ABA (American Bar Association), and digital signatures, 228
Abdulmutallab, Umar Farouk, 72–74
AbiliTec, Acxiom, 439
abstract MDM-Star models, for multidomain MDM, 190–191
Access Certification, 223
access control
Access Certification in, 223
biometrics for, 232
data-at-rest protection, 249–251
groups and roles, 260–262
MDM roadmap view for, 306
overview of, 259–260
perimeter security and, 217
physical, 218
Roles-Based Access Control, 262–264
SSO for, 233–235
Access Control Lists (ACLs), 261
account-centric-to-customer-centric transformations
Customer Data Integration and, 15–16
and customer identifiers, 365–366
evolution of MDM architecture, 27–29, 81
key benefits of, 23
account numbers
bulk statistical testing challenges, 383–384
challenges of managing master data, 10
in customer-centric view, 365–366
as entity identifiers, 365
as identity attribute candidates, 334
information protection architecture for, 257
test data protection by obfuscation of, 388
account takeover, identity theft, 211
account types, impact on project scope, 318
accountability, as business requirement, 220
ACLs (Access Control Lists), 261
Activity Manager (AM), Siperian Hub, 435
Acxiom MDM, 439
address-alias libraries, 348
AddressAbility, Acxiom, 439
addresses
data matching requirements/solutions, 350
false negatives in party matching, 333
false positives in party matching, 332
as identity attribute, 334
using address-alias libraries, 348
Adjustment application, 391
administration
matching engine, 159
MDM reducing costs/inefficiencies in, 35
MDM requirements, 390–393
security management with user, 220
affinity clusters, 12
aggregation
of entity information, 160–162
project scope impacted by levels of, 318–319
agile data governance, 421
agile enterprise architecture, 44–45
airlines
drivers of MDM, 67–68
relationship data critical to, 357
ALE (annualized loss expectancy), quantitative risk analysis, 197
algorithms
approach to record matching, 157–158
encryption, 226
aliases
data matching and, 350
similarity libraries for, 348
AM (Activity Manager), Siperian Hub, 435
American Bar Association (ABA), and digital signatures, 228
American Recovery and Reinvestment Act (ARRA), 8, 50
AML (Anti-Money Laundering) provision, USA Patriot Act
MDM detecting and preventing fraud, 22
overview of, 206–207
using MDM to comply with, 8
Analytical MDM
3NF modeling not best choice for, 169
bottom-up estimation of MDM impact using, 290–291
Data Hub usage style and, 302
data modeling requirement, 186–187
data zones and, 126
information value of Data Hub data in, 138
Master Data Governance for data quality in, 407–408
star schema modeling design supporting, 172
summary of, 442
as use pattern for MDM data, 102–103
annualized loss expectancy (ALE), quantitative risk analysis, 197
annualized rate of occurrence (ARO), quantitative risk analysis, 197
anonymous data
data-integration challenges, 46
popular techniques for, 389
test data protection challenges, 388–389
Anti-Phishing Working Group (APWG), 211
APIs (application programming interfaces), and Web Services, 93
application layers, designing MDM, 389–393
application programming interfaces (APIs), and Web Services, 93
application servers, 394
application transparency, data-at-rest security, 250, 251
applications
data protection, 247
impact on project scope, 320
layered security model, 216
MDM roadmap views for, 299, 301
security of, 217
security technologies, 230–233
APWG (Anti-Phishing Working Group), 211
architecture
choosing Data Hub style, 320–325
definition of, 79–80
evolution of, 81–84
importance of, 78
philosophy and principles of, 84–89
references, 109
roadmap view for Data Hub and data ownership, 302–303
technical implications of data security/privacy regulations on, 213–214
architecture, data management
data governance, 114–116
in Data Hub. See Data Hub, data management in
data quality, 117–120
data stewardship and ownership, 116–117
data strategy, 112
guiding principles of information architecture, 112–114
overview of, 111–112
references, 138
architecture, for entity resolution
aggregation entity resolution, 160–162
Data Hub keys and life-cycle management services, 162–165
entity recognition, matching, and unique identifiers, 155–156
key services and capabilities, 151–152
matching and linking services/techniques, 156–160
MDM reference architecture, 152–155
overview of, 150–151
references, 165
architecture viewpoints
Design and Deployment classification, 99–102
Information Scope or Data Domain dimension, 103
overview of, 89–90
reference architecture viewpoint, 105–109
reference data and hierarchy management, 103–105
references, 109
services architecture. See services architecture viewpoint
Use Pattern dimension, 102–103
ARO (annualized rate of occurrence), quantitative risk analysis, 197
ARRA (American Recovery and Reinvestment Act), 8
ARRA (American Recovery and Reinvestment Act) of 2009, 50
artifacts, Project Initiation phase, 326
asymmetric (public) key encryption, 226
asymmetric relationships, 359–360
asynchronous messages, and Web Services, 93
Attribute Locator service, MDM Data Hub, 135, 321
attribute match
binary rule for, 343–344
defining rules for, 341–342
for entity identification, 333–339
quantification, 342
score for, 344
attribute survivorship rules
processing data change in Data Hub based on, 407
Registry-style Data Hub applying, 100, 127
source system attributes contributing to canonical model using, 184
template defining, 352
attributes
business challenges of MDM, 11
Data Hub phased implementation of, 325
history needs for data modeling, 177
impacting project scope, 319
attrition rates, MDM reducing customer, 31–32
auditing
as business requirement, 220
as data synchronization component, 374
enabling for data governance, 116
use case scenario, 372
authentication
in access control, 259–260
biometrics-based, 232
as business requirement, 218
data-at-rest protection, 249–251
data-in-transit protection, 248–249
digital signature, 228
integrated conceptual security/visibility architecture, 277–278
integrating authorization and, 233–235
mechanisms for, 231
multifactor technologies got, 231–233
network, 217
perimeter, 217
personalization, privacy and, 233
smart card, 232–233
VPN, 229
Web Services concerns, 235
Authoring services, MDM, 390–391
authorization
as business requirement, 219
data-at-rest protection, 249–251
integrated conceptual security/visibility architecture, 277–278
integrating authentication and, 233–235
network, 217
perimeter, 217
using groups and roles for, 260–262
automatic merges, avoiding, 161–162
availability
as business requirement, 220
data security and, 246
as discriminating attribute, 336
B2B (business-to-business) commerce, MDM applications by industry airline, 67–68
financial services, banking, and insurance, 57–60
healthcare services, 61–63
hospitality and gaming, 63–64
manufacturing, 64–65
overview of, 57
pharmaceutical, 66–67
retail sales, 68–69
shipping, 67
software publishing, 65–66
telecommunications, 60–61
B2B (business-to-business) organizations Party or Customer requirement for, 142
Product domain challenges, 19
Web Services and, 93
B2C (business-to-consumer), MDM applications by industry airline, 67–68
financial services, banking, and insurance, 57–60
healthcare services, 61–63
hospitality and gaming, 63–64
manufacturing, 64–65
overview of, 57
pharmaceutical, 66–67
in public sector, 69–74
retail sales, 68–69
shipping, 67
software publishing, 65–66
telecommunications, 60–61
B2C (business-to-consumer) organizations, Party/Customer requirement, 55, 142
backdoor Trojans, 241
banking services
driving MDM in commercial sector, 58–60
risk management. See risk management for master data
banking Trojans, 241
Basel II Capital Accord
data protection and privacy regulations of, 48
for operational and credit risks, 201
overview of, 208
using MDM for compliance with, 7–8, 21
Basel III Accord, 208
batch matching mode, 340
behavioral biometrics, 232
benchmark development process, data quality, 407
BGM (Bipartite Graph Matching), 348, 437
BI (Business Intelligence) tools
delivering customer information to, 32
EDW solutions supporting, 83
Master Data Consumption zone providing data for, 124–125
using Analytical MDM, 102
bidirectional synchronization flows, 129, 131
Big Bang deployment, 395
Bill of Materials (BOM), and MDM, 65, 84
binary rule, attribute and record matches, 343
biotechnology companies, driving MDM in pharmaceuticals, 65–66
block-level encryption, for data-at-rest, 250
BOM (Bill of Materials), and MDM, 65, 84
border protection agencies, driving MDM, 71–74
botnet worms, 241
bottom-up estimation, 289
BPM (Business Process Management), 12, 117
BRE (business rules engine), 130–132
break groups, and performance, 346–347
bulk statistical analysis testing, data quality, 383–385
business and operational drivers of MDM
business development, 29
growing revenue through relationships, 32–33
improving customer experience, 31
improving customer retention/reducing attrition, 31–32
improving customer service time, 33–34
improving marketing effectiveness, 34
overview of, 29–31
reducing administrative costs/inefficiencies, 35
reducing IT maintenance costs, 35
Business Benefits view, MDM roadmap, 299
business case
business processes and MDM drivers, 288–289
business strategy-driven MDM, 286–287
importance of, 285–286
IT strategy-driven MDM, 287
preceding building/buying MDM with strong, 26–27
project failure from lack of justifiable, 446
references, 308–309
requirement of successful MDM initiative, 442–443
roadmap. See roadmap development plan, MDM
what stakeholders want to know, 288
business case, estimating benefits of capability maturity model, 293–295
conclusions, 295
economic value of information, 292–293
overview of, 289
traditional methods for, 289–292
business challenges
customer centricity, 38–39
key challenges, 35–36
overcoming socialization obstacles, 41–42
overview of, 10–12
Product domain, 19
selling MDM inside enterprise, 39–41
senior management commitment/value proposition, 38
Business Incorporation Date, in entity identification, 336–337
Business Intelligence. See BI (Business Intelligence) tools
business metadata, 136
Business Objects, acquisition by SAP, 436
Business Process Management (BPM), 12, 117
business processes, and MDM drivers
development of business case, 288–289
growing revenue by leveraging relationships, 32–33
impacting project scope, 317
improve customer experience, 31
improve customer retention/reducing attrition rates, 31–32
improve customer service time, 33–34
improve marketing effectiveness, 34
overview of, 29–30
reduce IT maintenance costs, 35
reducing administrative costs/inefficiencies, 35
requirements of USA Patriot Act, 206–207
Business Processes layer, MDM reference architecture
Data Hub, 152
high-level services of, 125
overview of, 106
Business QA testing, 382
business requirements
matching algorithms adapting to, 160
overlapping data governance initiative with, 421
business rules engine (BRE), 130–132
business strategy-driven MDM, 286–287, 311
business trust, 225
business units, in integrated risk management, 199–200
business value dimensions, and security, 219
buy over build trend, MDM, 26
California’s SB1386
for data security, 243
defined, 201
overview of, 209
canonical data model defined, 119
legacy system message creation and, 373
project initiation and, 319
Capability Maturity Model (CMM)
for data governance, 404
MDM business case estimation, 293–295
