1.2.3. Data Marts:
Data marts are workgroup or departmental warehouses, which are small in size, typically 10-50GB. The data mart contains informational data that is departmentalized, tailored to the needs of the specific departmental work group. Data marts are less expensive and take less time for implementation with quick ROI. They are scaleable to full data warehouses and at times are summarized subsets of more detailed, pre-existing data warehouses.
1.2.4. Metadata/Information Catalogue:
Metadata describes the data that is contained in the data warehouse (e.g. Data elements and business-oriented description) as well as the source of that data and the transformations or derivations that may have been performed to create the data element.
1.2.5. Data Mining:
Data mining predict future trends and behaviours, allowing businesses to make proactive, knowledge driven decisions. Data mining is the process of analyzing business data in the data warehouse to find unknown patterns or rules of information that you can use to tailor business operations. For instance, data mining can find patterns in your data to answer questions like:
- what item purchased in a given transaction triggers the purchase of additional related items?
- how do purchasing patterns change with store location?
- what items tend to be purchased using credit cards, cash, or check?
- how would the typical customer likely to purchase these items be described?
- did the same customer purchase related items at another time?
- Implementation
The following components should be considered for a successful implementation of a Data Warehousing solution:
- Open Data Warehousing architecture with common interfaces for product integration
- Data Modelling with ability to model star-schema and multi-dimensionality
- Extraction and Transformation/propagation tools to load the data warehouse
- Data warehouse database server
- Analysis/end-user tools: OLAP/multidimensional analysis, Report and query
- Tools to manage information about the warehouse (Metadata)
- Tools to manage the Data Warehouse environment
Fig 1: Data Warehousing Architecture Model
1.4. Benefits
A well designed and implemented data warehouse can be used to:
- Understand business trends and make better forecasting decisions
- Bring better products to market in a more timely manner
- Analyze daily sales information and make quick decisions that can significantly affect your company's performance
Data warehousing can be a key differentiator in many different industries. At present, some of the most popular Data warehouse applications include:
- sales and marketing analysis across all industries
- inventory turn and product tracking in manufacturing
- category management, vendor analysis, and marketing program effectiveness analysis in retail
- profitable lane or driver risk analysis in transportation
- profitability analysis or risk assessment in banking
- claims analysis or fraud detection in insurance
2. Hackers and Cyber-criminals
2.1. Hacking
Hacking is quite simply the attempt to gain access to a company system without authorisation. Originally, the term hacker simply referred to an adept computer user, and gurus still use the term to refer to themselves in that original sense. But when breaking into computer systems (technically known as cracking) became popular, the media used the term ‘hacker’ to refer only to computer criminals, thus popularising only the negative connotation.
Hacking is illegal. Title 18, US Code, Section 1030, first enacted by Congress in 1984, criminalised hacking. The law specifically states that the perpetrator must ‘knowingly’ commit the crime-thereby requiring that at least some sort of notification that unauthorised access is illegal be posted or that some authentication hurdle be established in order to make the activity prosecutable.
According to the FBI, for a computer-related crime to become a federal crime the attacker must be shown to have caused at least $5,000 worth of damage. This is why spammers who access open relay mail servers get way with transmitting their floods of e-mail through other people’s mail servers without being prosecuted-they’re not doing enough financial damage to any one victim to really be prosecutable, and the SMTP servers are not performing authentication so there’s no reasonable expectation of security.
- Types of Hackers
Learning to hack takes an enormous amount of time, as does perpetrating actual acts hacking. Therefore, there are only 2 serious types of hackers: the unemployed and those hackers being paid by someone to hack. The word ‘hacker’ conjures up images of skinny teenage boys aglow in the phosphor of their monitors. Indeed this group makes up the largest portion of the teeming millions of hackers, but they are far from the most serious threat.
Hackers fall quite specifically into these categories, in order of increasing threat:
- Security experts
- Script kiddies
- Unemployed adults
- Ideological hackers
- Criminal hackers
- Corporate spies
- Disgruntled employees
- Vectors that Hackers exploit
There are only four ways for a hacker to access network, by:
- connecting over the internet
- using a computer on your network directly
- dialling in via a Remote Access Server (RAS)
- connecting via a non-secure wireless network
There are no other possible vectors and this small number of possible vectors defines the boundaries of the security problem quite well.
