Account-centric view A physical or virtual representation of customer information that is limited only to the data affiliated with a particular customer account.
AJAX (Asynchronous JavaScript and XML) A web development technique for creating interactive web applications.
Authentication A process designed to verify that an individual or a party are who they claim they are.
Authorization A process of determining what information and computing resources the authenticated party is allowed to access.
Business rule A statement that defines or constrains some aspect of the business. It is intended to assert business structure or to control or influence the behavior of the business.
Business Rules Engine (BRE) A software application or a system that is designed to manage and enforce business rules based on a specified stimulus, for example, an event such as a change of an attribute value. Business Rules Engines are usually architected as pluggable software components that separate the business rules from the application code.
Coexistence-style Hub The hub style that combines features of the Registry Hub and the Transaction Hub. For some data attributes the Coexistence Hub maintains the system of record data; some other data attributes are managed by the metadata that points to data attributes in external systems.
Compliance risk Risk resulting from having inaccurate or untimely data related to consumer compliance disclosures, or an unauthorized disclosure of confidential customer information.
Confidentiality In information security, a business requirement that defines the rules and processes that can protect certain information from unauthorized use.
Counterparty Each party to a (financial) transaction.
Cryptography The process of converting data into an unreadable form via an encryption algorithm. Cryptography enables information to be sent across communication networks that are assumed to be insecure, without losing confidentiality or the integrity of the information being sent.
Cryptanalysis The study of mathematical techniques designed to defeat cryptographic techniques. Collectively, a branch of science that deals with cryptography and cryptanalysis is called cryptology.
Customer In the context of this book, “Customer” is used as a generic term that indicates an entity that requires and consumes an organization’s products and services. The term “customer” can be replaced by industry-or line of business–specific terms such as Client, Contact, Party, Counterparty, Patient, Subscriber, Supplier, Prospect, Service Provider, Citizen, Guest, Legal Entity, Trust, Business Entity, and other terms.
Customer-centric view An aggregated physical or virtual record of customer information spanning all customer accounts and anchored around customer identity.
Customer Data Integration (CDI) A Master Data Management framework focused on the Customer Data domain; it is a comprehensive set of technology components, services, and business processes that create, maintain, and make available an accurate, timely, integrated, and complete view of a customer across lines of business, channels, and business partners.
Customer Relationship Management (CRM) A set of technologies and business processes designed to understand a customer, improve customer experience, and optimize customer-facing business processes across marketing, sales, and servicing channels.
Data Hub A common approach for a technical implementation of a service-oriented MDM solution. Data Hubs store and manage some data attributes and the metadata containing the location of data attributes in external systems in order to create a single physical or federated trusted source of information about customers, products, and so on.
Data governance A framework of processes aimed at defining and managing the quality, consistency, usability, security, and availability of information with the primary focus on cross-functional, cross-departmental, and/or cross-divisional concerns of information management.
Data profiling A process focused on generating data metrics and measuring data quality. The data metrics can be collected at the column level (for example, value frequency, nullity measurements, and uniqueness/match quality measurements), at the table level (for example, primary key violations), or in cross-table relationships (for example, foreign key violations).
Data Quality (DQ) A set of measurable characteristics of data that define how well the data represents the real-world construct to which it refers.
Data security An area of information security focused on the protection of data from either accidental or unauthorized intentional viewing, modification, destruction, duplication, or disclosure during input, processing, storage, transmission, or output operations. Data security deals with data that exists in two modes: data-in-transit and data-at-rest.
Data-at-rest Data residing in memory caches, locally attached or networked data stores, as well as data in archives (for example, tape backup).
Data-in-transit Any data moving between systems over network connections as well as data transferred between applications using file transfer mechanisms, messaging and queuing mechanisms, and/or ETL tools.
Data warehouse “A data warehouse is a subject-oriented, integrated, time-variant, nonvolatile collection of data in support of management decisions.”—W. H. Inmon
Economic Value of Information The economic value of information, in the context of this book, expressed in terms of a fraction of the market capitalization of the company.