cardinality, discriminating attributes having lower, 335
CardSystems Solutions, security breach, 240
CDH (Customer Data Hub), Oracle, 433–434
CDI (Customer Data Integration)
Data Domain dimension, 103
evolution of MDM architecture, 81
in fight against terrorism, 22
key benefits of, 22–23
overview of, 14–16
summary of, 443
use case example of regulatory compliance, 255–256
centralized metadata repository, 137
certificate authorities, digital certificates, 231
chain of evidence archives, auditing/accountability, 220
chaining, 344–346
challenge-response handshakes, authentication, 231
challenges, MDM
customer centricity, 38–39
data quality, synchronization and integration, 45–47
data visibility, security and regulator compliance, 47–50
global MDM implementations, 51–52
implementation costs and time-to-market concerns, 43–45
overcoming socialization obstacles, 41–42
overview of, 35–38
references, 53
selling MDM inside the enterprise, 39–41
senior management commitment and value proposition, 38
technical, 42–43
change capture, in data synchronization, 374
Change Management server, infrastructure, 394
change transaction, initiated by Data Hub, 372
character sets
approaches to multilingual MDM issues, 350
challenges of multilingual MDM issues, 51–52, 306
Oracle’s Data Quality module for, 433
Children Act 2004, UK, 71
Children’s On-Line Privacy Protection Act (COPPA), 243
choreography, SOA and, 91
CIF (Customer Information File)
evolution of MDM architecture, 82
as precursor to MDM single-customer view, 57
as predecessor to CDI, 17
CIM (Collaborative Information Manager), Tibco, 437
claim-processing systems, MDM enabling, 58
classification dimensions, MDM
architecture viewpoints of, 98–103
overview of, 20–21
summary of, 442
Climbié, Victoria, 71
CMM (Capability Maturity Model)
for data governance, 404
MDM business case estimation, 293–295
Codd, Edgar F., 167–168
Coexistence Hub style, Data Hub
choosing for project, 322–323
loading data, 128–129
overview of, 101
roadmap view for, 302–303
Collaborative Information Manager (CIM), Tibco, 437
Collaborative MDM
Data Hub usage style, 302
defined, 21
summary of, 442
use pattern for MDM data usage, 102–103
combining algorithm, 274
Command Center, Acxiom, 439
commercial sector, MDM in, 57–69
airline industry, 67–68
financial services, banking, and insurance, 57–60
healthcare services ecosystem, 61–63
hospitality and gaming industry, 63–64
manufacturing industry, 64–65
overview of, 57
pharmaceutical industry, 66–67
references, 74–76
retail sales industry, 68–69
shipping industry, 67
software publishing industry, 65–66
telecommunications industry, 60–61
Committee of Sponsoring Organizations of the Treadway Commission (COSO), 209
Committee on Uniform Security Identification Procedures (CUSIP), 59–60
common sense, matching rules for customer records, 342
Communities of Practice approach, marketing effectiveness, 34
compensating transactions, 374–376
Complexity of Cross-Domain Information Sharing, roadmap view, 306
Complexity of Data Security, Visibility, and Access Control Requirements, roadmap view, 306
compliance, as MDM business driver, 29
compliance (legal) risk, 196, 243
compression, 250
Computer Reservation Systems (CRS), airlines, 68
confidentiality
as business requirement, 219
data security and, 246
as emerging requirement, 224–225
technologies supporting, 225–228
Web Services concerns, 235
configuration requirements, MDM, 390–393
consistency of definitions, in metadata, 136
consolidation, MDM market, 430
Consumer Proprietary Network Information (CPNI) regulation, privacy protection, 50
ContactPoint program, 71
contacts, relationship challenges of institutional, 361–362
content protection, secure MDM. See data security
Context Handler component, PDP, 273
contract research organizations (CROs), pharmaceutical industry, 67
control, as MDM business driver, 29
COPPA (Children’s On-Line Privacy Protection Act), 243
Core component, PDP, 273
Core MDM Data Hub, 394
COSO (Committee of Sponsoring Organizations of the Treadway Commission), 209
cost of implementing MDM
basic components, 297–298
bottom-up estimation of business case, 289–292
business case for. See business case
data quality improvement, 118
integrated risk management challenges, 199
overcoming, 43–44
requiring senior management commitment, 38
risk management calculations, 196–197
cost savings of MDM
administrative, 35
IT maintenance, 35
overview of, 21
costs, security breach, 240
country attribute, in entity identification, 338
country-specific plug-ins, for data matching, 350
CPNI (Consumer Proprietary Network Information) regulation, privacy protection, 50
credentials, authentication, 259–260
credit card fraud, 211, 239–240
CRM (Customer Relationship Management)
EDW supporting, 83
evolution of MDM architecture, 84
Master Data Consumption zone providing data to, 124–125
MDM growth and customer centricity vs., 27–28
as predecessor to CDI, 18
CROs (contract research organizations), pharmaceutical industry, 67
cross-domain information sharing, MDM roadmap view for, 306
Cross-Reference Record Locator, 372, 378
CRS (Computer Reservation Systems), airlines, 68
CRUD (Create, Read, Update and Delete) operations
Data Management layer supporting, 106–107, 153
Entity Resolution and Life-Cycle Management services supporting, 153–154
CRUD (Create, Read, Update and Delete)
ERM designed for, 254
Master Data Authoring designed for, 391
master data modeling styles supporting, 189–190
CRUDE (Create, Read, Update, Delete, Execute) authorization, 261
cryptanalysis, 226
cryptography, 226
cryptology, 226
CUSIP (Committee on Uniform Security Identification Procedures), 59–60
custom hierarchies, entity groupings and, 148
customer affiliation information, 334
customer centricity. See also account-centric-to-customer-centric transformations
business challenges of implementing MDM, 38–39
evolution of MDM architecture, 7, 27–29, 81
party-centric model supporting, 329
time, resources and cost of, 39
Customer Data Hub (CDH), Oracle, 433–434
Customer Data Integration. See CDI (Customer Data Integration)
customer-focused MDM, 22
Customer Group, 361–362
customer identification. See also entity identification
break groups and performance, 346–347
creating and protecting test data, 388
defining matching rules for customer records, 341–344
effect of chaining, 344–346
matching modes, 340–341
minimum data requirements, 339–340
similarity libraries and fuzzy logic for attribute comparisons, 348
use case with Reconciliation Engine, 369–372
use case with Transaction Hub, 372–373
Customer Information File. See CIF (Customer Information File)
Customer Master, 14
Customer MDM, 14
customer on-boarding, 58
Customer/Party domain 360-degree view of customer. See 360-degree view of customer
complexity of merge operation for, 353
as Customer domain. See Customer/Party domain
customer identifiers, 365–366
defined, 142
developing direct relationships with individual, 355–357
developing relationships with individuals, 355–358
dominating enterprise MDM, 142, 443–444, 450
EDW solutions supporting, 83
entity identification in, 329–330
entity recognition, matching, and unique identifiers, 155–156
ERM use case of regulatory compliance, 255–256
evolution of MDM architecture, 81
as focus of B2C or G2C, 55
matching and linking entities in, 149, 156–160
MDM in retail sales, 68–69
merging entities in, 351–354
Oracle’s MDM products for, 433–434
recognizing individuals, groups and relationships in, 142–145
Registry architectural style for, 100
relationship challenges of institutional customers, 361–364
splitting entities in, 354–355
symmetric vs. asymmetric relationships, 358–359
Tibco’s investments in, 437
use of term in this book, 142
Customer Relationship Management. See CRM (Customer Relationship Management)
customer relationships, entity identification
as identity attribute, 334
record qualification attribute, 338–339
customer risk, 198
customer touch points, impacting project scope, 318
customers
data-integration challenges, 46
fraud protection for, 48
growing revenue by leveraging relationships with, 32–33
improving data accuracy, 35
improving experience of, 31
improving retention/decreasing attrition of, 31–32
improving service time, 33–34
D&B (Dun and Bradstreet) Purisma MDM, 438–439
data acquisition, Data Hub architecture, 128
data aggregation, impacting project scope, 318–319
data-at-rest defined, 248
protection of, 249–251
solution considerations, 251–252
data attributes. See attributes
data-centric view of MDM architecture, 107–108
data-cleansing tools, 118–119, 435
Data Definition Language (DDL), 190
data delivery
benefits of integrated risk management, 199
distribution of reference data, 132–133
hierarchy management and, 133–134
Master Data Consumption zone concerns, 124–125
using EII services, 138
data domain-specific models, multidomain MDM, 190
data domains. See domains
Data Domains, Entities, and High-Level
Data Model view, MDM roadmap, 299–300
data enrichment processing, batch processing, 378
data entry validation, legacy systems, 373
data governance. See also MDG (Master data governance)
agile, 421
business requirements overlapping with, 421
creating more focused and efficient, 421–423
Data Governance Institute framework, 403
data quality, information theory approach, 411–417
data quality, management, 405–407
data quality, policies, 409–410
data quality, processes, 407–408
data quality, quantifying, 410–411
definitions of, 114–115, 400–401
IBM Data Governance Council framework, 403–404
information quality metrics, 410
integrated risk management with, 199
introduction and history of, 399–400
matching algorithm metrics used in, 417–421
Mike2.0 framework, 402–403
overview of, 399
project failure from insufficient, 447
reference code reconciliation, 185
references, 423–425
rules for rejecting changes from Data Hub, 372
steps in applying, 115–116
for successful MDM initiative, 443
Data Governance Board, Mike2.0 framework, 402
Data Governance Institute (DGI), 114, 400, 403
Data Hub
applying data governance to, 115–116
applying SOA principles to, 95–96
architectural change resulting from, 187
architectural styles, 100–102
architectural styles, choosing in project initiation, 320–326
customer-focused, 14–15
ETL processing in, 377–378
Key Generation service, 163
Oracle’s products for, 433–434
overview of, 80
phased implementation of, 325–326
Product domain challenges, 20, 395–397
Record Locator service, 164–165
reference architecture, 151–152
as service platform, 154–155
SOA misconceptions and, 97–98
source system entities and attributes stored in, 183–184
use case scenario with Reconciliation Engine, 369–372
Data Hub Architecture and Data Ownership
Style view, MDM roadmap, 302–303
Data Hub, data management in business rules engine, 130–132
data delivery and metadata concerns, 132–137
data synchronization, 129–130
data zone architecture, 120–126
enterprise information challenges, 111–112
Enterprise Information Integration and integrated data views, 138
loading data into Data Hub, 127–129
Operational/Analytical MDM and data zones, 126–127
overview of, 120
references, 138
Data Hub Usage Style view, MDM roadmap, 302
data-in-transit, 248–249
data inventory and classification program, 244
data lineage, metadata clarifying, 136
Data Management layer, MDM reference
architecture
Data Hub, 152
entity resolution and, 152–153
high-level services of, 125
overview of, 106–107
