Data Management Technologies - PowerPoint PPT Presentation

Data management technologies
1 / 71

  • Uploaded on
  • Presentation posted in: General

Data Management Technologies. Ohm Sornil Department of Computer Science National Institute of Development Administration. Information Architecture. Web-Survey System. Survey Creation. Create New Questions. Create Question (Multi-choice). Multi-choice Question. Create Question (Matrix).

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Data Management Technologies

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Data management technologies

Data Management Technologies

Ohm Sornil

Department of Computer Science

National Institute of Development Administration

Information architecture

Information Architecture

Web survey system

Web-Survey System

Survey creation

Survey Creation

Create new questions

Create New Questions

Create question multi choice

Create Question (Multi-choice)

Multi choice question

Multi-choice Question

Create question matrix

Create Question (Matrix)

Matrix question

Matrix Question



  • is a structured collection of records or data that is stored in a computer so that a computer program can consult it to answer queries

  • The computer program used to manage and query a database is known as a database management system (DBMS).

Database design and e r diagram

Database Design and E-R Diagram

Data management technologies


  • It is the standard language for relational systems

  • Supports

    • Data definition


    • Data manipulation


Business intelligence bi

Business Intelligence (BI)

  • Make use of enterprise-wide data to enable strategic decision making

Data warehousing

Data Warehousing

  • A database

    • is designed and optimized) to record

    • Using complex SQL queries takes a lot of time on such a system

  • A data warehouse

    • is designed (and optimized) to respond to analysis questions that are critical for your business (i.e., read-optimized)

Data management technologies

E-R Diagram (DB Data Model)

Dimension Model (DW Data Model)

Data warehousing1

Data Warehousing

  • Separate from application databases ensure that business intelligence (BI) solution is scalable

  • Answer questions far more efficiently and frequently

    • Reduces the 'cost-per-analysis'

Data management technologies








Multi-Tiered Architecture

OLAP Server




Data mining




Data Sources

Data Storage

OLAP Engine

Front-End Tools

A data warehouse

A Data Warehouse

  • is a subject-oriented, integrated, time-variant, non-updatable collection of data used in support of management decision-making processes

    (W.H. Inmon, 1980)

Data warehouse implementation

Data Warehouse Implementation

  • Dimension modeling

  • Extraction

  • Transformation

  • Data Quality

  • Loading

Extraction transformation loading etl

Extraction, Transformation, Loading (ETL)

Extraction issues

Extraction Issues

Transformation issues

Transformation Issues

  • Format Revisions

  • Decoding of Fields

  • Calculated and Derived Values

  • Splitting of Single Fields

  • Merging of Information

  • Character Set Conversion

  • Conversion of Units of Measurements

  • Date/Time Conversion

  • Summarization

  • Key Restructuring

  • Deduplication

Loading issues

Loading Issues

  • Initial Load: populating all the data warehouse tables for the very first time

  • Incremental Load: applying ongoing changes as necessary in a periodic manner

  • Full Refresh: completely erasing the contents of one or more tables and reloading with fresh data (initial load is a refresh of all the tables)

Loading issues1

Loading Issues

(Paulraj Ponniah, 2001)

Data quality

Data Quality

  • Accuracy

  • Domain Integrity

  • Consistency

  • Redundancy

  • Conformance to Business Rules

  • Structural Definiteness

  • Data Anomaly

  • Clarity

  • Timely

  • Usefulness

Data management technologies


  • Is a category of software technology that enables analysts, managers and executives to gain insight into data through fast, consistent, interactive access in a wide variety of possible views of information that has been transformed from raw data to reflect the real dimensionality of the enterprise as understood by the user

(The OLAP council)

Multidimensional concept

Multidimensional Concept

A multidimensional view

A Multidimensional View

Olap tool


Olap tool1


Thought process and olap

Thought Process and OLAP

Another olap session

Another OLAP Session

Computer security

Computer Security

  • Processes and technologies that ensure confidentiality, integrity, and availability (CIA) of information-system assets

  • Assets

    • Hardware, software, firmware, and information being processed, stored, and communicated

How are computers and networks attacked

How Are Computers and Networks Attacked?

  • Take advantages of vulnerabilities inside operating systems, applications, protocols, communication channels, and human

Motivations of attackers

Motivations of Attackers

  • Money

  • Entertainment

  • Entrance to social groups/status

  • Cause/malice

Source: Kilger M., Arkin O. and Stutzman J., Profiling. In The honeynet project know your

enemy: learning about security threats (second edition). Boston: Addison, 2004.

