Question 1
Consider the data flow “octopus,” as shown in attached diagram. How can the analysis system gather data from all these sources that, presumably, are protected themselves?
Question 2
If an attacker can retrieve the API and libraries, then use these to write an agent, and then get the attacker’s agent installed, how should Digital Diskus protect itself from such an attack? Should the business analytics system provide a method of authentication of valid agents in order to protect against a malicious one? Is the agent a worthy attack surface? Data Analysis/
Business
Intelligence
Directory
Content
Archive
Identity
Services
Identity
Data
Internal Presentations
Message Bus: JMS, AMQP
metadata
Security
Monitoring
Internal Business
Applications & Processing
Events &
Alerts
Data
Data
Data