- Hacking techniques
Hacking attacks progress in a series of stages, using various tools and techniques. A hacking session consists of the following stages:
- DNS lookup
- Network address scanning
- Port scanning
- Service scanning
- SNMP data gathering
- Architecture probes
- Directory service lookups
- Sniffing
- Denial of service
- Floods
- Forged e-mails
- Automated password guessing
- Trojan horses
- Buffer overruns
- Source Routing
- Session Hijacking
- Man-in-the-middle attacks
The hacker will attempt to find out more about your network through each successive attack, so the stages above actually feedback into the process as more information is gathered from failed attacks.
3. Computer Security
3.1. What is Computer Security?
A computer security system protects buildings, terminals, printers, CPUs, cable, and other hardware, and software in an organization. A computer security system includes hardware, software, procedures, and personnel that collectively protect a computer system and keep intruders and hackers at bay.
Computer security is broken down into three important aspects:
-
A secret system must not allow information to be disclosed to any one who is not authorized to access it. In highly secure government agencies, secrecy ensures that only the users that are supposed to have access be given that access. In business organisations, confidentiality ensures the protection of private information, such as HR and corporate data.
-
Accuracy ensures the integrity of data resources within the organization. This means that the security system must not allow the data to be corrupted or allow any unauthorized changes to the corporate database. Database administrators must established comprehensive security systems for corporate database. Authorised users must be identified and they must be given the proper access codes. In financial institutions accuracy is probably the most important aspect of a security system.
-
Availability ensures that the efficient and effective operation of a computer system. A secure computer system must make information available to its authorized users. It should also ensure a quick recovery of the system to its normal operation in case of disaster. Availability is the baseline security need for all authorized users. If the system is not accessible to its authorised users, the secrecy and accuracy of the system cannot be properly assessed.
3.2. Computer threats
There is intentional computer threat which usually falls into one of the following:
-
Computer virus – It is the newest and most publicised computer threat. It is a series of self-propagating program codes that is triggered by a specified time or event within the computer system. Virus infections also can be infected through a network. Probably the most dangerous type of virus infection comes from a bulletin board.
-
Worm – is similar to a computer virus which travels like a worm from computer network to another computer or site. It does note erase data, but corrupts or copies itself to a full-blown version that eats up the entire computing resources. Eventually bringing the computer to a halt.
-
Trojan horse – is a program that contains codes intended to disrupt a computer system, that are usually hidden inside a popular useful program
-
Logic bomb – is a type of Trojan horse that is used to release a virus, a worm or some other destructive code. They are triggered at a certain point in time, or by an event or an action performed by users.
-
Trap door – or back door is a routine that is built into a system by its designer or programmer. It allows them to sneak back into the system to access software or specific program.
Other potential threats are:
-
Natural disasters – Hot and cold weather; earthquakes; floods; hurricanes; ice storms; ocean waves; severe dust; snow; and tornadoes.
-
Other disasters – Blackouts; fires; gas leaks; neighbourhood hazards; nuclear attacks; oil leaks; power failure; power fluctuations; radioactive fallout; and structural failure.
3.3. Security measures
In order to secure a computer operation is to generate a backup of each data resources. The backup files must be kept in location away from the computer room. A comprehensive security system should have the following:
3.3.1. Physical Security
-
Identification badges – are checked against a list of authorized personnel. Check must be done on regular basis so that any change in personnel is noted.
-
Proximity-release door openers – The proximity release door opener is an effective way to control access to the computer room. Access to the computer area is gained through the use of a small radio transmitter located in the authorized employees’ identification badges. When the authorized person comes to within a predetermined distance of the entry door, a radio signal sends a key number to the receiver, which opens the door for admittance.
-
Corner bolts – and steel bolts are inexpensive methods of securing a microcomputer to a desktop or counter. These devices are a combination of locks and cables. Steel bolts are used to secure micros to a heavy-duty locking plate, which is then bonded to an anchor pad that has adhesive on both sides. The pad is then adhered to a desk or counter.