Internal security attacks

Internal Security Attacks

  • Far greater cost per occurrence and total potential cost than attacks from outside

  • Employees, ex-employees, contractors and business partners

  • Trust and physical access

  • Motives

    • Challenge/curiosity

    • Revenge

    • Financial gain

Source: Kristin Gallina Lovejoy (April 2006)

Common internal attacks

Common Internal Attacks

  • Sabotage of information or systems

  • Theft of information or computing assets

  • Introduction of bad code: time bombs or logic bombs

  • Viruses

  • Installation of unauthorized software or hardware

  • Manipulation of protocol design flaws

  • Manipulation of operating system design flaws

  • Social engineering

Source: Kristin Gallina Lovejoy (April 2006)

Attacking phases

Attacking Phases

Ipp printer overflow attack

IPP Printer Overflow Attack

Ipp printer overflow attack1

IPP Printer Overflow Attack

Ipp printer overflow attack2

IPP Printer Overflow Attack

Malicious programs

Malicious Programs

Virus structure

Virus Structure

Compression viruses

Compression Viruses

Data management technologies

Inherent Technology Weaknesses

  • Many of these problems can be traced back to weaknesses in the technology

  • Hackers have exploited many vulnerabilities found in network protocols

    • For example (TCP/IP)

      • Inability to verify the identity of communicating parties

      • Inability to protect the privacy of data on a network

  • Some products also have inherent security weaknesses (because not all product developers make security a design priority)

Configuration weaknesses

Configuration Weaknesses

  • Insecure user accounts (such as guest logins or expired user accounts)

  • System accounts with widely known default, unchanged passwords

  • Misconfigured Internet services

  • Insecure default settings within products

Data management technologies

Policy Weaknesses

  • Policy is a set of rules by which we operate computer systems

  • Generally include

    • Physical access controls

    • Logical access controls

    • Security administration

    • Security monitoring and audit

    • Software and hardware change management

    • Disaster recovery and backup

    • Business continuity

  • No single solution should be viewed as providing all the protection you need

Goals of computer security

Goals of Computer Security

  • Confidentiality

  • Integrity

  • Availability

  • Two additional requirements from electronic commerce

    • Authentication

    • Nonrepudiation

Planning for security

Planning for Security

  • Security is more about process than technology

  • Chief Security Officer (CSO)

  • Plan-Protect-Respond (PPR) cycle

Security planning

Security Planning

  • Risk Analysis

  • Establish policies considering

    • Risk analysis

    • Corporate business goals

    • Corporate technology strategy

  • Actions

    • Selecting technology

    • Procedures to make technology effective

Risk assessment

Risk Assessment

Operational model of computer security

Operational Model of Computer Security

Protection = Prevention + (Detection + Response)


  • Backups

  • Incident response Teams

  • Computer forensics


  • Access control

  • Firewalls

  • Encryption


  • Audit logs

  • Intrusion Detection Systems

  • Honeypots

Layered security

Layered Security

Physical Security

Access cards, biometric authentication

Network Security

Firewall (Prevention)

Network Security

Intrusion Detection Systems (Detection)

Host Security

Access Controls

Host Security

Audit Logs (Detection)

Common network architecture

Common Network Architecture

Public key infrastructure pki

Public Key Infrastructure (PKI)

  • Data Encryption

  • Digital Signature

  • Certificate Authority

Digital signature

Digital Signature

Intrusion detection system premise

Intrusion Detection System Premise



  • Planning for response

  • Incident detection and determination

    • Procedures for reporting suspicious situations

    • Determination that an attack really is occurring

    • Description of the attack

  • Containment and recovery

    • Containment: stop the attack

    • Repair the damage

  • Punishment

    • Forensics

    • Prosecution

  • Fixing the vulnerability that allowed the attack

Business continuity planning

Business Continuity Planning

Trends of security attacks

Trends of Security Attacks

  • Scott Berinato in CIO magazine

    • “today's sloppiness will become tomorrow's chaos”

    • In 2010 alone, 100,000 new software vulnerabilities

    • Incidents worldwide will swell to about 400,000 a year

    • Another half-a-billion users are connected to the Internet.

    • A few of them will be bad guys, and they'll be able to pick and choose which of those 2 million bugs they feel like exploiting.

  • Stallings [2005]

    • More sophisticated attacks while less knowledge required

  • Panko [2004]

    • Growing attack frequency

    • Growing randomness in victim selection

    • Growing malevolence

    • Growing attack automation

Trends of security mechanisms

Trends of Security Mechanisms

  • Integrates solutions

  • Intelligent mechanisms

  • Outsourcing security services

Managed security service provider mssp

Managed Security Service Provider (MSSP)




Encrypted &


Log Data

MSSP Logging







Log File


Small Number of Alerts

Security Manager

Thailand s security weaknesses

Thailand’s Security Weaknesses

  • Budgeting

  • Management supports

  • Low awareness of potential danger

  • Laws and enforcements

  • Human competency development

  • Limited number of security research projects

  • Security curriculum

Source: A Brain Storming Session on ICT Security Planning, Ministry of ICT, May 8, 2006.

Thailand s ict security plan

Thailand’s ICT Security Plan


  • Information security policy

  • National PKI management

  • Cryptographic technology development

  • Advanced system and network security technology development

  • Information security technology standardization

  • Standards for government agency security

  • IT security product evaluation

  • Response to hacking and virus attacks

  • Security consulting service for critical information infrastructure

  • Manpower capacity building

  • Game online management

  • Login