requirements for, 390–393
Data Manipulation Language (DML), abstract MDM-Star model, 190–191
data masking, for data-at-rest, 250
data matching. See matching
data-model-agnostic products, Data Hub, 396
The Data Model Resource Book (Silverston), 319
data models
adding non-identity attributes, 178
for arbitrary complex relationships, 146–147
creating MDM-Star schema, 178–179
defining attribute history needs/versioning, 177
defining entity domains, 176
defining entity resolution for master domains, 176
defining identity attributes, 176
hierarchies, 181–182
importance of, 167–168
landing and staging areas, 185
mapping to source systems, 183–184
for master data consumption, 185
MDM roadmap view for high-level, 299–300
overview of, 175
product approaches to Data Hub, 395–397
project failure from choosing poorly from, 447
of reference data, 182
references, 192
relationships, 180–181
data obfuscation/masking procedures, 245
data ownership
Data Hub Architecture and Data Ownership MDM roadmap view, 302–303
data stewardship and, 116–117
integrated risk management and total cost of, 199
MDM roadmap view for, 302
data-parsing and standardization tools, 119
data profiling
for data accuracy at source, 119
metrics for data quality improvement, 410–411
WebSphere ProfileStage tool for, 433
data providers, 123
data quality
challenges of MDM at business level, 11–12
data steward’s role in, 116–117
data testing for, 383
MDM architecture and, 85, 117–118
MDM roadmap view for, 305
ordering master data to improve, 6
reducing administrative process costs, 35
technical challenges of, 45–46
tools and technologies, 119–120
Data Quality layer, MDM reference architecture
Data Hub, 152
entity resolution and, 153
high-level services of, 125
overview of, 106–107
Data Quality module, Oracle/Siebel’s MDM, 433
Data Quality Suite, Informatica, 435
data quality, through data governance
existing approaches to quantify, 410–412
information theory approach to, 412–417
management, 405–407
metrics for, 410
overview of, 115
policies for, 409–410
processes, 407–408
use of matching algorithm metrics, 417–420
data redundancy, burden and costs of, 168
Data Rules layer, MDM reference architecture
Data Hub, 152
entity resolution and, 153
high-level services of, 125
overview of, 106–107
data security
for data-at-rest, 249–252
for data-in-transit, 248–249
defined, 245
enterprise rights management and, 252–257
evolution of, 239–240
information security emerging threats, 240–242
layered framework for, 246–248
MDM roadmap view for complexity of, 306
MDM technology trends, 452
overview of, 245–246
references, 257
regulatory drivers of, 242–243
risks of compromise, 243–244
technical implications of regulations, 244–245
for test data, 388
using MDM to comply with, 8
data sources
Data Hub content acquired from, 128
MDM roadmap view for third-party, 301
Source Systems zone of Data Hub and, 122–123
data stewardship integrated risk management and, 199
Mike2.0 framework, 402
overview of, 116–117
data strategy, managing
data governance, 114–116
data quality, 117–118
data quality tools and technologies, 119–120
data stewardship and ownership, 116–117
overview of, 112
principles of information architecture, 112–114
data synchronization
batch processing using ETL for, 376–379
in context of MDM Data Hub, 129–130
exceptions processing and, 379–381
goals of, 367–368
real-time/near real-time components for, 373–376
Reconciliation Engine style and, 101, 128, 369–372
technical challenges of, 45
Transaction Hub style and, 372–373
data types
data-at-rest security, 250
as technical challenge of MDM, 38
data validation. See validation
data visibility
challenges, 268–269
entitlements and, 267–271
MDM roadmap view for complexity of, 306
MDM technology trends, 452
for policy decision and enforcement, 273–274
RBAC limitations, 264
security architecture requirements, 278–280
security services integrated with, 272–273, 274–278
as technical challenge of MDM, 47–50
XACML-based implementations and, 274
Data Volumes and Performance
Considerations, MDM roadmap view, 303
data warehousing
history in retail chain operations, 68
implementing MDM with focus of enabling, 36
MDM data modeling requirements, 185–187
MDM hierarchy management and, 104–105
MDM-Star schema and, 188
project scope and aggregation in, 318–319
Data Zone architecture
distribution of reference data and, 132–133
ESB zone, 125
ETL/Acquisition zone, 123–124
hierarchy management and, 133–134
Hub Services zone, 124
loose coupling in, 122
mapping Data Hub service to data zones, 129
Master Data Consumption zone, 124–125
MDM SOA reference architecture, 125–126
Operational and Analytical MDM and, 126–127
overview of, 120–122
Source Systems zone, 122–123
Third-Party Data Provider zone, 123
Database Administrator (DBA), 393–394
database servers, building infrastructure, 394
DataFlux Integration Server, SAS, 437
DataFlux, SAS, 436–437
Date of Birth (DOB) attribute, in entity identification, 335–337
DBA (Database Administrator), 393–394
DDL (Data Definition Language), 190
DDoS (Distributed Denial-of-Service), 241
DEA (Drug Enforcement Administration), 63
debit card fraud, 239–240
Decommissioning of Systems and Applications, roadmap view, 301
decryption, for anonymization of data, 389
dedicated port, HTTPS, 229
defense-in-depth, layered security framework, 246–248
delta processing mode, data acquisition, 128–129
demilitarized zone (DMZ), perimeter security, 246
Deming, Edward, 422–423
denial-of-service (DOS) attacks, on Web Services, 236
Deny Override algorithm, 274
Department of Social Services, using MDM, 70–71
deployment options, 395
Deployment Strategy view, MDM roadmap, 303–304
depth of interactivity, socialization challenge of MDM, 42
derivatives, MDM and securities master, 59–60
description orientation, SOA, 91
Design and Deployment classification
architectural implications, 99
defined, 20
External Reference style, 100
Reconciliation Engine style, 101
Registry style, 100–101
summary of, 442
Transaction Hub style, 101–102
deterministic algorithms, record matching, 157
Deterministic ETL, insufficiency of, 36
deterministic outcome, matching and linking services, 159
dfPowerStudio, SAS DataFlux, 437
DGI (Data Governance Institute), 114, 400, 403
Diffie, Whitfield, 226–227
digital certificates, 231
digital identities, 222–223, 227–228
Digital Rights Management (DRM), 242, 253
digital signatures, 227–228
dimension modeling, 173–174
direct relationships, 355–358
direct trust, 225
discriminating attributes defined, 333
defining matching rules for records, 341
disqualifying similar records using, 335–337
Distributed Denial-of-Service (DDoS), 241
distributed metadata repository, 137
Distributed Query Constructor, synchronization, 375
distribution channels, driving MDM in manufacturing, 65
DML (Data Manipulation Language), abstract MDM-Star model, 190–191
DMZ (demilitarized zone), perimeter security, 246
DNC (Do Not Call) legislation
overview of, 212–213
privacy protection, 49–50
protection of customer privacy, 201
Do Not Call. See DNC (Do Not Call)
legislation
DOB (Date of Birth) attribute, in entity identification, 335–337
document authentication, digital signatures, 228
domains
associated with master entities, 6
common master data, 7
Customer. See Customer/Party domain
customer-focused. See CDI (Customer Data Integration)
data modeling styles supporting multidomain MDM, 188–191
dominating enterprise MDM, 450
in early stages of MDM, 7
layered security, 216
MDM roadmap views for, 299–300, 306
Party. See Party domain
Product domain. See Product domain
of retail store, 68
of scope, 316–317
systems of records for given, 5
domestic identifiers attribute, entity identification, 338
DoS (denial-of-service) attacks, on Web Services, 236
DRM (Data Relationship Management) tool, Oracle, 434
DRM (Digital Rights Management), 242, 253
Drug Enforcement Administration (DEA), 63
DSF product, Acxiom, 439
dual threshold capabilities, 344, 349
Dun and Bradstreet (D&B) Purisma MDM, 438–439
DUNS number, D&B, 438
duplicate records, in data quality problems, 418
data-in-transit security considerations, 249
as online identity attribute, 334
ease of use, 159
Eastern Europe, challenges of MDM, 51
Economic Value Added (EVA), 289
Economic Value estimation. See EV (Economic Value) estimation
ecosystem, MDM, 313–315
edge, Small World theory, 169–170
EDW (Enterprise Data Warehouse)
in evolution of MDM architecture, 83
hierarchy management and, 134
history of retail chains using, 68
as precursor to MDM single-customer view, 57
as predecessor to CDI, 17
EHRs (Electronic Health Records), 62–63
EIA (enterprise information architecture), 112–114
EII (Enterprise Information Integration)
evolution of MDM architecture, 84
overview of, 138
as predecessor to CDI, 18
Electronic Health Records (EHRs), 62–63
Electronic Medical Record (EMR), 62
Electronic Personal Health Record (ePHR), 62
electronic signature legislation, 220
EMB (Enterprise Message Bus), 369–372
EMPI (Enterprise Master Patient Index), 62, 305
employees
in bottom-up estimation of business case, 291–292
MDM roadmap view for resources and skills, 307
project failure and, 447
EMR (Electronic Medical Record), 62
Enabling Technologies: ETL, SOA, and ESB, MDM roadmap view, 307
encapsulation, Web Services, 92
encryption
anonymization of data using, 389
cryptography, cryptology and cryptanalysis, 226
data-at-rest security, 249–251
data-in-transit security, 248–249
data security, 245
digital certificate authentication, 231
network security, 217
symmetric vs. asymmetric key, 226–227
VPNs using, 229
end-to-end security
for integrated security and visibility, 274–278
overview of, 217
SSL providing, 230
enrollment, in biometrics, 232
enterprise architecture framework
data strategy for, 112–120
introduction to, 86–88
mapping SOA to viewpoints of, 91–92
Mike2.0, 403
not necessary to craft MDM with, 89
what MDM stakeholders want to know, 288
Enterprise Attribute Locator, synchronization, 375
enterprise data modeling, 167–170
enterprise data strategy. See data strategy, managing
Enterprise Data Warehouse. See EDW (Enterprise Data Warehouse)
enterprise information architecture (EIA), 112–114
Enterprise Information Integration. See EII (Enterprise Information Integration)
Enterprise Master Patient Index (EMPI), 62, 305
Enterprise Message Bus (EMB), 369–372
Enterprise Record Locator
batch processing mode, 378
data synchronization, 374–375
use case scenario, 372
Enterprise Resource Planning (ERP) market, 436
Enterprise Rights Management. See ERM (Enterprise Rights Management)
enterprise security. See also information
security and identity management
access control basics, 259–264
entitlements and visibility, 267–271
integrating MDM with information security, 272–280
overview of, 259
policies and entitlements, 264–267
references, 280–281
Enterprise Service Bus. See ESB (Enterprise Service Bus)
entities
impact on project scope, 319
MDM roadmap view for, 299–300
as members of arbitrary complex groups, 443
merging, 351–354
Small World theory and, 169–170
splitting, 354–355
entitlement provisioning, 222
entitlements
assigning user access privileges with, 222–223
defined, 219
enforced locally, 267
policies and, 264–267
standardization of, 269–271
taxonomy, 265–266
transactional, 266–267
and visibility, 267–271, 277–278
Entity Aggregation Service, Data Hub, 161–162
entity domains, in data modeling, 176
entity identification. See also customer
identification