Encryption algorithm A process that transforms plain text into a coded equivalent, known as the cipher text, for transmission or storage.
Enterprise Architecture Framework Pioneered by John Zachman, an Enterprise Architecture Framework is an abstraction that helps to solve the complexity of the enterprise architecture by decomposing the problem into two main dimensions, each of which consists of multiple subcategories. The first dimension defines the various levels of abstraction that represent the business scope, business, systems, and technology models. The second dimension consists of key decision-driving questions: what, how, where, who, when, and why?
Enterprise Rights Management (ERM) A set of technologies designed to manage and enforce information access policies and use rights of electronic documents within an enterprise. ERM enables the protection of intellectual property embedded in electronic documents, and provides protection persistence that enforces information access policies to allow an organization to control access to information that needs to be secured for privacy, competitive, or compliance reasons, and prevents users and even administrators from disabling the protection mechanisms.
Enterprise Service Bus (ESB) A middleware software architecture construct that provides foundational services for more complex architectures via an event-driven and standards-based messaging engine (the bus). An ESB generally provides an abstraction layer on top of an implementation of an enterprise messaging system.
Entitlement An expression meaning that a party has permission to do something with respect to some entity or an object.
Hierarchy In the context of MDM, we can define a hierarchy as an arrangement of entities (parties, accounts, products, cost centers, and so on) where entities are viewed in relationship to each other as “parents,” “children,” or “siblings/peers” of other entities, thus forming a conceptual tree structure where all leaf nodes in the hierarchy tree can be rolled into a single “root.”
Identity and Access Management An organizing principle, a framework, and a set of technologies designed to manage the flow, consumption, security, integrity, and privacy of identity and business data across the enterprise in line with its business demands.
Information entropy A measure of uncertainty associated with the predictable value of information content. The highest information entropy is when the ambiguity or uncertainty of the outcome is the greatest.
Information Theory The area of applied mathematics founded by Claude Shannon that is focused on the quantification of information. Data quality for master data in this book is quantified by applying key principles of Information Theory.
Integrity In information security, integrity is a business requirement that data in a file or a message traversing the network remains unchanged or that any data received matches exactly what was sent; data integrity deals with the prevention of accidental or malicious changes to data or message content.
Intrusion detection The process of monitoring the events occurring in a computer system or network and analyzing them for signs of intrusion.
Java Authentication and Authorization Service (JAAS) A Java security facility that defines a pluggable, stacked authentication scheme. Different authentication schemes can be plugged in without having to modify or recompile existing applications.
Loss Data Warehouse (LDW) In the context of the Basel II Capital Accord, LDW is a primary vehicle to provide accurate, up-to-date analysis of capital adequacy requirements, and is also a source of disclosure reporting.
Loose coupling An architecture and design principle that avoids rigid, tightly coupled structures in which changes to one component force that change to be propagated throughout the system, and where the failure or poor performance of one component may bring the entire system down. Service-oriented architectures and Web Services support and promote loose coupling.
Master Data Governance (MDG) The area of Data Governance focusing on master data processes, metrics, controls, and accountabilities.
Master Data Management (MDM) A discipline that resolves master data to maintain the golden record, the holistic and panoramic view of master entities and relationships, and the benchmark for master data that can be used across the enterprise, and sometimes between enterprises to facilitate data exchanges.
Matching A highly specialized set of technologies that allows users to derive a high-confidence value of the party identification that can be used to construct a total view of a party from multiple party records.
Matching algorithm An algorithm that scores cross-record similarities and relates records by linking them with a common enterprise identifier.
Match Group In MDM, this is a group of master-type entity records determined to belong to a single master entity. The determination can be done systemically through the use of a matching algorithm or manually by end-user input.
Material Non-Public Information (MNPI) Information about a company or a market condition or an event that will have a material effect on the stock price(s) if it becomes known to the public.
