues & Challenges Cloud Computing ◦ Technological Approaches ◦ Issues & Challenges Tokenization Security ◦ Technological Approaches ◦ Benefits & Contribution The framework ◦ Architecture & Components ◦ Cryptography ◦ Results Conclusion & Future work By: Hossam El-Din Hassanien December, 27th 2011 14
  15. 15.  Payment Card Industry-Data Security Standard(PCI-DSS). Emerged through research and developments done by Payment Card Industry- Security Standards Council (PCI-SSC). Originally adopted to elevate security measures in PCI. Token Servers originates surrogate values called tokens, replacing sensitive data in applications and databases. These tokens are stored in Central Data Vaults that is unlocked only by proper authorization credentials. By: Hossam El-Din Hassanien December, 27th 2011 15
  16. 16.  Easier to manage and more secure. ◦ Reducing points of crucial data is stored to only CDVs, hence less exposure. ◦ Consolidating and centralizing security systems to be audited. Eliminates impedance introduced by inconsistencies aroused from random encryption. ◦ Records created only once in CDV (Reducing storage space). ◦ DW sensitive encrypted data values used in referential integral analytics queries are consistent. Absolutely Simpler to Reverse-Engineering Omission: Secure Implement ◦ Eliminates mathematical relations between Simpler to Simpler to plain-texts and cipher-texts. Manage Audit By: Hossam El-Din Hassanien December, 27th 2011 16
  17. 17.  Introduction Business Intelligence ◦ Technological Approaches ◦ Issues & Challenges Cloud Computing ◦ Technological Approaches ◦ Issues & Challenges Tokenization Security ◦ Technological Approaches ◦ Benefits & Contribution The framework ◦ Architecture & Components ◦ Cryptography ◦ Results Conclusion & Future work By: Hossam El-Din Hassanien December, 27th 2011 17
  18. 18. Business-Intelligence Solution Business •Advanced Multi-Dimensional AnalyticsIntelligence/ Decision •Efficient and Accurate Enterprise Performance Data Support Management Warehouse •Leveraging sophisticated Cap-Ex to Op-Hybrid Cloud Business Computing solutions Ex for SMEs Computing Transformation •Cost reduction/management expanding organizational ROI Model •Advanced Cryptography mechanismsTokenization Secure Data •Untraceable ciphers omitting reverse engineering to plain PerimetersData Security texts By: Hossam El-Din Hassanien December, 27th 2011 18
  19. 19.  Virtual CC resources: ◦ BI/Reporting Server. ◦ Data Warehouse back-end (Tokenized). BI/Reporting Server ◦ Extraction, Transform and Load Server. On-premise/Private-Cloud resources: ◦ Virtual Private Cloud (VPC) interlink. ◦ Tokenization Server ETL Server and Data-Warehouse  Tokenization Data Vault.  Algorithmic packages and functions orchestrating/maintaining tokens:  Fine Grained Audit conditional policies (DBMS_FGA) over DB DML operations.  maintain_Tokenization_lookup_algorithm.  substitute_values_Actual_to_Token.  Supervisory global_Algorithm. Tokenization Server By: Hossam El-Din Hassanien December, 27th 2011 19
  20. 20. Disparate source systems Present inside or outside Cloud networks Tokenization Sever present on- premise or inside a Private Cloud Network Tokenization Server ETL Server and Data-Warehouse BI/Reporting Server Legen d: BI/DWH components hosted inside a Cloud Actual Sensitive (Public, Private Etc.) Data Flow: Logical Sensitive Data Flow: By: Hossam El-Din Hassanien December, 27th 2011 20