goal of, 329–330
granularity impacting, 330
in merge and split operations, 351–355
need for persistent Match Group Identifiers, 365–366
in relationships and groups. See relationships and groups
using discriminating attributes for, 335–337
using identity attributes for, 334–335
using record qualification attributes for, 337–339
entity resolution
attributes/attribute categories for, 333–339
combining probabilistic MDM with, 72
customer identification. See customer identification
data-matching requirements/solutions, 348–350
defined, 145
false negatives in party matching, 333
false positives in party matching, 332–333
importance of history, 177
MDM data modeling requirements, 175–188
overview of, 329–330
references, 350
terms and definitions, 331–332
entity resolution, MDM services for
aggregation entity resolution, 160–162
challenge of product identification, recognition and linking, 149–150
Data Hub keys and life-cycle management services, 162–165
entity groupings and hierarchies, 147–149
entity recognition, matching, and unique identifiers, 155–156
key services and capabilities, 151–152
matching and linking services/techniques, 156–160
MDM and party data model, 146–147
MDM reference architecture, 152–155
recognizing individuals, groups and relationships, 142–145
references, 165
entropy, in Information Theory, 413–415
environment considerations, building Data Hub, 393–394
ePHR (Electronic Personal Health Record), 62
equivalencies defined, 348
effect on data quality of consistently applied, 417–419
ERM (Enterprise Rights Management) defined, 254
for information asset protection, 242
as MDM technical requirement, 254–255
overview of, 252–254
use case examples, 255–257
ERP (Enterprise Resource Planning) market, 436
error processing
data matching requirements/solutions, 350
data synchronization, 375
ESB (Enterprise Service Bus)
building infrastructure, 394
Data Hub zone, 125
MDM roadmap view enabling, 307
use case scenario, 369
eSign (Electronic Signatures in Global and National Commerce Act) legislation, 220, 227–228
ETL/Acquisition zone, Data Hub, 123–124, 128–129
ETL (Extract, Transform, and Load) tools
batch data synchronization using, 376–379
building infrastructure, 394
data-cleansing of, 118
ensuring data quality and integrity, 119–120
evolution of MDM architecture, 82–83
IBM products, 433
insufficiency of traditional deterministic, 36
MDM roadmap view for enabling, 307
as predecessor to CDI, 17
European Union Data Protection Directive, 201, 243
EV (Economic Value) estimation defined, 289
MDM Capability Maturity Model, 293–295
of MDM impact, 292–293
EVA (Economic Value Added), 289
Every Child Matters initiative, UK, 71
exact match, rules for customer records, 341
exceptions processing, 379–381
executive management (CEO, CFO), 286–288
eXtensible Access Control Markup
Language. See XACML (eXtensible Access Control Markup Language)
eXtensible Resource Identifier (XRI), 270
external reference data providers, MDM market trends, 450
External Reference style, MDM Data Hub, 100
external trusted source, establishing relationships/hierarchies, 359–360
Extract, Transform, and Load tools. See ETL (Extract, Transform, and Load) tools
fact tables, star schema data modeling, 172–173
Fair Credit Reporting Act (FCRA), 212
false negatives
avoiding in law enforcement/intelligence, 72
in biometric techniques, 232
errors in matching, 332
in Match Group testing, 387
false positives
in biometric techniques, 232
errors in matching, 332
in Match Group testing, 387
reasons for, 332–333
Father of Information Theory, 412–413
FCRA (Fair Credit Reporting Act), 212
federated metadata repository, 137
Federated Query Constructor, synchronization, 375
Federated SSO, 234–235
FFIEC (Federal Financial Institutions Examination Council)
compliance and authentication requirements, 208–209
data protection and privacy regulations of, 48
expanding GLBA, 204–205
guidelines to prevent banking fraud, 201
field-level encryption, data-at-rest, 250–251
fifth normal form (5NF) data modeling, 171
file-level encryption, data-at-rest, 250–251
Financial Consolidation Hub, Oracle, 434
Financial Crimes Enforcement Network (FinCEN), 207
Financial Modernization Act of 1999, 49
Financial Privacy Rule, GLBA, 49
financial services institutions (FSIs), MDM in
overview of, 57–60
risk management. See risk management for master data
FinCEN (Financial Crimes Enforcement Network), 207
fine-grained data access, 268
first-class citizen entities, MDM data modeling, 176–177
First Logic, acquisition by SAP, 436
fit-for-purpose approach to data quality, 410–411
5NF (fifth normal form) data modeling, 171
flexibility of matching engine, 159
Fortune 2000 companies, adoption of MDM, 26
Fortune 5000 companies, adoption of MDM, 26
4NF (fourth normal form) data modeling, 171
frameworks, data governance, 401–404, 422
fraud. See also risk management for master data
identity theft, 210–211
using MDM to detecting gaming, 64
frequent-flier miles, airlines, 68
FSIs (financial services institutions), MDM in
overview of, 57–60
risk management. See risk management for master data
FTEs (full-time equivalents), bottom-up estimation, 291–292
full-time equivalents (FTEs), bottom-up estimation, 291–292
future of MDM. See MDM (Master Data Management), future of
fuzzy logic algorithms
providing inexact match comparison, 348
testing Match Group for false negatives, 387
Tibco products, 437–438
G2C (government-to-citizen) organizations
Party/Customer master for, 55, 142
in public sector, 69
gaming industry, driver of MDM, 63–64
GDP (Gross Domestic Product), in healthcare ecosystem, 62
GDS (Global Distribution Systems), airline ticket reservations, 68
gender, as discriminating attribute, 335–336
geography, deployment by, 395
gibberish, for anonymization of data, 389
GLBA (Gramm-Leach-Bliley Act) of 1999
ability to opt-out of sharing personal information, 212
data protection provisions, 49, 201, 204–205
data security, 242
test data protection, 388
using MDM to comply with, 8, 21
Global Distribution Systems (GDS), airline ticket reservations, 68
global MDM challenges, 51–52, 200
Golden copy
and matching modes, 340–341
need for persistent Match Group Identifiers, 365
golden customer record
business challenges of MDM, 38–39
information theory for data quality and, 412
MDM resolving master data to maintain, 55
two merged records creating, 353
Google Health, 62
governance. See data governance
government. See also public sector, MDM in
MDM benefits for, 44
relationship data critical to, 357
security value of CDI customer-centric model, 15–16
government-to-citizen organizations. See G2C (government-to-citizen) organizations
GPS coordinates, technical challenges of MDM, 38
Gramm-Leach-Bliley Act. See GLBA (Gramm-Leach-Bliley Act) of 1999
granularity
defining SOA, 91
exceptions processing and, 380–381
impacting entity identification, 330
impacting project scope, 317
relationship challenges of institutional customers, 363
Web Services supporting coarse, 93
Gross Domestic Product (GDP), in healthcare ecosystem, 62
group-based access control, 260–262
groups. See relationships and groups
groups, entity
creating, 145
entity resolution and MDM reference architecture, 153
hierarchies and, 147–149
mapping accounts to, 161
recognizing individual members of complex, 443
Hannaford Brothers Co., security breach, 240
hardware, data-at-rest security, 250–251
Health Insurance Portability and Accountability Act. See HIPAA (Health Insurance Portability and Accountability Act)
healthcare services ecosystem
driver of MDM in commercial sector, 61–63
relationship data in, 357
unstructured master data in, 63
HealthVault, Microsoft, 62
Heartland Payment Systems, security breach, 239
Hellman, Martin, 226–227
hierarchies
building entity relationships and, 359–360
of customers, as identity attribute, 334
MDM data modeling, 181–182
MDM roadmap view for, 300–301
hierarchy management
data warehousing and, 104–105
Data Zone architecture and, 133–134
entity groupings and, 147–149
MDM and, 103–104
reference data and, 103
relationship challenges of institutional customers, 364
Hierarchy management application, 391–392
Hierarchy Manager (HM), Siperian Hub, 435
HIPAA (Health Insurance Portability and Accountability Act)
data protection and privacy regulations of, 50
for data security, 242
ERM use case example of ensuring regulatory compliance, 256
protection of patient health information, 201
using MDM to comply with, 8
HM (Hierarchy Manager), Siperian Hub, 435
Hope Is Not a Strategy (Page), 288
horizontal discipline, of MDM, 26
hospitality and gaming industry
drivers of MDM in commercial sector, 63–64
relationship data critical to, 357
host (platform) security, 216–218, 247
hotels, drivers of MDM, 63–64
Household Group, recognizing, 360–361
HSISA, H.R. 4598 (Homeland Security Information Sharing Act), 201
HTTPS (HTTP Secure), 229–230
hub-and-spokes environment, MDM, 14–15, 80
Hub Data Management layer, MDM reference architecture, 152
Hub Data Quality layer, MDM reference architecture, 152
Hub Data Rules layer, MDM reference architecture, 152
Hub Master components, data synchronization, 376
Hub Services zone, Data Hub, 124
Hub System Services layer, MDM reference architecture, 152
Human Services departments, drivers of MDM, 70–71
hybrid approach
access control, 265–266
algorithms for record matching, 158
data quality tools and technologies, 120
metadata repository, 137
product approaches to Data Hub, 396
Hyperion, Oracle acquisition of, 434
IAM (identity and access management), 244, 260
IAS2005 (International Accounting Standards Reporting), 201
IBM
Data Governance Council, 400, 403–404
MDM vendor and products of, 431–433
ID-WSF (ID-Web Services Framework), 235
identification, authentication as component of, 218
identifiers, identity attributes, 334
identity and access management (IAM), 244, 260
identity attributes defined, 333
discriminating attributes used with, 335
matching and entity identification using, 334–335
matching rules for customer records, 341
MDM data modeling requirements, 176–177
identity federation technologies, 234–235
identity grabbers, information security threat, 241
identity management
as emerging security requirement, 221–222
information security and. See information security and identity management
Identity Store, synchronization, 374
Identity Systems, acquisition by Informatica, 434
identity theft
customer protection from, 48
identity management requirement, 221–222
overview of, 210–211
phishing and pharming as forms of, 211–212
implementation challenges
designing MDM application and presentation layers, 389–393
environment and infrastructure, 393–397
references, 397
summary of, 443
testing. See testing
implementation concerns, data
synchronization
batch processing, 376–379
Data Hub with multiple points of entry for entity information, 369–372
exceptions processing, 379–381
goals of, 367
Transaction Hub master model, 372–376
use case scenario, 368–369
IND (Investigational New Drug)
applications, 67
Indeterminate value, PDP, 273
individuals
developing direct relationships with, 355–358
discriminating attributes for, 335–337
mapping accounts to, 161
merging records of, 351–354
recognizing using MDM for Customer domain, 143–145
symmetric vs. asymmetric relationships, 358–360
industries, marketing campaigns across, 34
industry views of MDM
commercial sector. See commercial sector, MDM in
overview of, 55–57
public sector, 69–74
