SlideShare uma empresa Scribd logo

Thoughts on Access Control in Enterprise Recommender Systems

H
heimo-ge

Some Thoughts and Aspects on Access Control Related Issues for Enterprise Recommender Systems This presentation was given on the 10th of July at the Mendeley event "Workshop on Academic-Industrial Collaborations for Recommender Systems"

TecnologiaNegócios
1 de 14
Baixar para ler offline
gefördert durch das Kompetenzzentrenprogramm Heimo Gursch Some Thoughts and Aspects on Access Control Related Issues for Enterprise Recommender Systems www.know-center.at 10 July 2013 Workshop on Academic-Industrial Collaborations for Recommender Systems © Know-Center 2013 Thoughts on Access Control in Enterprise Recommender Systems
© Know-Center 2013 2 Agenda  What am I working on?  Why are we working on that?  What are the major concerns?  Access Control  What are the problems?  What can be done about it?  Recommender  Why use them?  What can they achieve?
© Know-Center 2013 3 Our Project & my background  Project Setting  Four large German Companies  Amounts of information is increasing  Enterprise search is not enough  Project Goals  Single entry point to all information  Help engineers to find whatever they are looking for  Create a prototype that is capable of  Enterprise Search  Recommender  Extract, show and use relations between data
© Know-Center 2013 4 The Problems – Company Policy
© Know-Center 2013 5 The Problems – What is Going on
© Know-Center 2013 6 The big trade-off  Current situation is unsatisfying  Recommender would bring “too much” information  Recommend to user only Information where access is possible Closed Open Information
© Know-Center 2013 7 Access Control Concerns  Access Control is a “necessary evil” to ensure  Confidentiality  Traceability  Status quo  Role based access control (RBAC)[1]  1000s of roles  SSO only over some systems  Problems when changes are necessary  Solutions  Adapt the current system  Start over clean… [1] D.F. Ferraiolo and D.R. Kuhn, “Role-Based Access Controls”, in 15th National Computer Security Conference, 1992, Baltimore MD, Pages 554-563
© Know-Center 2013 8 Possible Solutions[2]  Attribute Based Access Control  Problem: Decide on attributes  Authorization Based Access Control  Abbreviated ABAC or ZBAC  User checks out token to get access  Token holds all the information needed by target systems  Token or parts of it can be passed on  First realization[3]  SOAP Messages with X.509 Certificate [2] A.H. Karp, H. Haury, and M.H. Davis, “From ABAC to ZBAC: The Evolution of Access Control Models From ABAC to ZBAC”, 2009 [3] J. Li and A. H. Karp, “Zebra Copy : A Reference Implementation of Federated Access Management 1”, 2007
© Know-Center 2013 9 Bring in the Recommender…  Recommender can help with questions like…  Has anybody done something with…  Give me more like that  Combining -based Recommenders  Content-based: Short-term model  Knowledge-based: Long-term model  “Knowledge”  Job description  Assigned tasks  … Content Knowledge
© Know-Center 2013 10 Content & Knowledge-based Recommender  User independent  Serendipity problem  Model overcomes the new user problem  Limitation of content analyse  Fast integration of new items  Tweaks by the user are possible  Changing user interest
© Know-Center 2013 11 Combine Recommender & Access Control  Criteria for the solution  High-performance solution that is parallelisable  Ensure access control in any case  Possible solutions  Check access control before anything else is done  Use a multi-criteria recommender system  Multi-criteria recommender system  Define a aggregation function  Base recommendation on  Access control  Short-time model  Long-time model
© Know-Center 2013 12 Key aspect for success  Give possible solution  Show that infrastructure is the result of the problem not the cause  Need to know vs. good to know  Show potential  Produce a prototype that consists of  Search  Recommender  Access-control concepts
© Know-Center 2013 13 Summary & Closing Arguments  Project Settings  Problems and the current situation at our partners  User/role management  Information needs of employees  Situation we work towards  Change access management  Introduce the recommender systems  Improve enterprise search that employees actuality use it
gefördert durch das Kompetenzzentrenprogramm Heimo Gursch Some Thoughts and Aspects on Access Control Related Issues for Enterprise Recommender Systems www.know-center.at 10 July 2013 Workshop on Academic-Industrial Collaborations for Recommender Systems © Know-Center 2013 Thoughts on Access Control in Enterprise Recommender Systems

