Using OrientDB to Detect Fraudulent Spending by Government Officials

What if average citizens were able to quickly experiment with public government spending data to determine whether any officials were misusing taxpayer funds?

That’s the question Gabriel Mesquita, a software developer and computer scientist from Brazil, recently set out to answer.

In a post on Hacker Noon, Mesquita explored whether any Brazilian government officials were using their monthly allowances illegally by buying products and services from companies owned by people they know.  

In his experimental attempt to detect fraudulent patterns in spending, he turned to OrientDB, the world’s fastest NoSQL database.

A Data Model That Uncovers Anomalies

After obtaining the public data, Mesquita built a data model that leveraged graph database technology. It’s in Portuguese, but here’s what the model looks like:

Gabriel Mesquita data model leveraging graph database technology

 

Mesquita’s model detects which deputies performed multiple transactions with specific companies, whether those companies donated to the specific deputy’s campaign and whether the deputy has any connections, directly or indirectly, to each company in question.

The results? Seven deputies spent their monthly allowances with companies that supported their campaigns in 2014. Another deputy received a donation from a company and then used taxpayer money three different times to support that company.

None of this behavior is illegal, Mesquita suggests.

But, in support of transparency and to serve as another check and balance on politicians, it’s important that taxpayers know about it.

The Takeaways

Mesquita identified two major takeaways from his research:

  1. The Brazilian Democratic Movement (Partido do Movimento Democrático Brasileiro) uses more money than any other political party.
  2. Politicians spend the most money on travel.

Since data pertaining to friends and relatives of politicians isn’t available in Brazil, Mesquita used “fake data” to flesh out his model.

“To validate the model and the whole process I inserted fake data to simulate the fraud scenarios,” Mesquita writes. “Hopefully, if the Chamber of Deputies has this kind of data, they could use the same process to inspect the deputies’ expenses.”

Because he couldn’t access all of the real-world data needed to truly test his thesis, Mesquita’s exercise was experimental in nature.

Still, he found the right tool in OrientDB.

“OrientDB is a great multi-model DBMS,” Mesquita writes. “Graphs are great [at] exposing relationships,” and OrientDB “is a viable solution to find patterns with open data and to provide transparency for our population.”

For more details on Mesquita’s project, read the full piece on Hacker Noon.

To learn more about the world’s leading multi-model graph database and NoSQL solution, visit https://orientdb.com.

 

Venus Picart
Senior Marketing Director, OrientDB, an SAP Company

In the world of master data management, silos are a tremendous challenge.

When enterprises try to process information from disparate systems, they too often use sub-optimal applications and initiatives laden with errors and misinformation, not to mention blown timelines and budgets. But master data management (MDM) is actually more than just the breaking down of data silos. It’s about efficiency and service, innovation and security, clarity and perspective. It’s about getting the most of your most valuable resource: your data.

Here are the five things you need to know about MDM:

The Challenge of Multiple Data Systems

For existing enterprises, one of the largest hurdles to developing an MDM system is the multiplicity of databases and applications usually involved. What’s more, Enterprise Resource Planning and Customer Relationship Management systems rely on structured data, whereas the proliferation of IoT devices has created exponential growth in unstructured data.

Take the example of Enel, which is one of the largest power utilities in Europe. Enel was struggling to provide analytics and reporting across all of its power generation plants and equipment. They see data flowing in from multiple systems, including IoT devices on power generation equipment, plant maintenance systems, scheduling applications, and other sources. Each of these data sources has its own data types. Enel was exporting data to csv files and manually aligning the data to generate reports and analytics.

Other companies in similar scenarios might invest in expensive integration bus systems to support a polyglot persistent environment.

Enel found a solution in a native multi-model database. This allowed them to bring all data into a single database. This means no more worrying about different data types or keeping the different systems in sync. The result was real-time data analysis across all sites and multiple data systems. No more month-long manual processes to manually generate reports.

Master Data Management Really is for Everyone

All companies are now digital enterprises. Since all systems rely on data, MDM is a discipline in which all organizations need to remain competitive. Master data powers everything from financial reporting to real estate transactions to fraud protection. The ultimate results are faster and better decisions, improved customer satisfaction, enhanced operational efficiency, and a better bottom line.

