Recently, I chanced upon a blog by Mark Rittman and his follow on comments to a reader. He often blogs about a variety of Oracle products and related topics. In this particular instance, while discussing potential use cases for Exalytics (http://www.rittmanmead.com/2012/06/some-thoughts-on-potential-exalytics-use-cases/#comments), he makes a couple of very keen observations when asked about what use cases Exalytics would not be good for. In his words (June 3, 2012):
“….there’s two scenarios where the Exalytics approach (as it currently is), in combination with OBIEE might not be such an obvious choice:
1) Real-Time Data Warehouses with continuously updated data, fed either by micro-batch ETL or push-type technology – in this case, the caching and pre-aggregation approach used by Exalytics won’t really be useful, as they will become stale (out of date) as soon as the DW dataset gets updated.”
A point that stands out is that there are indeed use cases where the data being analyzed needs to be truly current or real-time, and not a result of any pre-aggregation. This is an important consideration because there are indeed many cases with critical events that need addressing right away and need to be based on a more comprehensive data set; in these cases, any delay and data set limitations caused by any pre-aggregation can be damaging.
This brings to mind a certain use case that I recently discussed with a start-up company called AlertEnterprise (they participate in the SAP Start Up Focus program). They outlined a use case for what they describe as “Critical Infrastructure” customers, such as Airports, Oil & Gas Pipelines, Refineries, Chemical Plants, and Utilities. For such customers, “Insider Threat” is a matter of constant worry. Recognizing the severity of such threats, even the Department of Homeland Security (DHS) has listed Insider Threat as an Advanced Persistent Threat (APT). Insider threats pose significant danger to the systems – physical, logical, and security related – of these critical infrastructure customers. For example, at airports insiders have privileged access to airport processes and procedures, access to secured areas, and are often aware of where there might be chinks in the armor with respect to overall security. Thus, effective security at these customers requires a multi-faceted approach to address a variety of threats, both external and internal. Recent studies and information obtained by the DHS, the FBI and other agencies, indicate that insiders are not only utilized by terrorists to gain access to sensitive information and targets, but they themselves are also often likely to be perpetrators of hostile acts.
To effectively respond to insider threats at airports and other critical infrastructure customers requires predictive risk analytics and utilization of cutting-edge security convergence technology. Security convergence implies analyzing risks across IT security, physical security and operational systems (such as those meant for Supervisory Control and Data Acquisition (SCADA), etc.), to safeguard critical assets. The ability to do so has not been very effective in the past. Using sophisticated algorithms, AlertEnterprise seeks to solve this problem. However, the use of these algorithms alone would not solve the problem very effectively; the challenges posed by huge volumes of data, structured and unstructured (possibly from a number of disparate sources) would slow down the processing significantly. This is where SAP HANA makes a difference.
Without SAP HANA, Predictive Risk Analytics for security would take a very long time to process. In this case, this is obviously a crippling factor because, as they explained, predicting the possibility of malicious events with an eye to preventing them is pointless if the calculations would continue well past the occurrence of the incident itself!
Working with the SAP Co-Innovation Lab (COIL), AlertEnterprise has demonstrated how this process would leverage some of the key differentiating aspects of SAP HANA, namely, its tremendous computing power and the ability to rationalize large data sets from diverse information sources; and, just as importantly, its ability to deliver on these fronts without having to massage or pre-aggregate any of the data. The solution in this case demands the ability to process data from a variety of identity databases. For example, in the case of airport security the Transportation Systems Clearinghouse, No-Fly Lists and HR systems for airports would be sources of data. This is important to note because insider threats come in many shapes and forms at such critical infrastructure customers, and each one of these could potentially represent a unique data source. Thus, the raw processing power of SAP HANA, combined with the ability to deliver without any pre-aggregation or pre-selection of data provides true real-time results – that does the job! Today, it appears that SAP HANA uniquely provides this powerful combination of capabilities because many of the other offerings on the market that claim to provide blazing fast analytics do require some form of data pre-selection, pre-aggregation, etc.
As I see it, this strength of SAP HANA is but one facet of the comprehensive thinking behind its design, a design that represents nothing short of a revolution in the world of computing. Keep an eye on its rapid evolution and ongoing enhancement of capabilities, for that will help you identify newer ways of solving old problems and effective solutions to new ones!
P.S. You can follow my other blog posts at: Café Innovation Blog on the SAP Community Network (SCN)