Security Testing In Business Intelligence Tools. Aswathi Mohanan Abhishek Nagar Infosys Limited (NASDAQ: INFY). Abstract.
Security Testing In Business Intelligence Tools
Infosys Limited (NASDAQ: INFY)
In IT world ,we deal with the transactions and to secure those transactions we bring in SECURITY TESTING. Basically , security testing can be termed as a test process done to ensure that information is secured and is available only to the intended recipient .
Security at the application level is necessary because the data comes in request messages for which the network security systems are not enough . Therefore ,security at the application level is important. Now a days media is reporting security breaches regularly on the internet. when most of the records are now in electronic form rather than in books, records etc resulted in increased the data security risks in web and Applications.
Confidential information like bank facts, health records, credit card details need to protected as utmost in a business/firm for a high-quality customer relationship. Here security Testing serves as a well-built lock to the end user’s business entities .
1.Objectives of the session
3.Expectation from Audience
Basic security Requirement Hierarchy constitutes the following components
Data security Requirements
Damages incurred due to several malicious injections/Security breach happened are depicted below.
These types of damages a are more vulnerable to areas like 1. BI Tools
2. User Interface Applications
3 . Communications
Most security issues and their risk accumulation on various segments are demonstrated below(self data analysis):
security Risks (X-Coordinates) and Areas of vulnerability (Y- Coordinates)
BI Tool contains data/information from different line of businesses ,so the processed data protection is a obligation to all end users. User Injection attacks plays a vital role in processed data security breach. Variety of Input Injections are listed below.
The Business Intelligence tools are of paramount importance when related to an organization’s decision making .Each and every tool comes with user interaction forms in which user provides inputs. A single false input may lead to false data generation , disclosure of sensitive information or any other security breach .In other words , it exposes security vulnerability if the input is not correct . Hence as long as an organization uses BI tool input validation is unavoidable .In the coming era , use of these tools is going to be augmented to a very huge extent which may lead to greater complexities therefore the concept of security testing in data warehouse(BI tools) should be given utmost importance.
Security Testing in data warehouse is a necessity in the present era of Information Technology . It is even applicable to small data marts and very useful when seen in the context of data mining. In the end, we conclude stating that User Input validation is advantageous than fuzz testing .It covers both the valid and invalid scenarios whereas fuzz testing tests the tool behaviour to the negative scenarios. As stated earlier ,transactions are electronic now a days hence, to ensure that the data remains consistent and should not reach to any wrong hands ; SECURITY TESTING is necessary