Secure Business Intelligence

Enterprise organizations have relied on correct data in business intelligence visualization and analytics for years. Before the adoption of the cloud, most data visualizations were executed and displayed inside enterprise applications. As application architectures have moved to the cloud, many cloud services now provide business intelligence functionality. The services are delivered in a way that is more accessible for end users using web browsers, mobile devices, data feeds, and email attachments. Unfortunately, along with all the benefits of the cloud business intelligence services comes complexity. The complexity can lead to slow response times, errors, data leakage, and integrity issues. An information technology department or service provider must get ahead of the problems by automating the execution of reports to know when availability or integrity issues exist and dealing with those issues before they turn into end-user trouble tickets. The development of the business intelligence code must also include tools to express the privacy requirements of the data exposed in the report or document. In this paper, we present two tools we developed to help guarantee the confidentiality, integrity, and availability of business intelligence. The first tool is our client-side correctness programming language that allows execution against many cloud documents and business intelligence services. The secBIML language enables issues to be proactively discovered before the end-users experience the problems. The other tool in our work is a server-side programming language that allows the creation of reports and business documents. The secBIrpts language enables an organization to express their privacy requirements utilizing a hierarchical security model.