references, 69–74
inference engines, BRE, 131
Informatica, as MDM vendor/products, 434–435
Information Development, Mike2.0 framework, 402–403
information entropy, Information Theory, 413–415
information governance. See data governance
information integrity, 224
Information Scope or Data Domain dimension
architectural implications of, 103
defined, 21
summary of, 442
information security. See also data security
emerging threats to, 240–242
layered security model, 216
overview of, 217
technologies, 230–233
information security and identity management
application, data, and user security, 218
emerging requirements, 221–225
end-to-end security framework, 218
integrating authentication and authorization, 233–235
network security, 217
perimeter security, 217
platform (host) security, 217–218
putting it all together, 236–237
references, 237
traditional requirements, 218–220
Web Services concerns, 235–236
what we need to secure, 215–217
information security and identity
management, technologies
authentication mechanisms, 231–233
cryptography, cryptology and cryptanalysis, 226–227
firewalls, 228–229
nonrepudiation, 228
PKI and digital signatures, 227–228
secure HTTP protocols/SSL/TLS/WTLS, 229–230
VPNs, 229
Information Theory, approach to data quality, 412–417
InfoSphere MDM Server, 431–432
InfoSphere MDM Server for PIM (Product Information Master), 431–433
infrastructure, building Data Hub, 393–394
infrastructure project, project failure when MDM built as, 446
initial data load mode, data acquisition, 128
Initiate Systems, acquisition by IBM, 431
institutional customers, relationship challenges of, 361–364
insurance agencies, as drivers of MDM, 58–60
Integrated Risk Management (IRM), 198–200
integration
technical challenges of, 45
testing, 382
Integration with Unstructured Data, MDM roadmap view, 305
integrity
as business requirement, 219
data security and, 246
information and software, 224
technologies supporting, 225–228
transactional, 375–376
Web Services security concerns, 235
intelligence agencies, as drivers of MDM, 71–74
Interceptors, Spring Security, 274
internalization, of data protection, 50
International Accounting Standards Reporting (IAS2005), 201
international identifiers attribute, 338
International Securities Identification Numbering (ISIN) style, 60
Internet
as driver of MDM, 65
information security and identity management for. See information security and identity management, technologies
Internet service provider (ISP), as online identity attribute, 334
interoperable electronic health records, 8, 62–63
intrusion detection
for data security, 244
as emerging security requirement, 224
integrated conceptual security and visibility, 277–278
for perimeter security, 246
Intrusion Prevention Systems. See IPS (Intrusion Prevention Systems)
Investigational New Drug (IND) applications, 67
IP address, as online identity attribute, 334
IPS (Intrusion Prevention Systems)
for data security, 244
defined, 224
integrated conceptual security and visibility, 277–278
for perimeter security, 246
IRM (Integrated Risk Management), 198–200
ISIN (International Securities Identification Numbering) system, 60
ISO 17799 standard
defining confidentiality, 219
information security, 201
ISP (Internet service provider), as online identity attribute, 334
IT (information technology). See also technical approaches and challenges
bottom-up estimation of MDM business case, 291–292
challenges of MDM, 42
challenges of selling MDM inside enterprise, 39–41
data governance overlapped with enterprise, 421–422
Enterprise Rights Management, 254–255
implications of data security regulations, 213–214, 244–245
information security and identity management. See information security and identity management, technologies
Integrated Risk Management, 198
IT strategy-driven MDM, 287
MDM roadmap view for enabling, 307
in Mike2.0 data governance framework, 403
project initiation requirements, 316
reducing maintenance costs with MDM, 35
Single Sign-On, 233–235
supporting USA Patriot Act, 207
IT strategy-driven MDM, 287, 311
Italy, challenges of MDM, 51
JAAS (Java Authentication and Authorization Service), 218
Japanese Protection for Personal Information Act, 201
joins
challenges and performance problems of, 169
model for master data consumption, 185–187
star schema data modeling, 172–173
Joint Technical QA/Business QA testing, 382
just-in-time information availability
improving customer service time, 33–34
for terrorist groups, 71
using EII services, 138
Kantara Initiative, 221
Kerberos authentication, 231
Key Generation service, Data Hub, 163, 165
Key Lookup service, 355
Kimball, Ralph, 171
Knowledge Base, Acxiom, 439
knowledge base intelligence, matching customer records, 342
Knowledge Management server, 394
Korea, challenges of MDM, 52
KYC (Know Your Customer) provision, USA
Patriot Act
data protection and privacy regulations of, 48
detecting and preventing fraud, 22
overview of, 207–208
using MDM to comply with, 8
Laboratory Information Management Systems (LIMS), 67
LACS (Locatable Address Conversion System), Acxiom, 439
landing and staging area data models, 185, 188
language
data modeling, 167
multilingual requirements in MDM, 305–306
law enforcement agencies
CDI customer-centric model for, 15–16
as drivers of MDM, 71–74
MDM benefits for, 444
layered security framework, 216, 246–248
LDW (Loss Data Warehouses), 208
Leading Relationship attribute, entity identification, 338–339
legacy applications
batch processing, 377–378
Coexistence Hub partially decommissioning, 322
data-in-transit protection for, 248–249
data synchronization in, 129, 373
evolution of MDM, 16
External Reference style and, 100
incomplete and inconsistent data in, 81
integration of new MDM with, 36, 58–59
MDM solutions eventually replacing, 21
moving from account-centric-to-customer-centric, 87
policies and entitlements in, 264–265
project failure from not considering impact of, 447
Reconciliation Engine style and, 101
Registry Hub fixing and enhancing, 322
Registry style and, 100
as technical challenge of MDM, 42–44
Transaction Hub decommissioning, 323, 325
Transaction Hub implementations and, 372–373
Transaction Hub style and, 101–102
legal issues, reasons to use MDM, 7–8
lessons learned in this book, summary of, 442
Liberty Alliance, 221
libraries, industry-specific model, 186
life-cycle phases/releases, socialization of MDM, 41–42
LIMS (Laboratory Information Management Systems), 67
lines of business (LOB). See LOB (lines of business)
linked records, merging, 351–354
linking
matching speed and, 158
MDM technology trends, 452
overview of, 156
uniqueness and persistence of link keys, 159
Loading area, ETL processing, 377
loading data into Data Hub, 127–129
Loading zone, ETL/Acquisition zone of Data Hub, 124
LOB (lines of business) deployment by, 395
impacting project scope, 317–318
what MDM stakeholders want to know, 288
Locatable Address Conversion System (LACS), Acxiom, 439
location domain, MDM in retail sales, 68–69
logging, use case scenario, 372
logical view, defining SOA, 91
loose coupling
in software design, 122
Web Services, 93
Web Services security issues, 236
Loss Data Warehouses (LDW), 208
Lower Threshold, match accuracy, 344
loyalty programs
airline, 68
hospitality and gaming industry, 63–64
relationship data critical to, 357
Lucene fuzzy matching technology, Tibco, 437
M&A (mergers and acquisitions)
in airlines, 68
benefits of integrated risk management, 199
driving MDM in telecommunications sector, 61
MDM enabling, 59
of MDM vendors. See vendors and their products, MDM
machine learning algorithms, record matching, 158
manufacturing industry, as driver of MDM, 64–65
market drivers, MDM
business and operational. See business and operational drivers of MDM
challenges. See challenges, MDM
market growth, 26–29
references, 53
markets
adoption of MDM and growth in, 26–29
consolidation of, 430
improving effectiveness with MDM, 34, 450–451
masking data, for anonymization, 389
Massachusetts Law 201 CMR 17.00, 243
Master Customer Reference Database, SAS, 437
master data
architectural principles, 85
data modeling requirements, 176, 185–187
External Reference style and, 100
for manufacturing organizations, 65
technical challenges of, 42–43, 45–47
unstructured in healthcare ecosystem, 63
in Use Pattern classification, 102–103
Master Data Authoring application, 390–391
Master Data Consumption zone, Data Hub
concerns of, 124–125
data delivery concerns, 132–136
using EII services, 138
Master data governance Maturity view, MDM roadmap, 304–305
master data modeling
importance of data modeling, 167–168
MDM requirements, 175–188
references, 192
styles, 168–174
styles for multidomain MDM, 188–191
master data quality (MDQ), 405
Master Data Quality Processes, Metrics, and Technology Support, MDM roadmap view, 305
master data service (MDS), 97, 431–432
master model of MDM Data Hub. See Transaction Hub style, Data Hub
Master Reference Manager (MRM), Siperian Hub, 435
Master Search application, 393
Match Groups
effect of chaining, 344–346
merging records, 351–354
need for persistent identifiers, 365–366
overview of, 340–341
testing, 386–387
Match Suspect Extractor
in batch processing mode, 378
data synchronization component, 374
use case scenario, 370
matching
accuracy threshold, defining, 344
address problems, 19
avoiding false negatives in, 72
in batch processing mode, 378
chaining impacting, 344–346
for customer identification. See customer identification
as Data Hub core function, 378
discriminating attributes for disqualifying records, 334–335
for entity identification. See entity identification; entity resolution
entity recognition and, 155–156
entity resolution in Customer domain, 149
entity resolution in Product domain, 149–150
errors in, 332
false negatives in Party, 333
false positives in Party, 332–333
in hospitality industry, 64
identify attributes in, 334–335
implementation issues of, 340–341
multilingual requirements, 306
name problems, 19
product problems, 19
quantification of, 342
record-level, 342–344
Registry style for, 100
requirements and solutions, summary, 348–349
rules at attribute/attribute group level, 341–342
rules for customer records, defining, 341
similarity libraries and fuzzy logic in, 348
technology trends, 452
use case scenario, 369
matching algorithms
for data quality, Master data governance, 417–420
establishing relationships/hierarchies with rules for, 360
Tibco products, 437–438
matching and linking
aggregating entity information, 160–162
algorithmic approaches to record matching, 157–158
choosing technique for, 158–160
overview of, 156–157
matching modes, customer identification, 340–341
material non-public information. See MNPI (material non-public information)
MDG (Master Data Governance)
data quality management, 405–407
data quality processes, 407–408
definition, 404
existing approaches to quantify data quality, 410–412
information theory approach to data quality, 412–417
MDM market trends in, 451
metrics for information quality, 410
mission, 405
policies for data quality, 409–410
use of matching algorithm metrics, 417–420
MDM architecture. See architecture
MDM ecosystem, 313–315
MDM (Master Data Management), future of
guiding principles, 448–449
lessons learned in this book, 441–445
market trends, 450–451
reasons for project failure, 446–448
references, 453
as target for identity thieves, 212
technical capabilities trends, 451–453
MDM (Master Data Management), overview of