Recomendados

Moving healthcare applications to the cloud
Moving healthcare applications to the cloudMoving healthcare applications to the cloud
Moving healthcare applications to the cloud
Velocity Technology Solutions
 
ai-presention.pptx
ai-presention.pptxai-presention.pptx
ai-presention.pptx
MuhtasibHossain
 
The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...
The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...
The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...
Prolifics
 
Ehr implementation methodology
Ehr implementation methodologyEhr implementation methodology
Ehr implementation methodology
Linda Gebaroff
 
Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...
Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...
Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...
Shahid Shah
 
It to cut it and process costs
It to cut it and process costsIt to cut it and process costs
It to cut it and process costs
STAdcon
 
Wibberly-2014
Wibberly-2014Wibberly-2014
Wibberly-2014
Virginia Rural Health Association
 
James Andrews User Engagement
James Andrews User EngagementJames Andrews User Engagement
James Andrews User Engagement
Incisive_Events
 

Recomendados

Moving healthcare applications to the cloud
Moving healthcare applications to the cloudMoving healthcare applications to the cloud
Moving healthcare applications to the cloud
Velocity Technology Solutions
 
ai-presention.pptx
ai-presention.pptxai-presention.pptx
ai-presention.pptx
MuhtasibHossain
 
The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...
The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...
The Power of 3 - IBM PureApplications, SoftLayer and General Operational Eff...
Prolifics
 
Ehr implementation methodology
Ehr implementation methodologyEhr implementation methodology
Ehr implementation methodology
Linda Gebaroff
 
Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...
Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...
Reducing Shadow IT by embracing “good enough for HIPAA” horizontal cloud solu...
Shahid Shah
 
It to cut it and process costs
It to cut it and process costsIt to cut it and process costs
It to cut it and process costs
STAdcon
 
Wibberly-2014
Wibberly-2014Wibberly-2014
Wibberly-2014
Virginia Rural Health Association
 
James Andrews User Engagement
James Andrews User EngagementJames Andrews User Engagement
James Andrews User Engagement
Incisive_Events
 
EHS Software Buyer Checklist
EHS Software Buyer ChecklistEHS Software Buyer Checklist
EHS Software Buyer Checklist
Anita Amelia
 
Heuristic evaluation
Heuristic evaluationHeuristic evaluation
Heuristic evaluation
Dikshyanta Dhungana
 
Considerations Checklist: What is High Availability (HA)?
Considerations Checklist: What is High Availability (HA)?Considerations Checklist: What is High Availability (HA)?
Considerations Checklist: What is High Availability (HA)?
Collaborative Consulting
 
SLBdiensten XP sessie: presentatie Microsoft Services
SLBdiensten XP sessie: presentatie Microsoft ServicesSLBdiensten XP sessie: presentatie Microsoft Services
SLBdiensten XP sessie: presentatie Microsoft Services
SLBdiensten
 
Mshi week8: What are the issues and challenges in implementing electronic hea...
Mshi week8: What are the issues and challenges in implementing electronic hea...Mshi week8: What are the issues and challenges in implementing electronic hea...
Mshi week8: What are the issues and challenges in implementing electronic hea...
jgfabia
 
Sneha Summary Resume Final
Sneha Summary Resume FinalSneha Summary Resume Final
Sneha Summary Resume Final
Sneha Patel
 
PairWise introduction
PairWise introductionPairWise introduction
PairWise introduction
Jes Thorbjørn Holt
 
Applying Architecture Design for Information Delivery - HC
Applying Architecture Design for Information Delivery - HCApplying Architecture Design for Information Delivery - HC
Applying Architecture Design for Information Delivery - HC
Human Managed
 
Guide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secureGuide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secure
Calgary Scientific Inc.
 
