Upload
matthieu-schapranow
View
454
Download
3
Tags:
Embed Size (px)
DESCRIPTION
Invited talk at Bayer BI Info Days, May 24, in Collogne.
Citation preview
Supply Chain Intelligence in Real-time
BI Info Days, Bayer Business Services May 24, 2012
Matthieu-P. Schapranow Hasso Plattner Institute
Chair of Prof. Hasso Plattner
Agenda
■ Requirements of EPCglobal Networks
■ In-memory Building Blocks
■ Real-time Tracking and Tracing
■ Security Extensions for Reliable Exchange of Event Data
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
2
European Pharmaceutical Industry Manufacturing
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
3
European Pharmaceutical Industry Counterfeits
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
4
European Pharmaceutical Industry Motivation
■ Increasing counterfeit rates in pharmaceutical industry
■ 34 million fake drugs in only two months in Europe
■ Pharmaceuticals: 3rd place / 10% of all intercepted articles
■ Related work proposes Radio Frequency Identification (RFID) technology or data matrix for anti-counterfeiting
□ RFID enables fine-grained tracking and tracing of each item
□ Problem: Low-cost tags do not provide security mechanisms
■ EU: “Privacy by design”
■ BSI: “Minimize the use of personal data”
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
5
European Pharmaceutical Industry Components for Anti-counterfeiting
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
■ Anti-counterfeiting service provider validates authenticity of concrete item for customers, e.g. in a pharmacy
■ EPC Discovery Service (EPCDS) supports identification of appropriate Electronic Product Code Information Services (EPCIS) repository
■ EPCIS repository contains all event data for handled products of a certain supply chain partner
RFID-enabled Company
Supply ChainParticipant
Middleware
EPCISEPCIS
Repository
ReaderReader tagTag
Anti-Counterfeiting
Service Provider
R
R
R
R
DiscoveryService
6
In-memory Building Blocks
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
7 Any attribute as index
Insert only for time travel
Combined column and row store
+
No aggregate tables
Minimal projections
Partitioning
Analytics on historical data t
Single and multi-tenancy
SQL interface on columns & rows
SQL
Reduction of layers
xx
Lightweight Compression
Multi-core/ parallelization
On-the-fly extensibility
+ + +
Active/passive data store PA
Bulk load
Discovery Service
Read Event Repositories
Verification Services
SAP HANA
● ●
P A
up to 8.000 read event notifications
per second
up to 2.000 requests
per second
Discovery Service
Read Event Repositories
Verification Services
SAP HANA
● ●
P A
up to 8.000 read event notifications
per second
up to 2.000 requests
per second
+ + + +
T Text Retrieval and Extraction
Object to relational mapping
Dynamic multi-threading within nodes
Map reduce
No disk Group Key
Real-time Tracking and Tracing In-Memory EPCDS
■ First EPCDS based on in-memory technology
■ Stores references to read events in distributed EPCIS repositories
■ Analyzes routes of products in real-time
■ Enables detection of counterfeits, e.g. at the checkout of the pharmacy
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
8
Real-time Tracking and Tracing Architecture
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
9
Up to 50.000 records/s
Passive event data is transfered from main memory to SSDs for data retention
10 TB raw event data compressed to 600 GB (17:1)
Bulk Loading
Compression
Active vs. Passive Store
Discovery Service
Read Event Repositories
Verification Services
SAP HANA● ●
up to 8,000 read event notifications
per second
up to 2,000 requests
per second
Discovery Service
Read Event Repositories
Verification Services
SAP HANA● ●
P A
up to 8.000 read event notifications
per second
up to 2.000 requests
per second
Discovery Service
Read Event Repositories
Verification Services
SAP HANA● ●
P A
up to 8.000 read event notifications
per second
up to 2.000 requests
per second
P A
HANA
Security Extensions Definitions
■ Specific security definitions for EPCglobal networks are missing
■ IT Security := {confidentiality, integrity, availability} [4]
■ Confidentiality := prevent unauthorized reading of event data
■ Integrity := protect event data from being manipulated
■ Availability := provide access only to authorized parties
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
10
IT Security Confidentiality
Integrity
Availability
Security Extensions Access Control
■ Problem: Granularity of protection, e.g. event- vs. attribute-level
■ Hypotheses:
□ History-based access control while keeping the entire request history is feasible
□ Validation of access rights is possible in real-time, i.e. <2s
□ Real-time access control stops access to data immediately once data leakage was detected
□ Bivalent vs. continuous control of access
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
11
Security Extensions Attack Scenarios
■ Inside the Supply Chain: controllable by supply chain participants
■ Outside the Supply Chain: vulnerable environment
■ Transition Zone: customer’s risk
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
12 Inside the Supply Chain
Outside the Supply Chain
TransitionZone
Manufacturer Wholesaler Retailer
Customer
Counterfeiter Attacker
Competitor
SupplierSupplier
Security Extensions Continuous Control of Access
■ Access is controlled on inquirer basis
■ Event data is transparently filtered
■ Existing applications can consume data without modifications, e.g. FOSSTRAK query client
■ Builds on in-memory ported FOSSTRAK architecture
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
13
Security Extensions Architecture
■ Access Control Server (ACS):
□ Logs inquirer and their associated queries
□ Analyzes query history,
□ Retrieves event data from EPCIS repository, and
□ Derives inquirer-specific access rights
■ Access Control Client (ACC):
□ Guarantees integrity of exchange data
□ Filters event data and enforces access rights from ACS
■ Trust Relationship Server (TRS):
□ Store penalty for bad business behavior
□ Provides initial scoring for unknown inquirers Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
14 Internet
Inquirer A
EventRepository
EPCIS ofSupply Chain
Party B
R
TRS
ACSR
R
ACC
R
Security Extensions Authentication
■ Public Key Infrastructure (PKI) is feasible to handle authentication requirement for pharmaceutical supply chains
■ Unique X.509 certificates of a trusted Certificate Authority (CA) per inquirer enable identification of inquirers and attack paths
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
15
CA
ACC ofInquirer A
ACS ofManufacturer B
X.509 Cert A:Issuer: CN=HBAC-CA,Subject: CN=Inquirer A,Subject Public Key Info,
Validity
X.509 Cert B:Issuer: CN=HBAC-CA,
Subject: CN=Manufacturer B,Subject Public Key Info,
Validity
CRL
X.509 Cert CA:X509v3 Basic Constraints: CA:TRUE,
Issuer: CN=HBAC-CA,Subject: CN=HBAC-CA,Subject Public Key Info,
Validity
R
R
SSL
Security Extensions History-based Access Control (HBAC)
■ Role-based Access Control (RBAC):
□ Inquirers are assigned to roles
□ Allowed actions are assigned to roles instead of individual inquirers
■ Rule-based Access Control (RuBAC):
□ Rules consist of predicates
□ Predicates can be obtained from various sensors, e.g. IP address, time, location, etc.
■ HBAC
□ Combines RBAC and RuBAC
□ Enables continuous control [declined, granted] instead of bivalent {declined, granted}
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
16
RBAC RuBAC
ROLE RULE
**
USER
groups
*
*
* *
IDENTITY
belongs to
*
assigned to
KEY
used for enc.
*
consists of
*
*
ACL
performs
1
linked to
HISTORY
consists of
*REQUEST
*
1
assigned to
*
*
*1
Security Extensions Trust Relationship Server
■ Local Scoring Engine: Contains rules for calculating specific trust score based on input from inquirer data
■ Global Scoring Engine: List of known TRSs to retrieve initial trust information about unknown inquirers
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
17
Known Business PartnerTRS
Manufacturer BTRS
Internet
Inquirer A
R LocalScoringEngine
ACS
ACC
R
Internet
RGlobalScoringEngine
GlobalScoringEngine
LocalScoringEngine
List of TRSsInquirer Data,TRS Rules
AuthorizedTRSs
BehavioralInquirer Data
R
Security Extensions In-memory Building Blocks
■ Combined Column and Row Store as foundation for Insert-Only and Partitioning
■ Insert-Only to keep complete query history
■ Lightweight Compression to reduce storage requirements and improve hardware usage
■ Partitioning as scalability factor and for aging
■ Multi-core/Parallelization to met response time requirements
■ Active/Passive Data Store to enable data retention management
■ Reduction of Layers to improve maintainability
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
18
Thank you for your interest! Keep in contact with us.
Real-time Sec. Ext. for EPCglobal Networks, Bayer BI Info Days, M. Schapranow, May 24, 2012
19
Hasso Plattner Institute Enterprise Platform & Integration Concepts
Matthieu-P. Schapranow August-Bebel-Str. 88
14482 Potsdam, Germany
Matthieu-P. Schapranow, M.Sc. [email protected]
http://j.mp/schapranow