Implementing a Master Data Management (MDM) sometimes seems like a daunting, expensive proposition. Many MDM efforts end being discredited and discarded in the long run.
A team of two engineers designed, developed, and implemented a MDM in our organization with a small budget. After three years, this MDM is successfully sharing enterprise data to over 40 consumers, and growing in popularity, with minimum maintenance.
How to Build and Promote a Successful MDM Solution on a Shoestring
1. How to build and promote a successful MDM solution on a shoestring Pablo Riboldi, PhD Solution Manager for Information Governance & Quality The Church or Jesus Christ of Latter-day Saints
29. How are the policies defined? A database package is defined for each object to be protected. The database package functions reference information stored in the Application Context of the current database session and returns the SQL fragment to be either: Appended to the Where Clause or Used to determine whether or not to show the column contents in the result.
30. Sample policy package CREATE OR REPLACE package MDM_ORG_SEC_PKG as function SET_PREDICATE (OBJECT_SCHEMA VARCHAR2,OBJECT_NAME VARCHAR2) return VARCHAR2; -- row policies ... function VIEW_TIMEZONE (OBJECT_SCHEMA VARCHAR2,OBJECT_NAME VARCHAR2) return VARCHAR2; -- column policies end MDM_ORG_SEC_PKG; / CREATE OR REPLACE package body MDM_ORG_SEC_PKG as CTX_VALUE VARCHAR2(2000) :=NULL; CTX_NAME VARCHAR2(30) :='MDM_SEC_CTX'; -- defines the application context function SET_PREDICATE (OBJECT_SCHEMA VARCHAR2,OBJECT_NAME VARCHAR2) return VARCHAR2 as begin CTX_VALUE:=NULL; CTX_VALUE:=SYS_CONTEXT('USERENV','SESSION_USER'); -- identifies the user associated with this session IF CTX_VALUE = OBJECT_SCHEMA THEN RETURN '1=1'; -- if the user is the same as the object owner, enable all access END IF; CTX_VALUE:=NULL; CTX_VALUE:=SYS_CONTEXT(CTX_NAME,'ORG_PREDICATE',2000); -- gets the where clause fragment to be appended IF CTX_VALUE IS NULL THEN RETURN '1=0'; -- if there is no information in the context, deny all access ELSE RETURN CTX_VALUE; -- return the row constraints END IF; EXCEPTION WHEN OTHERS THEN RETURN '1=0'; end; ... function VIEW_TIMEZONE (OBJECT_SCHEMA VARCHAR2,OBJECT_NAME VARCHAR2) return VARCHAR2 as begin …
31. How do we connect the policy to the database object? First, we define the objects and protected column lists in the MDM repository security tables. Then we execute a set of scripts to: Create a stored procedure that will be used to populated the application context when the user connects. Create the application context and tie to the above stored procedure. Tie the VPD policies to the database objects.
32. MDM Repository Security Tables (part 1) Defines the objects (tables, views, synonyms) to be protected Defines the columns to be protected
33. MDM Repository Security Tables (part 2) For the specific user, this defines the where clause fragment … and the column sets to include with the default columns.
34. We’re done! Now, when the SQL statement is executed: SELECT * FROM MDM_ORG Only those rows / columns authorized are returned in the result set.
35. What do we have in our MDM? Reference Data Sets Languages Geopolitical Locations (Countries, Regions, etc.) Currencies Exchange Rates Master Data Sets Organizations Leaders Employees & reporting hierarchy – in progress Physical Facilities (Churches, Temples, Seminaries, etc.) – in progress
36. How successful is our MDM? We replicate authorized master data to 54 other productions systems (230+ instances) daily. Developers become familiar with the canonical models for master data, which reduces the development cost of using master data. Web services deliver master data from the MDM repository. It takes about 20 minutes to provision master data to a new consumer. Changes in source systems are completely transparent to the consuming systems. Reduce number of DB links to source systems.
37. Thank you! Questions & Answers Pablo Riboldi Solution Manager for Information Governance & Quality riboldipj@ldschurch.org The Church or Jesus Christ of Latter-day Saints Visit us at www.mormon.org
Editor's Notes
Also… Over 27,800 Local congregations Hundreds of global and local information systems Broadcasting network using all types of infrastructure
- Governing councils include the First Presidency, Quorum of the Twelve Apostles, and the Presiding Bishopric. Elder Hales: “The wheels of the Church move slowly, but grind really fine.” Information systems have been traditionally built to answer the needs of a specific department or division.
- For more information: www.mormon.org or www.lds.org