benefits of, 21–23
capabilities of, 154
challenges of creating/managing, 10–12
classification dimensions, 20–21
customer centricity and data quality, 7
focus of, 3
introduction to, 1–2
master data, defining, 6–7
other variants of, 18–20
overview of, 5
references, 23–24
risk management for. See risk management for master data
using CDI (Customer Data Integration), 14–18
why now? 7–10
MDM Servers, IBM, 431–433
MDM-Star schema
creating, 178–179
entity and relationship resolution with, 188
modeling for master data consumption, 185–187
modeling relationships from, 180–181
source-system specific view of, 183–185
MDQ (master data quality), 405
MDS (master data service), 97, 431–432
merge operations
data matching requirements/solutions, 349
mapping accounts to individuals and groups, 161–162
overview of, 351–354
use case scenario, 372
mergers and acquisitions. See M&A (mergers and acquisitions)
message creation, legacy systems, 373
message-level security, data-in-transit, 249
message orientation, SOA
defining, 91
ESB zone of Data Hub and, 125
Web Services, 93
Message Response Assembler, data synchronization, 375
meta-model. See metadata
metadata
Attribute Location service and, 135
basics, 135–136
MDM roadmap view for, 300–301
models, 189–190
Record Locator service based on, 164
repository architecture, 137
Metadata Management services, 135, 392–393
metadata-only MDM products, 190
metadata repository
data quality of, 118
Enterprise Information Integration and, 138
Metadata Management Services supporting, 135
Registry-style Data Hub using, 321
technical challenges of MDM, 37
metrics for data quality, Master Data Governance, 410, 422
Mike2.0 framework, 402–403
minimum data requirements, customer identification, 339–340
mission, Master Data Governance, 405
MNPI (material non-public information)
compliance (legal) risk and, 196
creating and protecting test data, 388
GLBA data protection requirements, 204
protection of, 198
model relationships, 180–181
money laundering. See AML (Anti-Money Laundering) provision, USA Patriot Act
monitoring security events, 220
Moseley, Marty, 421
MRM (Master Reference Manager), Siperian Hub, 435
multifactor authentication technologies, 231–233
Multilingual Requirements, MDM roadmap view, 305–306
MySAP Customer Relationship Management, SAP, 436
N-DEx (National Data Exchange), Law Enforcement, 71
NAHIT (National Alliance for Health Information Technology), 62
name alias libraries, 348
names
challenges of global MDM, 51–52
creating 360-degree view of customer using, 331–332
data matching requirements/solutions, 350
as discriminating attribute, 335
false negatives in Party matching, 333
false positives in Party matching, 332
as identity attribute, 334
minimum data requirements for, 339–340
similarity libraries for, 348
NASD rules 2711 and 3010, 201
National Alliance for Health Information Technology (NAHIT), 62
National Change of Address. See NCOA (National Change of Address) information
National Data Exchange (N-DEx), Law Enforcement, 71
National Numbering Agency (NNA), 60
National Security Agency (NSA), 245
NCOA (National Change of Address) information
Acxiom licensing of, 439
creating 360-degree view of customer, 331
matching rules for customer records, 342
merging records, 352
NDA (New Drug Applications), 67
Netrics, acquisition by Tibco, 437–438
NetWeaver, SAP MDM based on, 436
network orientation, SOA, 91
network security
concerns, 217
layered security model, 216
overview of, 217
protection of data with, 247
technologies, 228–229
Nevada Law NRS 597.970, 243
New Drug Applications (NDA), 67
New York State Identification and Intelligence (NYSIIS) acronym, 348
nicknames, similarity libraries for, 348
NNA (National Numbering Agency), 60
non-identity attributes, data modeling requirements, 178
normalized data models
4NF and 5NF, 171
eliminating data redundancy with, 168–169
illustrative example of, 170
strengths and weaknesses of 3NF, 171
Not Applicable value, PDP, 273–274
NSA (National Security Agency), 245
nullification, for anonymization of data, 389
number variance, for anonymization of data, 389
NYSIIS (New York State Identification and Intelligence) acronym, 348
OASIS (Organization for the Advancement of Structured Information Standards)
SAML, 234
SOA reference architecture, 94
obfuscation, in protecting test data, 388
obligations, policy, 273–274
OCC (Office of the Comptroller of the Currency)
risk management for master data, 198, 206
ODS (Operational Data Store)
evolution of MDM architecture, 83
as precursor to MDM single-customer view, 57
as predecessor to CDI, 18
OFAC (Office of Foreign Asset Control) lists
data protection/privacy regulations of, 49
financial services leveraging MDM to match applicant records with, 58
USA Patriot Act requirements, 207
OLAP (On-Line Analytical Processing), star schema modeling, 172
OLTP (On-Line Transaction Processing), 3 NF modeling, 169
ONC (Office of the National Coordinator for Health Information Technology), 62
one-time passwords, authentication, 231
online identity attributes, 334
online matching mode, 340–341
Open Source MDM trend, 451–452
OpenID, for identity federation, 235
Operational Data Store. See ODS (Operational Data Store)
operational drivers of MDM. See business and operational drivers of MDM
operational efficiency, as MDM business driver, 29
Operational MDM
Data Hub usage style, 302
data zones and, 126–127
defined, 21
information value of Data Hub data in, 138
Master Data Governance for, 407–408
summary of, 442
as use pattern for MDM data usage, 102–103
operational metadata, 136
operational risk, 195–196, 244
Operational Risk Framework and Management Structure, Basel II requirements, 208
Operations/scheduling controller, 392
opt-in option, 212–213
opt-out option, 212–213
Oracle, as MDM vendor and products, 433–434
orchestration, SOA, 91
Organization for the Advancement of Structured Information Standards. See OASIS (Organization for the Advancement of Structured Information Standards)
ownership. See data ownership
PAP (Policy Administration Point), OASIS defined, 272–273
integrated conceptual security and visibility with, 277–280
policy enforcement with, 275–276
partnerships with vendors, implementing MDM, 44–45
party-centric model defined, 329
for financial services, 58
overview of, 146–147
reasons for false positives in party matching, 332–333
party data model, MDM and, 146–147
Party domain. See Customer/Party domain
Party entity, party data model, 146–147
Party group defined, 340–341
party data model, 147
recognizing, 360–361
party match. See also entity resolution
party type attribute, 337–338
passenger security, airline, 68
password authentication, 231
patient-centric MDM, 66
Patriot Act. See USA Patriot Act
patterns, architectural, 87–89
Payment Card Industry (PCI) standard, 201
PBM (Pharmacy Benefits Management), 63
PCI (Payment Card Industry) standard, 201
PDP (Policy Decision Point), OASIS defined, 272–273
for policy decision and enforcement, 273–277
visibility and security requirements, 277–280
People Resources and Skills, MDM roadmap view, 307
PEP (Policy Enforcement Points), OASIS defined, 272–273
integrated conceptual security and visibility, 277–280
for policy decision and enforcement, 273–277
performance
data-at-rest security, 251
data-cleansing tool issues, 118
matching records in large sets with break groups, 346–347
MDM roadmap view for, 303
perimeter security
concerns of, 217
for data security, 244
layered security model, 216
overview of, 217
protection of data with, 246–248
technologies, 228–229
Person of Interest (POI), in law enforcement/intelligence, 71–72
personal identification numbers (PINs), authentication, 231
personalization, and privacy, 233
personally identifiable information. See PII (personally identifiable information)
pharmaceutical industry
drivers of MDM in commercial sector, 66–67
MDM improving pharmacy health information, 63
philosophy, MDM architectural
architectural patterns, 87–89
enterprise architecture framework, 86–88
overview of, 84–86
phone numbers
false negatives in party matching, 332
false positives in party matching, 333
as identity attributes, 334
physical security, 218
physiological biometrics, 232
PII (personally identifiable information)
creating and protecting test data, 388
definition of privacy and, 219
financial services and healthcare protection of, 200
GLBA requirements, 204
Massachusetts Law 201 CMR 17.00 for, 243
PIM (Product Information Management)
challenges of MDM for Product domain, 19–20
Data domain and, 103
emergence as single domain in MDM, 7
evolution of MDM and, 81
overview of, 18–19
summary of, 443
PINs (personal identification numbers), authentication, 231
PIP (Policy Information Point), OASIS, 272–273
PKI (Public Key Infrastructure)
asymmetric cipher as basis of, 226–227
digital certificates based on, 231
digital signatures and nonrepudiation using, 227–228
ERM using, 255
network security using, 217
platform (host) security, 216–218, 247
platform-neutral, defining SOA, 91
PLM (product life-cycle management), SAP, 436
PMA (Policy Management Authority), OASIS, 272–273
POI (Person of Interest), in law enforcement/intelligence, 71–72
policies
data governance and, 402
data quality, Master Data Governance, 409–410
decision and enforcement of, 273–274
defined, 265
entitlements and, 264–267
reducing number of, 260
standardization through, 269–271
Policy Decision Point. See PDP (Policy Decision Point), OASIS
Policy Enforcement Points. See PEP (Policy Enforcement Points), OASIS
Policy Information Point (PIP), OASIS, 272–273
Policy Management Authority (PMA), OASIS, 272–273
Policy Store, 277–278
ports, HTTPS dedicated, 229
presentation layers, MDM, 389–393
pretexting provisions, GLBA, 49
primary keys, 163
privacy. See also risk management for master data
ContactPoint for children in UK and, 71
customer, 198
data security, 246
definition of, 219
as emerging security requirement, 224–225
GLBA, FCRA, and opt-out, 212–213
GLBA requirements, 204
party-level preferences, 147
personalization as threat to, 233
technical implications on MDM architecture, 213–214
Privacy Profile, XACML, 271
Probabilistic Attribute Match algorithm, 157, 342
probabilistic MDM approach, 64, 72
probabilistic self-scoring of entity record, 339–340
probability theory, in Information Theory, 413–417
Product domain
benefits of MDM in, 22
challenge of entity resolution in, 149–150, 329
challenges of MDM in, 19–20
developing direct relationships with individual, 355–357
dominating enterprise MDM, 450
driving MDM in telecommunications, 61
EDW supporting, 83
evolution in MDM, 81
in manufacturing industry, 64–65
MDM in retail sales, 68–69
PIM solutions, 18–19
Product Information Management (PIM). See PIM (Product Information Management)
product life-cycle management (PLM), SAP, 436
product master, 84
product type
as identity attribute, 334
impacting project scope, 318
project failure, MDM
guiding principles to avoid, 448–449
reasons for, 445–448
project initiation
addressing complexity, 312–316
implementation begins, 311–312
MDM Data Hub solution architecture, 320–326
overview of, 311
project work streams, 326–327
references, 327
scope definition, 316–320
project work streams, planning/executing, 326–327
public (asymmetric) key encryption, 226
Public Key Infrastructure. See PKI (Public Key Infrastructure)
public keys, PKI, 227
public sector, MDM in
border protection agencies, 71–74
intelligence agencies, 71–74
