1 DSARCH USAGE Dataset Archiving Utility Usage By Zaihua Ji.
3LG SecureTech 1 Agenda 3LG SecureTech Overview Introduction The SecureTech Technology Mission Data...
-
Upload
bilal-elin -
Category
Documents
-
view
214 -
download
0
Transcript of 3LG SecureTech 1 Agenda 3LG SecureTech Overview Introduction The SecureTech Technology Mission Data...
3LG SecureTech1
Agenda3LG SecureTech Overview
• Introduction• The SecureTech Technology Mission• Data Usage Models• SecureTech Database Engineering Solution• Business Use Case• SecureTech Database Demonstration
Copyright SecureTech2, Inc., 2011
3LG SecureTech2
Vision3LG SecureTech Overview
Copyright SecureTech2, Inc., 2011
world’s most
Secure
Smallest
Fastest
Database for laptop or desktop
SecureTech
3LG SecureTech3
Existing Data Usage Market
data
data
data
data
Users:
business analysts
executives
managers
The industry has focused on a centralized model where the data
is aggregated from operational databases into a powerful and
expensive analytic server that is shared by all users over the
internet.
IBM
ORACLE
HP
Big Data
Hadoop
Analytic appliances
Specialized server configurations
Specialized database types
3LG SecureTech Overview
Copyright SecureTech2, Inc., 2011
3LG SecureTech4
SecureTech End Point User Model
data
data
data
data
Users:
business analysts
executives
managers
SecureTech does it differently. It aggregates the data on a standard server and
then delivers data to the user’s desktop/laptop/ipad directly. Only the
Data the individual user needs. The user executes database functions
on their own, end point machine without the interference, delays, and
performance problems of a shared model.
SecureTech B No specialized hardware or software
data
data
data
3LG SecureTech Overview
Copyright SecureTech2, Inc., 2011
3LG SecureTech5
Problems with Solution Models
Problem Big Data End Point
Data Availability
due to loading periods X solved
due to network problems X solved
Performance bottlenecks
due to complex queries X solved
due to congestion X solved
Data security solved
Auditing user access X solved
Data exposure through end user replication X solved
3LG SecureTech Overview
Copyright SecureTech2, Inc., 2011
3LG SecureTech
SecureTech Architecture
Query Clients Query Clients
Before SecureTech With SecureTech
Query ServersAnd Data Marts
Database Server orData Warehouse
DB Loader/Compressor
3LG SecureTech
Why SecureTech is Unique
• Most Secure Database for the PCo Securityo Size/Compression o Speed/Compressiono Encryptiono Audito Destruction
3LG SecureTech
Most Secure Database for the PC
Security
Size/ Compression
Speed/ Compression
Patented database compression renders data storage unintelligible – read-only compressed database is additionally encrypted for most secure desktop database – more secure than transaction architecture databases
Individual data columns compressed 6 – 20 times based on their data structures and cardinality
Don’t assume this is really the same for all solutions – yes, the performance “tradeoff “ is still there for the databases you own today – But there is no tradeoff with the patented SecureTech solution
3LG SecureTech
Most Secure Database for the PC
Encryption
Audit
Self-Destruction
With SecureTech database compression maximizes cipher strength protection for secured data sharing and transit
Automates data compliance reporting of Who, When and How your data is being used
Automatically enforced and non-recoverable is most cost effective method to assure compliance for data destruction and eliminate risks inherent in data sharing
3LG SecureTech
Security Patented SecureTech Database compression using
proprietary compression techniques renders data storage unintelligible (obfuscation)
Compressed database is then encrypted to DoD 256 AES standards
SecureTech Database remains fully compressed and encrypted before, during and after use
No database backdoor or API’s to eliminate hacker threats
Providing a distributed read-only, compressed, encrypted copy of database means the source database security controls can be further tightened eliminating inbound database access activity for queries and reporting
SecureTech Database more secure than transaction architecture databases
3LG SecureTech
Size/Compression
Most efficient data compression algorithms automatically applied to each data column
Data footprint 6-20+ times smaller than source DB
Queries resolve without data decompression
Patented algorithms balance compression with query performance to optimize query response time
3LG SecureTech
Speed/Compression
Don’t assume database speed/compression is really the same for all solutions – yes, the performance “tradeoff “ is still there for the databases you own today
But there is no tradeoff with the patented SecureTech solution No tradeoff required between what data to encrypt for maximum protection versus not encrypting data for optimal query performance reasons.