Merge An operation of creation of a single master entity record from two or more source systems’ records.
Network Security A security discipline that deals with authenticating network users, authorizing access to the network resources, and protecting the information that flows over the network.
Non-Public Personal Information (NPI) Personally identifiable legal and financial information that is provided by a customer to the enterprise; derived from any transaction with the customer, or any service performed for the customer; or obtained by the enterprise via other means.
Nonrepudiation In information security, the ability to confirm the fact that an action in question was undertaken by a party in question, and that the party in question cannot legally dispute or deny the fact of the action.
Obligations In defining and evaluating XACML policies, obligations refer to actions that must be performed as part of handling an access request.
Opt-in A privacy option that prohibits the sharing or sale of customer data unless the customer explicitly agreed to allow such actions.
Opt-out This privacy option means that unless and until the customers inform their financial institution that they do not want them to share or sell customer data to other companies, the company is free to do so. The implication of this law is that the initial burden of privacy protection is on the customer, not on the company.
Party A uniquely identified collection or cluster of individual detail-level records; the notion of the party supports multiple types, including organizations, customers, prospects, and so on.
Perimeter Security This security discipline deals with security threats that arrive at the enterprise boundary via a network.
Personally Identifiable Information (PII) Information that can be used to uniquely identify, contact, or locate an individual.
Policy The encoding of rules particular to a business domain, its data content, and the application systems designed to operate in this domain on this set of data.
Provisioning A set of management activities, business processes, and technologies governing the creation, modification, and deletion of user credentials and entitlements. It provides assured delivery and removal (deprovisioning) of the identity and entitlement data from all affected applications and systems.
Privacy Proper handling and use of personal information (PI) throughout its life cycle, consistent with data-protection principles and the preferences of the subject.
Registry-style Hub An MDM Data Hub architecture style that stores metadata with pointers to data elements in external systems.
Reputational Risk Risk to the reputation of the business that arises from errors, delays, omissions, and information security breaches that become public knowledge or directly affect customers.
Risk In general, risk is the probability that a threat agent will be able to exploit a defined vulnerability that would adversely impact the business.
Roles-Based Access Control (RBAC) The processes and technologies of providing access control based on user credentials and roles.
Security In the context of information security, a set of standards, processes, and technologies that include authentication, authorization, access control, and auditability of user actions in order to protect access to and use of the information resources only by authorized users. Information security goals are to ensure the integrity, confidentiality, and availability of the information.
Separation of Concerns A process of breaking a program or a system into distinct features that overlap in functionality as little as possible.
Separation of Duties (SoD) In the context of security and visibility, the separation of duties principle means that making policy-based access control decisions is a general function that is different and should be separated from the actions related to the enforcement of these access decisions.
Service-Oriented Architecture (SOA) The software design and implementation architecture of loosely coupled, coarse-grained, reusable services that can be integrated with each other through a wide variety of platform-independent service interfaces.
Single Sign-On (SSO) The technology that enables users to access multiple computer systems or networks after logging in once with a single set of authentication credentials.
Split An operation of creating two records from a single record when new information becomes available and reveals the existence of two customers mistakenly represented by a single record. Typically this event occurs when two customers have many similar data element values—for example, a father and son living at the same address and having the same name.
Spyware A type of malicious software that installs itself onto a user’s computer and sends information from that computer to a third party without the user’s permission or knowledge.
Transaction Risk Risk that may arise from fraud, error, or the inability to deliver products or services, maintain a competitive position, or manage information.
Transaction-style Hub A Data Hub solution that treats the Data Hub as a master system of record for master data. Other systems receive updates from the Transaction Hub.
Visibility Ability to enforce fine-grained access to and operations on data at the record, attribute, and attribute-value levels based on user entitlements and data usage and access policies.
Web Services Encapsulated, loosely coupled, coarse-grained, and contracted software objects offered via standard protocols.
3.133.148.216