  21. 21.  Customized Token generation. 1. maintain_Tokenization_lookup_algorithm 2. substitute_values_Actual_to_Token  Global algorithm:•Algorithmmaintain_Tokenization_lookup_algorithm: ELSEmaintain_Tokenization_lookup_algorithm SELECT <sensitive_Data_Column_Name>_Token( FROM tokenization_lookup_tableSET unique_Token = 0; WHERE ROWID=(SELECT MAX(ROWID) FROM tokenization_lookup_table);GET <sensitive_Data_column_name>;GET <sensitive_Data_table_name>; IF sensitive_Data_Cursor.current_Actual_Data exists in tokenization lookup table; THENCURSOR sensitive_Data_Cursor END;IS SELECT <sensitive_Data_Column_Name> FROM <sensitive_Data_Table_Name>; ELSE INSERT INTO tokenization_lookup_table (token,FOR I = 0 TO sensitive_Data_Cursor.length corresponding_Sensitive_Data) ( VALUES IF SELECT COUNT(token) FROM (unique_Token, tokenization_lookup_table sensitive_Data_Cursor.current_Actual_Data); =0; unique_Token ++; THEN ENDIF; INSERT INTO tokenization_lookup_table I ++; (token, corresponding_Sensitive_Data) ) End LOOP; VALUES ) End maintain_Tokenization_lookup_algorithm;; (unique_Token, sensitive_Data_Cursor.current_Actual_Data); unique_Token ++; By: Hossam El-Din Hassanien December, 27th 2011 21
  22. 22.  Customized Token generation. 1. maintain_Tokenization_lookup_algorithm 2. substitute_values_Actual_to_Token  Global algorithm:•Algorithm substitute_values_Actual_to_Token:substitute_values_Actual_to_Token(GET <sensitive_Data_column_name>;GET <sensitive_Data_table_name>;CURSOR sensitive_Data_CursorIS SELECT <sensitive_Data_Column_Name> FROM <sensitive_Data_Table_Name>; FOR I = 0 TO sensitive_Data_Cursor.length ( Token_Value = SELECT token FROM tokenization_lookup_table WHERE sensitive_Data_Cursor. current_sensitive_Data = tokenization_lookup_table. current_Corresponding_Sensitive_Data; INSERT INTO <actual_table_name> (<actual_column_name>_token) VALUES (Token_Value); DELETE <actual_table_name>.<actual_column_name> WHERE <actual_table_name>.<actual_column_name>_token = tokenization_lookup_table.token; ) End LOOP;) End substitute_values_Actual_to_Token; By: Hossam El-Din Hassanien December, 27th 2011 22
  23. 23.  Customized Token generation. ◦ maintain_Tokenization_lookup_algorithm ◦ substitute_values_Actual_to_Token  Global algorithm:By: Hossam El-Din Hassanien December, 27th 2011 23
  24. 24. Business •Advanced Multi-Dimensional AnalyticsIntelligence/ Decision •Efficient and Accurate Enterprise Performance Data Support Management Warehouse •Leveraging sophisticated Cap-Ex to Op-Hybrid Cloud Business Computing solutions Ex for SMEs Computing Transformation •Cost reduction/management expanding organizational ROI Model •Advanced Cryptography mechanismsTokenization Secure Data •Untraceable ciphers omitting reverse engineering to plain PerimetersData Security texts By: Hossam El-Din Hassanien December, 27th 2011 24
  25. 25.  Introduction Business Intelligence ◦ Technological Approaches ◦ Issues & Challenges Cloud Computing ◦ Technological Approaches ◦ Issues & Challenges Tokenization Security ◦ Technological Approaches ◦ Benefits & Contribution The framework ◦ Architecture & Components ◦ Cryptography ◦ Results Conclusion & Future work By: Hossam El-Din Hassanien December, 27th 2011 25
  26. 26.  Conclusion ◦ BI is important for organizations.  Performance analysis.  Fact based decision making. ◦ Cloud Computing extensively addresses expense issues with large scale implementations.  CapEx to OpEx.  Undermined resources. ◦ Non-convenitional data security approaches imperative combining BI with CC.  Simplified Infrastructure management, Data audit, Implementations.  Elevated levels of data security. ◦ Almost all the current applications does not support Tokenization Data Security. Future work ◦ Driving motivations for vendors to support out-of-the-box Tokenization Data Security. ◦ Sophisticated Tokenization algorithms. ◦ Propagation and Replication of current approaches to different frameworks in organizations, forming complete center points of truth for data security. By: Hossam El-Din Hassanien December, 27th 2011 26
  27. 27. By: Hossam El-Din Hassanien December, 27th 2011 27

×