A common architecture framework for UAE Educational
A common architecture framework for UAE Educational A common architecture framework for UAE Educational
A common architecture framework for UAE Educational
Luqman Kondeth
 
Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Rundeck
 
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and MoreThe Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
TechWell
 
Confessions of an HR Executive
Confessions of an HR ExecutiveConfessions of an HR Executive
Confessions of an HR Executive
hdonbrown
 
Webinar - Design Thinking for Platform Engineering
Webinar - Design Thinking for Platform EngineeringWebinar - Design Thinking for Platform Engineering
Webinar - Design Thinking for Platform Engineering
OpenCredo
 
Top 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a Third
Top 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a ThirdTop 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a Third
Top 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a Third
Original Software
 
FATE_Foundation_it-strategy-oct2013-part1
FATE_Foundation_it-strategy-oct2013-part1FATE_Foundation_it-strategy-oct2013-part1
FATE_Foundation_it-strategy-oct2013-part1
Aide Ojigbede
 
Cloud watch on hrms solutions q2 2013_final_10072013 pre-read
Cloud watch on hrms solutions q2 2013_final_10072013 pre-readCloud watch on hrms solutions q2 2013_final_10072013 pre-read
Cloud watch on hrms solutions q2 2013_final_10072013 pre-read
Ronald van den Berg
 
Oracle Fusion HCM Presentation
Oracle Fusion HCM PresentationOracle Fusion HCM Presentation
Oracle Fusion HCM Presentation
Feras Ahmad
 
Adaptive Case Management – Delivering Right Customer Experience
Adaptive Case Management – Delivering Right Customer ExperienceAdaptive Case Management – Delivering Right Customer Experience
Adaptive Case Management – Delivering Right Customer Experience
Ajay Khanna
 
Pure App + Patterns + Prolifics = Feeding Change
Pure App + Patterns + Prolifics = Feeding Change Pure App + Patterns + Prolifics = Feeding Change
Pure App + Patterns + Prolifics = Feeding Change
Prolifics
 
St josephs project management
St josephs project managementSt josephs project management
St josephs project management
David Terry
 
IT Project Management
IT Project ManagementIT Project Management
IT Project Management
David Terry
 

Mais conteúdo relacionado

Mais procurados

EHS Software Buyer Checklist
EHS Software Buyer ChecklistEHS Software Buyer Checklist
EHS Software Buyer Checklist
Anita Amelia
 
Sneha Summary Resume Final
Sneha Summary Resume FinalSneha Summary Resume Final
Sneha Summary Resume Final
Sneha Patel
 

Mais procurados (10)

EHS Software Buyer Checklist
EHS Software Buyer ChecklistEHS Software Buyer Checklist
EHS Software Buyer Checklist
 
Heuristic evaluation
Heuristic evaluationHeuristic evaluation
Heuristic evaluation
 
Considerations Checklist: What is High Availability (HA)?
Considerations Checklist: What is High Availability (HA)?Considerations Checklist: What is High Availability (HA)?
Considerations Checklist: What is High Availability (HA)?
 
SLBdiensten XP sessie: presentatie Microsoft Services
SLBdiensten XP sessie: presentatie Microsoft ServicesSLBdiensten XP sessie: presentatie Microsoft Services
SLBdiensten XP sessie: presentatie Microsoft Services
 
Mshi week8: What are the issues and challenges in implementing electronic hea...
Mshi week8: What are the issues and challenges in implementing electronic hea...Mshi week8: What are the issues and challenges in implementing electronic hea...
Mshi week8: What are the issues and challenges in implementing electronic hea...
 