Redundancy Elimination is Only Part of It

Most people who’ve heard of MDM immediately link it to one of its primary objectives: the elimination of redundant data. Yes—having a central repository of data will eliminate data redundancies, as long as it’s done correctly. But the benefits of MDM extend beyond redundancy elimination. Namely: data consistency, data flexibility, data usability, and data security (from role-based access).

Mergers and Acquisitions Don’t Have to Mean a Master Data Management Nightmare

Mergers and acquisitions can be rough on data consistency. Reconciling several master data systems brings headaches from different data system taxonomy and structures. This usually results in two systems remaining separate and linked only through a special reconciliation process.

As more acquisitions and mergers occur, the problem compiles into a labyrinth of siloed systems and data. This brings you back the problem that spurned you to invest in MDM in the first place.

The answer lies in the database management system and vendor you choose for your master data MDM system. Make sure to choose a vendor that offers a flexible, multi-model database that allows you to easily develop a single data taxonomy.

The Database that Backs Your Master Data Management System is Key

The most powerful and effective MDM systems run on databases that fit the business model in question.

As an example, Xima Software uses networks that are like graphs. As such, for a telco, an MDM system via a multi-model graph database is the most effective MDM strategy because the database allows for easy visualization of the network since it uses the same graph model.

Master Data Management is Evolving

If there were a fifth thing you needed to know about MDM, it’s that it’s rapidly evolving to meet the needs of today’s enterprises and their customers. Retailers are using it to improve time-to-market and address their customers’ growing expectations to deliver a true omnichannel experience. The consumer packaged goods industry is using it to ensure the accuracy of nutritional information and comply with local disclosure regulations. And every industry is using it to break down data silos.

Gerard (Jerry) Grassi, P.E.
Senior Vice President – OrientDB
SAP

London – January 16th, 2017

By OrientDB CEO, Luca Garulli

After ransomware groups recently wiped off about 34,000 MongoDB database and exposed about 35,000 Elastic Search databases on the Internet*(read the full article), we advise that OrientDB users double check their OrientDB server.

OrientDB’s average level of security is much stronger than both MongoDB and ElasticSearch. However, nothing can keep you totally safe, specially if you are exposing an OrientDB server directly to the Internet and/or you haven’t changed the default password in your database.

Follow this 5 minute action plan to keep your OrientDB database safe:

1. If you aren’t using the default users (admin, reader and writer), then delete them.

2. If you’re using them, be sure you changed the password for all 3 default users: admin, reader and writer.

3. When you installed OrientDB for the first time, the script asked for the root password. Make sure you didn’t set something obvious such as “root“, “orientdb“, “password“, or any other simple/obvious password.

Now a little advice to keep OrientDB even more secure:

1. If you can, don’t expose the OrientDB server to the Internet.security-box

2. Remember that starting from v2.2 you can configure stronger SALT cycles for hashed passwords. Take a look at the following page for more details: https://orientdb.com/docs/2.2/Database-Security.html#password-management.

3. If you’re working with very sensitive data, please consider using Encryption at REST with AES algorithm. For more details, take a look at the following page: http://orientdb.com/docs/2.2/Database-Encryption.html.

4. Don’t use a password at all. Since v2.2.14, OrientDB Enterprise Edition supports authentication via symmetric keys for the Java client. See https://orientdb.com/docs/2.2/Security-Symmetric-Key-Authentication.html.

5. Lastly, don’t forget OrientDB’s other advanced security features, such as Kerberos authentication, LDAP users, password validation, and auditing.

More Resources:

  1. Database Security
  2. Server Security

For any question, don’t hesitate to ask to the Community Group.

Thanks and keep your data safe!

Luca Garulli
Founder & CEO
OrientDB LTD

*http://www.pcworld.com/article/3157417/security/after-mongodb-ransomware-groups-hit-exposed-elasticsearch-clusters.html

Start using the world’s leading multi-model database today