law enforcement organizations, 71–74
overview of, 69
references, 74–76
Social Services agencies, 70–71
purge
data synchronization and, 374
use case scenario, 372
Purisma, acquisition by D&B, 438–439
QA (quality assurance) testing, 382
qualitative benefits, 289
qualitative risk analysis, 197
quality. See data quality
quantify data quality, 410–411
quantitative benefits, 289
quantitative risk analysis, 197
R&D process, in pharmaceutical industry, 67
race conditions
batch processing resolving, 378
data synchronization, 375
radio frequency identification (RFID), 38
RADIUS (Remote Authentication Dial-In User Service), 231
Rational Unified Process (RAP), for project scope, 317
RBAC (Roles-Based Access Control)
overview of, 260
roles-engineering approach, 262–263
sample roles-engineering process, 263–264
shortcomings of, 264
RDBMS (Relational Database Management Systems), 163
reaction rules engines, BRE, 132
Reconciliation Engine style, Data Hub
loading data into Data Hub, 128–129
overview of, 101
real-time synchronization components, 373–376
use case scenario, 369–372
record-level match, 342–344
Record Locator service, Data Hub, 164–165
record qualification attributes defined, 333
defining matching rules for customer records, 341
overview of, 337–339
record-shuffling, for anonymization of data, 389
records
Data Volumes and Performance Considerations roadmap view, 303
matching. See matching
MDM data modeling requirements, 177
merging, 340–341
multilingual requirements in MDM, 305–306
Reference Architecture, MDM
Data Hub, 151–152
defining, 105
entity resolution and, 152–155
viewpoint, 105–109
reference code maintenance application, 391
reference codes
during batch processing, 377
MDS rules mandating release of, 97
message validation and translation of, 373
multilingual MDM issues for, 51
reference data
Data Zone architecture and distribution of, 132–133
and hierarchy management, 103, 133–134
managing in MDM, 6
MDM data modeling requirements, 182
MDM market trends, 450
multilingual requirements in MDM, 306
Reference Data view, MDM roadmap, 303
reference database, External Reference style, 100–102
Reference MDM Data Hub, 132–133
referential integrity
causing exceptions, 379
overview of, 163
Registry-style Data Hub
choosing for project, 321–322
loading data into Data Hub with, 127–129
overview of, 100–101
roadmap view for, 302–303
regulatory compliance
auditability, 116
data security, 242–245
ERM use case example of, 255–256
financial services, 59
impact on IT infrastructure, 47–50, 200–202
information security and, 210–213
as key benefit of MDM, 7–8, 21
pharmaceutical industry, 67
in risk management for master data, 198–200
test data protection, 388–389
regulatory compliance, legislation
Basel II Capital Accord. See Basel II Capital Accord
California’s SB1386, 201, 209, 243
FFIEC. See FFIEC (Federal Financial Institutions Examination Council)
GBLA. See GLBA (Gramm-Leach-Bliley Act) of 1999
OCC. See OCC (Office of the Comptroller of the Currency)
SOX. See SOX (Sarbanes-Oxley Act) of 2002
USA Patriot Act. See USA Patriot Act
Related Initiatives view, MDM roadmap, 304
Relational Database Management Systems (RDBMS), 163
relationship
Leading Relationship and level of, 338–339
metadata clarifying, 136
Party data model, 146–147
project scope impacted by, 318–319
recognizing for Customer domain, 143–145
resolution of, 153
relationships and groups
challenges of institutional customers, 361–364
direct business relationships with individual, 355–358
overview of, 355
recognizing households or party groups, 360
references, 366
symmetric vs. asymmetric relationships, 358–360
Relationships, Hierarchies, and Metadata view, MDM roadmap, 300–301
release strategy, 43–44
Remote Authentication Dial-In User Service (RADIUS), 231
reporting
3NF modeling not best choice for, 169
building/deploying Data Hub, 393
data matching requirements/solutions, 350
Reporting server, building infrastructure, 394
REST-based Web Services, testing, 385–386
retail sales industry, driving MDM, 68–69
return on equity (ROE), integrated risk management, 199
return on investment. See ROI (return on investment)
revenue, leveraging customer relationships to grow, 32
RFID (radio frequency identification), 38
“right” data models, multidomain MDM, 189–190
risk
analysis, 197
of data compromise, 243–244
defined, 196
FFIEC compliance and authentication requirements, 208
as MDM business driver, 29
technical challenges of MDM, 43
risk-based authentication, FFIEC compliance, 209
risk management for master data
Basel II Capital Accord technical requirements, 208
California’s SB1386, 209
defined, 196
FFIEC compliance and authentication requirements, 208–209
Gramm-Leach-Bliley Act data protection provisions, 204–205
information security and regulatory concerns, 210–213
Integrated Risk Management, 199
Office of the Comptroller of the Currency, 206
overview of, 195
references, 214
regulatory compliance and impact on IT, 200–202, 213–214
regulatory compliance landscape, 198–200
risk analysis, 197
risk taxonomy, 195–198
Sarbanes-Oxley Act of 2002, 202–203
USA Patriot Act, 206–208
Risk Management Solutions, D&B, 438
roadmap development plan, MDM
basic costs of, 297–298
basing projects on, 311
conclusion, 307–308
overview of, 296–297
references, 308–309
using roadmap views in. See roadmap views
roadmap views
Business Benefits, 299
Complexity of Cross-Domain Information Sharing, 306
Complexity of Data Security, Visibility, and Access Control Requirements, 306
Data Domains, Entities, and High-Level Data Model, 299–300
Data Hub Architecture and Data Ownership Style, 302–303
Data Hub Usage Style, 302
Data Volumes and Performance Considerations, 303
Decommissioning of Systems and Applications, 301
Deployment Strategy, 303–304
Enabling Technologies: ETL, SOA, and ESB, 307
Integration with Unstructured Data, 305
Master Data Governance Maturity, 304–305
Master Data Quality Processes, Metrics, and Technology Support, 305
MDM ecosystem, 313–315
Multilingual Requirements, 305–306
overview of, 298–299
People Resources and Skills, 307
Reference Data, 303
Related Initiatives, 304
Relationships, Hierarchies, and Metadata, 300–301
Systems and Applications in Scope of MDM, 299
Third-Party Data Sources, 301
ROE (return on equity), integrated risk management, 199
ROI (return on investment)
bottom-up estimation of MDM, 289–290
calculating risk management, 196–197, 199
MDM business case, 26–27, 285–286
selling MDM inside enterprise, 39–41
role
authorization based on user, 262–264
identity attribute used for identification, 334
roles-and-rules-based access control (RRBAC), 265
Roles-Based Access Control. See RBAC (Roles-Based Access Control)
roles engineering, RBAC, 262–264
RRBAC (roles-and-rules-based access control), 265
RSA SecureID, authentication, 231
RSA Security/EMC2, digital certificate issuer, 231
RuBACs (Rules-Based Access Controls), 265
rule sets, 131
Rules-Based Access Controls (RuBACs), 265
RUP (Rational Unified Process), for project scope, 317
Russia, challenges of MDM, 51
S-HTTP (Secure HTTP), 229–230
S/MIME, securing e-mail, 249
Safeguards Rule, GLBA, 49
safety, using MDM for, 8–9
sales and marketing, driving MDM, 29
Sales and Marketing Solutions, D&B, 439
SAML (Security Assertion Markup Language), 234–235
SAP MDM, 436
Sarbanes-Oxley Act. See SOX (Sarbanes-
Oxley Act) of 2002
SAS DataFlux MDM, 436–437
scalability
data-at-rest security, 251
limitations of ACLs, 261–262
limitations of RBAC, 264
of matching and linking services, 159
technical challenges of MDM, 38
SCDs (Slow Change Dimensions), hierarchy management, 134
scenario-based testing of data quality, 383, 385, 387
scope
defining project, 316–320
of protection, 249
SDN (Specially Designated Nationals) lists, 49, 58
search services, Master Search application, 393
SEC Final Rule, Privacy of Consumer Financial Information, 201
SEC (Securities and Exchange Commission) rulings, 7–8, 49
secret key encryption, 226–227
Secure HTTP (S-HTTP), 229–230
Secure Sockets Layer (SSL). See also SSL/TLS, 230
Securities and Exchange Commission (SEC) rulings, 7–8, 49
securities master, MDM and, 59–60
security
as business requirement, 220
data. See data security
enterprise. See enterprise security
information. See information security
layered framework model for, 216, 246–248
MDM architectural principles, 85
network. See network security
perimeter. See perimeter security
risk management. See risk management for master data
technical challenges of MDM, 38, 47–50, 213–214
user. See user security
value of CDI customer-centric model, 15–16
Security Assertion Markup Language (SAML), 234–235
self-score distribution, and data quality, 419–420
semantic metadata, 135
semantics-based solutions, entity resolution in Product domain, 150, 329
semi-structured master data, MDM technology trend, 452
senior management
addressing complexity of MDM projects to, 312–313
challenges of selling MDM inside enterprise, 39–41
getting commitment of, 38
separation of concerns
data visibility and, 272–274
in Data Zone architecture, 120–121
defined, 120
separation of duties (SoD), and data visibility, 272, 274
servers, building infrastructure, 394
service-oriented architecture. See SOA (service-oriented architecture)
service-oriented MDM architecture, 447, 451
services
Data Hub as platform for, 154–155
entity resolution. See entity resolution, MDM services for
Hub Services zone of Data Hub, 124
leveraging MDM for social, 70–71
MDM architecture and, 81
MDM platform for, 155–156
MDM reference architecture and, 125–126
testing MDM, 385–386
services architecture viewpoint
introduction to SOA, 90–92
MDM and SOA, 94–96
MDM and SOA misconceptions, 97–98
overview of, 90
SOA benefits, 92
Web Services, 92–94
17 CFR Part 210, for records retention, 201
Shannon, Claude, 412–413
shared (secret or symmetric) key encryption, 226–227
Shark Chart concept, 288
shipping industry, driving MDM, 67
Siebel UCM/Oracle MDM solution, 433
signer authentication, digital signatures, 228
similarity libraries, 348
Similarity Systems, acquisition by Informatica, 434
single-customer view
in financial services, 59
in hospitality and gaming industry, 63–64
MDM precursors to, 57
in telecommunications sector, 60–61
single loss expectancy (SLE), quantitative risk analysis, 197
Single Sign-On (SSO) technologies, 233–235
single threshold capabilities, 344, 349
single version of truth
business challenges of implementing MDM, 38–39
for business processes, 12
defined, 5
impact on project scope, 319
other variants of, 6–7
pervasive need for, 443
as problem with every enterprise, 6
Siperian Hub, acquisition by Informatica, 434–435
SIT (system integration testing), 382
slave model of MDM Data Hub. See Reconciliation Engine style, Data Hub
SLE (single loss expectancy), quantitative risk analysis, 197
slice and dice capabilities
quality of complex dimensions, 36
star schema data modeling, 172
Slow Change Dimensions (SCDs), hierarchy management, 134
Small World theory
MDM-Star schema readability, 179
overview of, 169–170
star schema model in, 173
smart cards, multifactor authentication, 232–233
snowflake schema data modeling, 173–174
SOA (service-oriented architecture)
benefits of, 92
Data Hub, ESB zone support for, 125
Data Hub, mapping service to data zones, 129
Data Hub processes improving, 129
defining, 85
growing MDM framework from, 36
implementing data modeling styles, 189–191
implementing MDM as, 13, 44–45, 94–96
introduction to, 90–91
