Business intelligence security on the clouds: Challenges, solutions and future directions

Hussain Al-Aqrabi, Lu Liu, Richard Hill, Zhijun Ding, Nick Antonopoulos

Research output: Chapter in Book/Report/Conference proceedingChapter

12 Citations (Scopus)

Abstract

Business intelligence (BI) is a critical software system employed by the higher management of organizations for presenting business performance reports through Online Analytical Processing (OLAP) functionalities. BI faces sophisticated security issues given its strategic importance for higher management of business entities. Scholars have emphasized on enhanced session, presentation and application layer security in BI, in addition to the usual network and transport layer security controls. This is because an unauthorized user can gain access to highly sensitive consolidated business information in a BI system. To protect a BI environment, a number of controls are needed at the level of database objects, application files, and the underlying servers. In a cloud environment, the controls will be needed at all the components employed in the service-oriented architecture for hosting BI on the cloud. Hence, a BI environment (whether self-hosted or cloud-hosted) is expected to face significant security overheads. In this context, two models for securing BI on a cloud have been simulated in this paper. The first model is based on securing BI using a Unified Threat Management (UTM) cloud and the second model is based on distributed security controls embedded within the BI server arrays deployed throughout the Cloud. The simulation results revealed that the UTM model is expected to cause more overheads and bottlenecks per OLAP user than the distributed security model. However, the distributed security model is expected to pose administrative control effectiveness challenges than the UTM model. Based on the simulation results, it is recommended that BI security model on a Cloud should comprise of network, transport, session and presentation layers of security controls through UTM, and application layer security through the distributed security components. A mixed environment of both the models will ensure technical soundness of security controls, better security processes, clearly defined roles and accountabilities, and effectiveness of controls. © 2012 IEEE.
LanguageEnglish
Title of host publicationProceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013
Pages137-144
Number of pages8
DOIs
Publication statusPublished - 2013
Externally publishedYes

Publication series

NameProceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013

Fingerprint

Competitive intelligence
Servers
Industry
Service oriented architecture (SOA)
Processing

Cite this

Al-Aqrabi, H., Liu, L., Hill, R., Ding, Z., & Antonopoulos, N. (2013). Business intelligence security on the clouds: Challenges, solutions and future directions. In Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013 (pp. 137-144). (Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013). https://doi.org/10.1109/SOSE.2013.36
Al-Aqrabi, Hussain ; Liu, Lu ; Hill, Richard ; Ding, Zhijun ; Antonopoulos, Nick. / Business intelligence security on the clouds: Challenges, solutions and future directions. Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013. 2013. pp. 137-144 (Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013).
@inbook{e68d7959c0a441498f4c6565c42a9604,
title = "Business intelligence security on the clouds: Challenges, solutions and future directions",
abstract = "Business intelligence (BI) is a critical software system employed by the higher management of organizations for presenting business performance reports through Online Analytical Processing (OLAP) functionalities. BI faces sophisticated security issues given its strategic importance for higher management of business entities. Scholars have emphasized on enhanced session, presentation and application layer security in BI, in addition to the usual network and transport layer security controls. This is because an unauthorized user can gain access to highly sensitive consolidated business information in a BI system. To protect a BI environment, a number of controls are needed at the level of database objects, application files, and the underlying servers. In a cloud environment, the controls will be needed at all the components employed in the service-oriented architecture for hosting BI on the cloud. Hence, a BI environment (whether self-hosted or cloud-hosted) is expected to face significant security overheads. In this context, two models for securing BI on a cloud have been simulated in this paper. The first model is based on securing BI using a Unified Threat Management (UTM) cloud and the second model is based on distributed security controls embedded within the BI server arrays deployed throughout the Cloud. The simulation results revealed that the UTM model is expected to cause more overheads and bottlenecks per OLAP user than the distributed security model. However, the distributed security model is expected to pose administrative control effectiveness challenges than the UTM model. Based on the simulation results, it is recommended that BI security model on a Cloud should comprise of network, transport, session and presentation layers of security controls through UTM, and application layer security through the distributed security components. A mixed environment of both the models will ensure technical soundness of security controls, better security processes, clearly defined roles and accountabilities, and effectiveness of controls. {\circledC} 2012 IEEE.",
keywords = "Application layer security, Business intelligence, Cloud computing, Component, Data mart security, Data warehouse security, Distributed security controls, OLAP security, Object level security, Online analytical processing, Unified threat management",
author = "Hussain Al-Aqrabi and Lu Liu and Richard Hill and Zhijun Ding and Nick Antonopoulos",
year = "2013",
doi = "10.1109/SOSE.2013.36",
language = "English",
isbn = "9780769549446",
series = "Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013",
pages = "137--144",
booktitle = "Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013",

}

Al-Aqrabi, H, Liu, L, Hill, R, Ding, Z & Antonopoulos, N 2013, Business intelligence security on the clouds: Challenges, solutions and future directions. in Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013. Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013, pp. 137-144. https://doi.org/10.1109/SOSE.2013.36

Business intelligence security on the clouds: Challenges, solutions and future directions. / Al-Aqrabi, Hussain; Liu, Lu; Hill, Richard; Ding, Zhijun; Antonopoulos, Nick.

Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013. 2013. p. 137-144 (Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013).

Research output: Chapter in Book/Report/Conference proceedingChapter

TY - CHAP

T1 - Business intelligence security on the clouds: Challenges, solutions and future directions

AU - Al-Aqrabi, Hussain

AU - Liu, Lu

AU - Hill, Richard

AU - Ding, Zhijun

AU - Antonopoulos, Nick

PY - 2013

Y1 - 2013

N2 - Business intelligence (BI) is a critical software system employed by the higher management of organizations for presenting business performance reports through Online Analytical Processing (OLAP) functionalities. BI faces sophisticated security issues given its strategic importance for higher management of business entities. Scholars have emphasized on enhanced session, presentation and application layer security in BI, in addition to the usual network and transport layer security controls. This is because an unauthorized user can gain access to highly sensitive consolidated business information in a BI system. To protect a BI environment, a number of controls are needed at the level of database objects, application files, and the underlying servers. In a cloud environment, the controls will be needed at all the components employed in the service-oriented architecture for hosting BI on the cloud. Hence, a BI environment (whether self-hosted or cloud-hosted) is expected to face significant security overheads. In this context, two models for securing BI on a cloud have been simulated in this paper. The first model is based on securing BI using a Unified Threat Management (UTM) cloud and the second model is based on distributed security controls embedded within the BI server arrays deployed throughout the Cloud. The simulation results revealed that the UTM model is expected to cause more overheads and bottlenecks per OLAP user than the distributed security model. However, the distributed security model is expected to pose administrative control effectiveness challenges than the UTM model. Based on the simulation results, it is recommended that BI security model on a Cloud should comprise of network, transport, session and presentation layers of security controls through UTM, and application layer security through the distributed security components. A mixed environment of both the models will ensure technical soundness of security controls, better security processes, clearly defined roles and accountabilities, and effectiveness of controls. © 2012 IEEE.

AB - Business intelligence (BI) is a critical software system employed by the higher management of organizations for presenting business performance reports through Online Analytical Processing (OLAP) functionalities. BI faces sophisticated security issues given its strategic importance for higher management of business entities. Scholars have emphasized on enhanced session, presentation and application layer security in BI, in addition to the usual network and transport layer security controls. This is because an unauthorized user can gain access to highly sensitive consolidated business information in a BI system. To protect a BI environment, a number of controls are needed at the level of database objects, application files, and the underlying servers. In a cloud environment, the controls will be needed at all the components employed in the service-oriented architecture for hosting BI on the cloud. Hence, a BI environment (whether self-hosted or cloud-hosted) is expected to face significant security overheads. In this context, two models for securing BI on a cloud have been simulated in this paper. The first model is based on securing BI using a Unified Threat Management (UTM) cloud and the second model is based on distributed security controls embedded within the BI server arrays deployed throughout the Cloud. The simulation results revealed that the UTM model is expected to cause more overheads and bottlenecks per OLAP user than the distributed security model. However, the distributed security model is expected to pose administrative control effectiveness challenges than the UTM model. Based on the simulation results, it is recommended that BI security model on a Cloud should comprise of network, transport, session and presentation layers of security controls through UTM, and application layer security through the distributed security components. A mixed environment of both the models will ensure technical soundness of security controls, better security processes, clearly defined roles and accountabilities, and effectiveness of controls. © 2012 IEEE.

KW - Application layer security

KW - Business intelligence

KW - Cloud computing

KW - Component

KW - Data mart security

KW - Data warehouse security

KW - Distributed security controls

KW - OLAP security

KW - Object level security

KW - Online analytical processing

KW - Unified threat management

U2 - 10.1109/SOSE.2013.36

DO - 10.1109/SOSE.2013.36

M3 - Chapter

SN - 9780769549446

T3 - Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013

SP - 137

EP - 144

BT - Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013

ER -

Al-Aqrabi H, Liu L, Hill R, Ding Z, Antonopoulos N. Business intelligence security on the clouds: Challenges, solutions and future directions. In Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013. 2013. p. 137-144. (Proceedings - 2013 IEEE 7th International Symposium on Service-Oriented System Engineering, SOSE 2013). https://doi.org/10.1109/SOSE.2013.36