Data Warehouse and Data Mining
Data Warehouse – repository of information from heterogeneous databases that is available for users to make queries.
n Data is normalized and redundant data is removed.
n Data warehouse and mining can be applied to audit logs and other info to find system anomalies.
n Data mining: Objective is to find relationships that were unknown up until now among data in warehouse. Searching for correlations
n Metadata: Correlations or data about data
n Data mart: Metadata is not stored in data warehouse. Metadata usually stored in a separate system.
n Database system for developers
n Records all data structures used by an application
|Application Control Type||Accuracy||Security||Consistency|
|Preventative||Data Checks, custom screens, validity checks, contingency planning and backups||Firewalls, reference monitors, sensitivity labels, traffic padding, encryption, data classification, one-time passwords, separate test and development environments||Data Dictionary, programming standards, DBMS|
|Detective||Cyclic redundancy checks, structured walk throughs, hash totals, reasonableness checks||IDS, and audit trails||Comparison tools, relationship tests, reconciliation controls|
|Corrective||Backups, control reports, before and after imaging reports, checkpoint restarts||Emergency response, and reference monitor||Programs comments, database controls|
Service Level Agreements
n Guarantees the level and quality of service
n Metrics in SLAs
n Turn around times
n Average response times
n Number of on-line users
n System utilization rates
n System up times
n Volume of transactions
n Production problems
n Pose special challenges to security
n Security for distributed systems should include:
n Access control
n Intrusion detection
n Emergency response
n Audit trails
n Client/Server – is a type of distributed system
n Agent – surrogate program performs services on behalf of another
n Proxy – acts on behalf of principal but may hide the principal
n Applets – small applications in Java or C++, mobile code
n Applets can be downloaded from the web into a web browser. Applet can execute in the network browser
n Designed to run on constrained space
n Java is an object-oriented, distributed, interpreted (not compiled), architecture-neutral, multithreaded, general purpose programming language
n Thread – lightweight process
n Interpreted language executes one line at a time, run-time biding
n Compiled language is translated into machine code, binding at compile time
n Active X – can download mobile code in BASIC and C++
n Establishes trust between client and server with digital certificates
Malicious Mobile Code Defenses
Ie : Java and ActiveX code downloaded into a Web browser from the WWW.
n Configure firewall to screen applets
n Configure Web Browser to restrict or prevent applets
n Configure Web Browser to restrict or prevent applets from trusted servers
n Provide user awareness training on mobile code threats
Centralized is easier to protect than distributed.
Real Time Systems
n Operate by acquiring data from sensors and transducers in real time and make real time decisions
n Example: “Fly by wire” control of supersonic aircraft
n Availability is crucial
n Addressed through RAID – disk mirroring
n Fault Tolerant Systems – has to detect and take action to recover from faults
n Black-box testing observes the system external behavior.
n White-box testing is a detailed exam of a logical path, checking the possible conditions.
n Compiled code poses more risk than interpreted code because malicious code can be embedded in the compiled code and can be difficult to detect.
n Regression testing is the verification that what is being installed does not affect any portion of the application system already installed. It generally requires the support of automated process to repeat tests previously undertaken.
n Code comparison is normally used to identify the parts of the source code that have changed.
n Integration testing is aimed at finding bugs in the relationship and interfaces between pairs of components. It does not normally test all functions.
Unit testing is the testing of a piece of code. It will only detect errors in the piece of code being tested.