-
Steel encasements – are designed to fit over the entire computer. The encasement is made of heavy-gauge welded steel. The encasement is kept locked and the security administrator or another designated person has control of the key.
-
Electronic trackers – are secured to the computer at the AC power insert point. If disconnected, a coded transmitter sends a message to an alarm, which sounds, and/or a camera, which is activated to record the disturbance.
-
Token – is a transmission device worn around the user’s neck. The device activates the computer only when a user wearing a token is seated in front of the screen.
-
Cable shielding – is accomplished by braiding layers of the conductors to form a braided shield. This scheme protects the data from electromagnetic emanations. This is done by either shielding or by using a conduit.
-
Room shielding – is done by spraying a conductive material in the computer room. This material reduces the number of signals being transmitted, or it completely confines the signals to the computer rooms.
3.3.2. Software Security
-
Passwords – Passwords are sets of numbers, characters, words, or combinations of these that must be entered into the system for access. Passwords are the most basic access controls, and their length and composition determines their vulnerability to discovery by unauthorized users. The human element, which plays a major role in the success of the password control, is one of the most notable weaknesses of the password security system.
-
Access codes – are the simplest form of access control, and the most basic security method is the missing-character code. Files and/or programs are listed in the directory incompletely. In order fro the user to access the data, he or she must fill in the missing character(s). The challenge is that the authorised user remembers the missing characters.
-
Terminal resource security – Terminal resource security is a software capability that erases the screen automatically and signs the user off after a predetermined length of inactivity. There are also programs that allow the users to access data only during certain time slots. Any attempts to access the systems other than during the predetermined times results in the denial of access.
-
Data encryption – data encryption transforms original information called plain text or clear text into transformed information, called cipher text or cipher, which usually has the appearance of random, non-readable data. The transformed information is called the cryptogram. The rules selected for encryption, known as the encryption algorithm, determine how simple or how complex the transformation process should be. (Hossein Bidgoli(1999), Handbook of Management Information Systems, Academic Press)
3.3.3. Firewalls
-
Packet-level firewalls – Analyze incoming and outgoing packets at the network and transport layers and filter them based on the source and destination IP addresses
-
Proxy firewalls – Establish the connection with the remote host, hiding and protecting individual computers on the network behind the firewall by acting on their behalf and making all packet-forwarding decisions.
-
Stateful inspection firewalls – Work at the network layer, tracking each connection traversing the firewall to make sure it is valid. By examining not just the header information but also the contents of a packet up through the application layer, the firewall can make filtering decisions based on context that has been established by prior packets. (Marty Jost and Michael Cobb(2002),IIS Security, The McGraw-Hill Companies.)
4. Conclusion
Data Warehousing provides the means to change raw data into information for making effective business decisions--the emphasis on information, not data. The data warehouse is the hub for decision support data. A good data warehouse will... provide the RIGHT data... to the RIGHT people... at the RIGHT time: RIGHT NOW! While data warehouse organizes data for business analysis, Internet has emerged as the standard for information sharing. So the future of data warehousing lies in their accessibility from the Internet. Successful implementation of a data warehouse requires a high-performance, scaleable combination of hardware and software which can integrate easily with existing systems, so customers can use data warehouses to improve their decision-making--and their competitive advantage. Therefore, in order for effective use of data warehousing, good security measures are to be implemented to protect the systems to protect data against various kinds of threats.
5. Bibliography
-
Marty Jost and Michael Cobb (2002),IIS Security, The McGraw-Hill Companies.
- Hossein Bidgoli(1999), Handbook of Management Information Systems, Academic Press
- Mattew Strebe (2002),Network Security Jumpstart, Sybex Inc
- Sid Adelman / Larissa Terpeluk Moss (2000), Data Warehouse Project Management, Pearson
- Arman Danesh / Ali Mehrassa / Felix Lau (2002), Safe and Secure: Secure you home network and protect your privacy online, Sams Publishing
- Eric Cole (2002), Hackers Beware, New Riders Publishing
