TY - CHAP
T1 - Business intelligence security on the clouds: Challenges, solutions and future directions
AU - Al-Aqrabi, Hussain
AU - Liu, Lu
AU - Hill, Richard
AU - Ding, Zhijun
AU - Antonopoulos, Nick
PY - 2013
Y1 - 2013
N2 - Business intelligence (BI) is a critical software system employed by the higher management of organizations for presenting business performance reports through Online Analytical Processing (OLAP) functionalities. BI faces sophisticated security issues given its strategic importance for higher management of business entities. Scholars have emphasized on enhanced session, presentation and application layer security in BI, in addition to the usual network and transport layer security controls. This is because an unauthorized user can gain access to highly sensitive consolidated business information in a BI system. To protect a BI environment, a number of controls are needed at the level of database objects, application files, and the underlying servers. In a cloud environment, the controls will be needed at all the components employed in the service-oriented architecture for hosting BI on the cloud. Hence, a BI environment (whether self-hosted or cloud-hosted) is expected to face significant security overheads. In this context, two models for securing BI on a cloud have been simulated in this paper. The first model is based on securing BI using a Unified Threat Management (UTM) cloud and the second model is based on distributed security controls embedded within the BI server arrays deployed throughout the Cloud. The simulation results revealed that the UTM model is expected to cause more overheads and bottlenecks per OLAP user than the distributed security model. However, the distributed security model is expected to pose administrative control effectiveness challenges than the UTM model. Based on the simulation results, it is recommended that BI security model on a Cloud should comprise of network, transport, session and presentation layers of security controls through UTM, and application layer security through the distributed security components. A mixed environment of both the models will ensure technical soundness of security controls, better security processes, clearly defined roles and accountabilities, and effectiveness of controls. © 2012 IEEE.
AB - Business intelligence (BI) is a critical software system employed by the higher management of organizations for presenting business performance reports through Online Analytical Processing (OLAP) functionalities. BI faces sophisticated security issues given its strategic importance for higher management of business entities. Scholars have emphasized on enhanced session, presentation and application layer security in BI, in addition to the usual network and transport layer security controls. This is because an unauthorized user can gain access to highly sensitive consolidated business information in a BI system. To protect a BI environment, a number of controls are needed at the level of database objects, application files, and the underlying servers. In a cloud environment, the controls will be needed at all the components employed in the service-oriented architecture for hosting BI on the cloud. Hence, a BI environment (whether self-hosted or cloud-hosted) is expected to face significant security overheads. In this context, two models for securing BI on a cloud have been simulated in this paper. The first model is based on securing BI using a Unified Threat Management (UTM) cloud and the second model is based on distributed security controls embedded within the BI server arrays deployed throughout the Cloud. The simulation results revealed that the UTM model is expected to cause more overheads and bottlenecks per OLAP user than the distributed security model. However, the distributed security model is expected to pose administrative control effectiveness challenges than the UTM model. Based on the simulation results, it is recommended that BI security model on a Cloud should comprise of network, transport, session and presentation layers of security controls through UTM, and application layer security through the distributed security components. A mixed environment of both the models will ensure technical soundness of security controls, better security processes, clearly defined roles and accountabilities, and effectiveness of controls. © 2012 IEEE.
KW - Application layer security
KW - Business intelligence
KW - Cloud computing
KW - Component
KW - Data mart security
KW - Data warehouse security
KW - Distributed security controls
KW - OLAP security
KW - Object level security
KW - Online analytical processing
KW - Unified threat management
U2 - 10.1109/SOSE.2013.36
DO - 10.1109/SOSE.2013.36
M3 - Chapter
SN - 9780769549446
T3 - Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013
SP - 137
EP - 144
BT - Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013
ER -