All data remains encrypted in SecureTech’s
high performance database.
3LG SecureTech
Encryption with Database Compression
Encryption with SecureTech database compression maximizes cipher strength protection for secured data sharing and transit.
Most effective protection against all types of data security breach from simple everyday human error in the caretaking of data assets to serious attempts at unauthorized data access.
No tradeoff required between what data to encrypt for maximum protection versus not encrypting data for optimal query performance reasons.
All data remains both encrypted and compressed in SecureTech’s high performance database.
3LG SecureTech
AuditAutomates data compliance reporting of Who, When and
How your data is being used.
SecureTech Audit solution addresses the compliance gap between existing database security controls and business requirements for data sharing.
Enables automatic tracking and reporting of usage activity
from a secured SecureTech Audit database administered at SecureTech Server.
Audit Database serves as history archive to support ongoing
data security analysis and compliance reporting needs. Audit reports can be generated with SQL compliant reporting
tools.
3LG SecureTech
Automated DestructionAutomated Database Self-Destruction is most
cost effective method to assure data destruction compliance and eliminate risks inherent in data sharing.
Enforces DoD standards for data destruction no matter Where the data is
Automated compliance for scheduled data retirement
Patented heartbeat authentication and poison dart data destruction automatically protects against loss or theft.
3LG SecureTech
Front-end/Back-end AgnosticIT Environment “Upgrade” costs of software, hardware
and/or user education typically accompany any new solution.
But not with SecureTech Technology : o Authorized data consumers continue to access their
data through the PC tools and interfaces they are trained and comfortable with.
o Security and database administrators now have better control over the data ownership and usage without additional administration overhead.
o SecureTech solution addresses the compliance gap between existing database security controls and data sharing business requirements.
3LG SecureTech17
SecureTech Analytic Database Engine Read-only Engine
Runs on user Windows PC desktop, laptop
Data Compression of 6-20 times
High Performance ODBC SQL processing of 15-40 times faster
Database image built and managed by server
Data is always encrypted
Data security features• Auto destruction after specified number of days• Can require ping to open• User ID/password separate from OS user
Data access auditing features• All SQL audited• Audit trail transmitted back to administrator
3LG SecureTech Overview
Copyright SecureTech2, Inc., 2011
3LG SecureTech
Automatic updatesfor desktops/laptops
SecureTech Architectural Overview
DatabaseUpdates
CompressedRead Only DB
TraditionalDBMS
DataWarehouse
ERP
Log Files
Flat Files
TraditionalDBMS
DataWarehouse
ERP
Log Files
Flat Files
Automatic downloadto Windows PC desktop/laptops
SecureTech Administrator(Security, XML, DB Tools)
SecureTech Loader
SecureTechCompressor
CompressedRead Only DB
CompressedUpdate
CompressedUpdate
SecureTechIncrementManager
Query SecureTech with standard PC query tools:Business Objects, Crystal Reports, SQL application, SAS, Cognos, etc.