in linking and matching, 160, 385–386
in MDM architectural principles, 85–86
MDM roadmap view enabling, 307
misconceptions, 97–98
in real-time delta processing, 128–129
in reference architecture, 94, 125–126
in reference architecture viewpoint, 105–109
in Tibco MDM, 437
Web Services, 93–94
SOAP-based Web Services, testing, 385–386
Social Services agencies, driving MDM in public sector, 70–71
socialization challenge of MDM
overview of, 41–42
and project failure, 447
project initiation requirements, 315–316
SoD (separation of duties), and data visibility, 272
software
data-at-rest security, 250–251
data governance, 422
driver of MDM in commercial sector, 65–66
tamper-resistance and integrity of, 224
solution change control, history of configuration changes, 349
SOR (system of record)
for business processes, 12
defined, 5
evolution of MDM and CDI, 16–18
misconception about, 97–98
source system models
mapping data models to, 183–185
MDM-Star schema, 188
Source Systems zone, Data Hub, 122–123, 128
SOX (Sarbanes-Oxley Act) of 2002
creating and protecting test data, 388
data protection and privacy regulations of, 49
for data security, 242
integrity of financial data, 201
requiring businesses to attest to data quality/accuracy, 115
risk management requirements of, 202–203
using MDM to comply with, 7–8
Spain, challenges of MDM, 51
spear-phishing, 212
Specially Designated Nationals (SDN) lists, 49, 58
spinners
recognizing bad customers or frauds, 27
relationship data critical to detecting, 357
split operations
data matching with, 349
overview of, 354–355
use case scenario with Reconciliation Engine, 372
sponsorship scenarios, MDM, 286–287
Spring Framework, 274
spyware, 241
SSL (Secure Sockets Layer), 230
SSL/TLS
data-in-transit security with, 248–249
data security on networks with, 245
in HTTPS, 229
overview of, 230
SSO (Single Sign-On) technologies, 233–235
stability, as discriminating attribute, 336
Staging area, ETL processing, 124, 377
stakeholders
addressing complexity of MDM project to, 312–313
business case for. See business case
selling MDM inside enterprise to, 39–41
socializing MDM project with, 41, 315–316
standardization
data-integration challenges from lack of, 46
data quality processes in Data Hub, 129
entity resolution in Product domain, 19, 150
policies, entitlements and, 269–271
star schema data modeling, 171–174
stewardship. See data stewardship
strategic risk, 196
styles, architectural
choosing Data Hub for project, 320–325
Data Hub, 99–102
roadmap view for Data Hub and data ownership, 302–303
styles, data modeling
3NF, 168–171
overview, 168
star schema (dimensional), 171–174
supporting multidomain MDM, 188–191
substitution, for anonymization of data, 389
supplier domain, MDM in retail sales, 68–69
Supply Chain Marketing Solutions, D&B, 439
Sybase, acquisition by SAP, 436
symmetric key encryption, 226–227
symmetric relationships, 358–360
synchronization. See data synchronization
synchronous messages, in Web Services, 93
system integration testing (SIT), 382
system of record. See SOR (system of record)
system on-boarding, 380
System Services layer, MDM reference
architecture
Data Hub, 152
high-level services of, 125
overview of, 106–107
systems
impact on project scope, 320
MDM roadmap view for decommissioning, 301
testing, 382
Systems and Applications in Scope of MDM view, MDM roadmap, 299
Target, XACML, 271
taxonomies
entitlement, 266–267
TCO (total cost of ownership), and integrated risk management, 199
technical approaches and challenges
data quality, synchronization and integration, 45–47
data visibility, security and regulator compliance, 47–50
global MDM, 51–52
implementation costs and time-to-market, 43–45
integrated risk management, 200
key challenges, 36–38
key MDM technical capabilities, 445
overview of, 42–43
summary of, 444
technical capabilities trends, 451
technical infrastructure, and data security/privacy regulations, 213–214
technical metadata, 136
Technical QA testing, 382, 386
technology
information security. See information security and identity management, technologies
project failure and, 446
telecommunications industry, drivers of MDM, 60–61
telegraph code transmission, in Information Theory, 412–413
telemarketers, Do Not Call legislation, 49–50
templates, predefined biometric, 232
terrorism
MDM in government and, 71–73
MDM management of security, 8–9
relationship data for protection from, 357–358
USA Patriot Act, 207
using CDI against, 22
Terrorist Identities Datamart Environment (TIDE) list, 72
Test Management server, building infrastructure, 394
testing
bulk statistical, 383–385
creating and protecting test data, 388–389
Match Group, 386–387
MDM data and services, 381–383
MDM roadmap view for resources and skills, 307
MDM services, 385–386
reporting and, 393
scenario-based, 385
Thailand, challenges of MDM, 51–52
third normal form. See 3NF (third normal form) data modeling
Third-Party Data Provider zone, Data Hub, 123, 128–129
Third-Party Data Sources view, MDM roadmap, 301
third-party information sharing risk, 244
third-party trust, 225
Thomas, Gwen, 400
thought leaders, and marketing effectiveness, 34
360-degree view of customer
addressing complexity of MDM projects to stakeholders, 312–313
customer centricity and data quality, 38–39
holistic entity view, 331–332
merging match group records, 351–352
system integration, 330
3NF (third normal form) data modeling
as most widely adopted standard, 168–170
not moving between dimensional models and, 174
not optimal for reporting and analytics, 169
strengths and weaknesses of, 171
threshold, match accuracy
binary rule for attribute match and score for record match, 343
defining, 344
scoring for attribute and record match, 344
use case scenario with Reconciliation Engine, 370–371
Tibco MDM, 437–438
TIDE (Terrorist Identities Datamart Environment) list, 72
time-to-market concerns, implementing MDM, 43–44
TJX Companies, Inc., security breach, 240
TLS (Transport Layer Security), 230
total cost of ownership (TCO), and integrated risk management, 199
traditional bottom-up estimation, of MDM impact, 289–292
traditional security requirements, 218–220
Transaction Hub style, Data Hub
choosing for project, 323–324
loading data into Data Hub, 128–129
overview of, 101–102
Purisma support for, 438
roadmap view for, 302–303
use case scenario, 372–373
transaction-level data, Operational Data Store, 83
Transaction Manager, 369–371, 373–374
transaction risk
benefits of integrated risk management, 199
from data compromise, 244
overview of, 195–196
transactional entitlements, 266–267
transactional integrity, 375–376
Transport Layer Security (TLS), 230
Transportation Security Administration (TSA), 68
travel
relationship data critical to, 357
Transportation Security Administration, 68
Trigo company, acquisition by IBM, 431
trust
business semantics and, 225
defining Enterprise Attribute Locator information at levels of, 375
as emerging security requirement, 224–225
TSA (Transportation Security Administration), 68
21 CFR Part 11 (SEC and FDA regulations), 201, 243
UAN (Universal Application Network), UCM (Universal Customer Master), Oracle/UI (user interface), hierarchy management, 392
UK Financial Services Act of 1986, 49
Ukraine, MDM challenges, 51
unidirectional synchronization flows, 129
uniformed architecture approach, implementing MDM, 37
unique identifiers
aggregating entity information with, 161
discriminating attributes and, 336
entity matching and generation of, 85, 155–156
generating/managing in Data Quality layer, 107, 153
Key Generation service storing and managing, 163
Registry-style Data Hub acting as master of, 100
unit testing, 381
United States Postal Service (USPS) information, Acxiom licensing, 439
Universal Application Network (UAN), Universal Customer Master (UCM), Oracle/Siebel’s MDM, 433
universal identification cards, 38
universality, discriminating attribute, 336
unstructured master data
in healthcare services ecosystem, 63
MDM roadmap view for integration with, 305
MDM technology trends, 452
Upper Threshold, match accuracy, 344
USA Patriot Act
AML and KYC provisions, 201, 206–207
business process requirements, 207–208
data protection and privacy regulations, 48
using MDM to comply with, 8, 22
use case examples, ERM, 255–257
Use Pattern, classification dimension, 21, 102–103
MDM solution, 433
user interface (UI), hierarchy management, 392
MDM, 433
user involvement
project failure from lack of, 447
socialization challenge of MDM, 42
user provisioning
Access Certification with, 223
as business requirement, 220
provisioning and deprovisioning users, 222–223
USPS (United States Postal Service) information, Acxiom licensing, 439
validation
discriminating attributes and, 336
legacy system data entry, 373
of relationship rules, 360
use case with Reconciliation Engine, 369
value proposition, business
challenges of selling MDM inside enterprise, 39
data quality technology tools in, 83
defining compelling, 35
improving business processes, 317
lines of business and functions in, 318
reasons for MDM project failure, 446
for reference architecture, 105–106
senior management commitment and, 38
through business and operational drivers. See business and operational drivers of MDM
vendors
data-at-rest, 252
ETL, 378–379
GLBA data protection, 205
obtaining Data Hub data model from, 396
partnerships with, 44–45
vendors and their products, MDM
Acxiom, 439
Dun & Bradstreet Purisma, 438–439
IBM, 431–433
Informatica, 434–435
market consolidation and, 430
MDM market trends, 451
Oracle, 433–434
overview of, 429–430
references, 440
SAP, 436
SAS DataFlux, 436–437
Tibco, 437–438
verification, as business requirement, 219
VeriSign, 231
versioning requirements, MDM data modeling, 177
vertex, Small World theory, 169–170
viewpoints, MDM architecture, 98–103
Design and Deployment dimension, 99–102
Information Scope or Data Domain dimension, 103
overview of, 89–90
patterns vs., 89
reference architecture viewpoint, 105–109
reference data and hierarchy management, 103–105
references, 109
services. See services architecture viewpoint
Use Pattern dimension, 102–103
Virtual Private Networks. See VPNs (Virtual Private Networks)
viruses, 241
visibility. See data visibility
visibility context, 269
VPNs (Virtual Private Networks)
data-in-transit security, 248–249
network security using, 217
overview of, 229
W3C (World Wide Web Consortium) defining SOA, 90–91
WS-Policy, 265
WAP (Wireless Application Protocol), 230
watch lists, 58
Web servers, building infrastructure, 394
Web Services
identity management requirement for, 221–222
introduction to, 92–94
security concerns, 235–236
testing in MDM, 385–386
Web Services Architecture (WSA), 93
WebSphere ProfileStage, 433
WebSphere QualityStage, 433
well-formed identifiers, 366
Windows CardSpace, identity federation, 234
Wireless Application Protocol (WAP), 230
WSA (Web Services Architecture), 93
WTLS (Wireless Transport Layer Security) protocol, 230
XACML (eXtensible Access Control Markup Language)
implementing policy-enforced visibility, 269–271
integrating conceptual security/visibility, 277
policy decision/enforcement in, 274
policy enforcement architecture, 275
separation of duties principle in, 272
visibility and security architecture requirements, 278–280
XRI (eXtensible Resource Identifier), 269–270
XrML (XML licensing standard), 255
Zachman, John, 86–89
ZIFA Zachman’s Institute for Framework Advancement), 87–89
18.118.166.94