SecureTech
3LG SecureTech19
Large Data Breaches
Copyright SecureTech2, Inc., 2011
Health Care ProviderState Patients Affected Type of Breach Date
TRICARE Virginia 4,901,432 Loss of backup tapes Sept. 13, 2011
Health Net, Inc. California 1,900,000 Unknown Jan. 21, 2011
North Bronx Healthcare Network
New York 1,700,000 Electronic medical record theft Dec. 23, 2010
AvMed, Inc. Florida 1,220,000 Laptop theft Dec. 10, 2009
The Nemours Foundation
Florida 1,055,489 Loss of backup tapes Aug. 10, 2011
Blue Cross Blue Shield of Tennessee
Tennessee 1,023,209 Hard drive theft Oct. 2, 2009
Sutter Medical Foundation
California 943,434 Desktop computer theft Oct. 15, 2011
South Shore HospitalMassachusetts
800,000 Loss of portable electronic device Feb. 26, 2010
Utah Department of Health
Utah 780,000 Hacking March 10, 2012 to April 2, 2012
Eisenhower Medical Center
California 514,330 Computer theft 11-Mar-11
Source: U.S. Department of Health and Human Services.
Federal law requires health care providers report data breaches affecting 500+ patients
Automated Data Destruction
3LG SecureTech20
FEDERAL COMPLIANCE for Secure Data Eradication
Copyright SecureTech2, Inc., 2011
Regulations Aimed at Data Privacy and Protection Require
Secure Data Audit Database Usage Documented Disposal of Data:
Industry Regulations
o Health Insurance Portability and Accountability Act (HIPAA) o Sarbanes-Oxley Act (corporate reporting and auditing practices) o Gramm-Leach-Bliley Act (Financial Services Modernization Act) o Fair Credit Reporting Act (Credit Reporting Industry) o USA Patriot Act (Bank Security Act) o Homeland Security Information Sharing Act (Federal agencies security
information) o D.O.D. (Department of Defense) standards
Audit
3LG SecureTech
DHS Applications using SecureTech Technology
• Remote or Local based access to critical data during disaster
• Large amounts of multiple sourced data resident on a desktop or laptop for improved visibility and access speed ( responsiveness )
• Historical/Archival Applications (database compression)
– Historical Data– Statistical Results– Industry Compliance
• Enhanced Disaster Recovery (database compression/access via desktop/laptop)
3LG SecureTech
White House Hurricane Katrina " Lessons Learned " Report
SecureTech Database capability addresses many of the report's 125 recommendations. For example:
• LL#7 and #8 : Rapidly establish self-sufficient, initial Joint Field Office ( e.g., we can compress large data bases on Laptops with Incident Management Teams )
• LL#21: Develop a national inventory of Federal capabilities and resources (e.g., we can get responses to random queries from Desk Tops and Laptops up to 20 times faster than any other system available today )
• LL#101: Integrate regional partnerships and resource databases with national databases and response capabilities to give incident commanders full visibility of supply and volunteer sources.
3LG SecureTech
• Increased Velocity– Working with current Databases and BI tools, SecureTech can deliver up
to 20 times faster answers to complex inventory, stock positioning and commodity questions
• Increased Visibility– SecureTech can deliver datamarts and access/query capabilities, up to
now, only available through a central server, to desktop or laptop users down to 1/20th its original size with required data security
• Avoid expensive system upgrades to accommodate rising query volumes
• Facilitate increased self service and greater productivity to avoid increasing IT support staff
• Decrease data footprint size for historical information
• Reduce database administration for query databases
• Reduce the number of [Read-only] DB servers
Value to FEMA
3LG SecureTech
Telecom Mfg. Sales/Field Use Case1. Personalized laptop dashboards enabling field
personnel an integrated 3600 view of all data supporting Business Intelligence in or out of the office. Data security, data access and distribution are KEY performance and controls objectives
Business Problem SecureTech Solution
Field personnel wait till back in office to run reports competing with 1000’s accessing same database at once straining IT resources and delaying field productivity
Secure, read-only, high performance SecureTech database provides laptop ready field access to all data using standard report tools
Field personnel have a dozen login ID’s and application interfaces to access data in 12 separate silo’ed database systems
Personalized SecureTech database provides single integrated view of all data entitled to use from multiple databases
Objective:
3LG SecureTech
Telecom Mfg. Sales/Field Use Case
Business Problem SecureTech Solution
Sales field resort to copying reports on laptop – but always out-of-date beyond daily activity.
Reports and spreadsheets are refreshed automatically for SecureTech database updates pushed to laptop automatically
Availability of business intelligence in or out of office is still limited by network downtimes, database administration, schedules and performance bottlenecks
Business Intelligence reporting is available anytime, anywhere – Not dependent on internet access or network or database performance.
100’s of CRM apps serve 1000’s of employees – costly IT maintenance delivering variable information quality across the enterprise
Personalized SecureTech database delivered to each user laptop using standard BI applications familiar to the employee – no training required. No software/hardware upgrades required to deploy SecureTech databases.
3LG SecureTech
Telecom Mfg. Sales/Field Use Case
Business Problem SecureTech Solution
.Data security incidents include lost data, unauthorized access attempts and database security maintenance lagging changes to employee jobs and responsibilities
Database is secure, encrypted and tamper proof for Compliance. SecureTech database expiration/refresh controls ensures only current authorized data is available to users.
Field Organization of 1000’s of employees leads to incidents of lost laptops, unauthorized access attempts, and exposures of unsecured computer files – a security headache for both IT and Corporate Compliance
SecureTech remote database Lock/Wipe capability ensures only authorized, up-to-date data available on laptop for each user.
Heartbeat/Poison dart capability can destroy remote laptop database without possibility of circumvention
3LG SecureTech27
SecureTech DEMO3LG SecureTech Overview
Copyright SecureTech2, Inc., 2011
3LG SecureTech28
POC Report Timings
Copyright SecureTech2, Inc., 2011
Reporting Tool Database TYPE Report display while connecting to Server
Report display while connecting to SEAD db
Query performance when running directly on SERVER DB
Query performance while running directly on SEAD db
BO SQL SERVER DWH 15 min 2 sec 2 min 8 sec 2 min 10 sec 1min 29 sec
BO SQL SERVER OLTP 22 min 45 sec 4 min 8 sec 9 min 21 sec 3min 17 sec
BO SYBASE DWH 10 sec 2 sec 2 sec .5 sec
BO SYBASE OLTP 7 min 2 sec 3 min 58 sec 20 min 40 sec 42 sec
Microstrategy SQL SERVER DWH 1 min 49 sec 2 min 28 sec 1 min 9 sec 59 sec
Microstrategy SQL SERVER OLTP 52 sec 1 min 51 sec 1 min 1 sec 1 min 11 sec
Microstrategy SYBASE DWH 16 sec 6 sec 55 sec 3 sec
Microstrategy SYBASE OLTP 2 mins 5 secs 1 min 47 sec 59 Sec 38 sec
Hyperion SQL SERVER DWH 26 sec 39 sec 20 sec 32 sec
Hyperion SQL SERVER OLTP 8 min 50 sec 3 min 43 sec 8 min 5 sec 3 min 12 sec
Hyperion SYBASE DWH 2 sec 1 sec 1 sec 2 sec
Hyperion SYBASE OLTP 6 min 47 sec 4 min 50 sec 4 min 8 sec 19mins 58 sec
BIRT SQL SERVER DWH 9 mins 4 sec 9 mins 5 sec 32 sec 20 sec
BIRT SQL SERVER OLTP 9 mins 35 sec 10 mins 25 sec 4 mins 1 sec 5 mins 22 sec
BIRT SYBASE DWH 9 sec 21 sec 2.59 sec 3 sec
BIRT SYBASE OLTP 12 mins 35 sec 11 mins 54 sec 3 mins 25 sec 4 mins 14 sec
3LG SecureTech
• October 2013 Reported Cyber Security Breach
– Attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders
– Hackers had also stolen part of the source code to Photoshop editing software that is widely used by professional photographers.
– Investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users.
– A file containing 150 million usernames and hashed passwords has thought to have appeared online on a cybercriminal site, according to Krebs on Security blog
ADOBE SYSTEMS