Sneha Summary Resume Final
Sneha Summary Resume FinalSneha Summary Resume Final
Sneha Summary Resume Final
 
PairWise introduction
PairWise introductionPairWise introduction
PairWise introduction
 
Applying Architecture Design for Information Delivery - HC
Applying Architecture Design for Information Delivery - HCApplying Architecture Design for Information Delivery - HC
Applying Architecture Design for Information Delivery - HC
 
Guide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secureGuide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secure
 
A common architecture framework for UAE Educational
A common architecture framework for UAE Educational A common architecture framework for UAE Educational
A common architecture framework for UAE Educational
 

Semelhante a Thoughts on Access Control in Enterprise Recommender Systems

Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Rundeck
 
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and MoreThe Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
TechWell
 
Cloud watch on hrms solutions q2 2013_final_10072013 pre-read
Cloud watch on hrms solutions q2 2013_final_10072013 pre-readCloud watch on hrms solutions q2 2013_final_10072013 pre-read
Cloud watch on hrms solutions q2 2013_final_10072013 pre-read
Ronald van den Berg
 
Project management
Project managementProject management
Project management
David Terry
 
Versioning: It's more than just for software
Versioning: It's more than just for software Versioning: It's more than just for software
Versioning: It's more than just for software
Perforce
 
Delivering Enterprise Business Solutions in the Era of Cloud Computing
Delivering Enterprise Business Solutions in the Era of Cloud ComputingDelivering Enterprise Business Solutions in the Era of Cloud Computing
Delivering Enterprise Business Solutions in the Era of Cloud Computing
Eric Shupps
 
Adopting Cloud Testing for Continuous Delivery
Adopting Cloud Testing for Continuous DeliveryAdopting Cloud Testing for Continuous Delivery
Adopting Cloud Testing for Continuous Delivery
SOASTA
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS Adoption
Alexei Fedotov
 

Semelhante a Thoughts on Access Control in Enterprise Recommender Systems (20)

Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
Automate Yourself Out of a Job: Safely Delegate the Management of your Azure...
 
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and MoreThe Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
The Challenges of BIG Testing: Automation, Virtualization, Outsourcing, and More
 
Confessions of an HR Executive
Confessions of an HR ExecutiveConfessions of an HR Executive
Confessions of an HR Executive
 
Webinar - Design Thinking for Platform Engineering
Webinar - Design Thinking for Platform EngineeringWebinar - Design Thinking for Platform Engineering
Webinar - Design Thinking for Platform Engineering
 
Top 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a Third
Top 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a ThirdTop 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a Third
Top 5 Tips to Cut the Effort of your Oracle EBS R12 Project by a Third
 
FATE_Foundation_it-strategy-oct2013-part1
FATE_Foundation_it-strategy-oct2013-part1FATE_Foundation_it-strategy-oct2013-part1
FATE_Foundation_it-strategy-oct2013-part1
 
Cloud watch on hrms solutions q2 2013_final_10072013 pre-read
Cloud watch on hrms solutions q2 2013_final_10072013 pre-readCloud watch on hrms solutions q2 2013_final_10072013 pre-read
Cloud watch on hrms solutions q2 2013_final_10072013 pre-read
 
Oracle Fusion HCM Presentation
Oracle Fusion HCM PresentationOracle Fusion HCM Presentation
Oracle Fusion HCM Presentation
 
Adaptive Case Management – Delivering Right Customer Experience
Adaptive Case Management – Delivering Right Customer ExperienceAdaptive Case Management – Delivering Right Customer Experience
Adaptive Case Management – Delivering Right Customer Experience
 
Pure App + Patterns + Prolifics = Feeding Change
Pure App + Patterns + Prolifics = Feeding Change Pure App + Patterns + Prolifics = Feeding Change
Pure App + Patterns + Prolifics = Feeding Change
 
St josephs project management
St josephs project managementSt josephs project management
St josephs project management
 
IT Project Management
IT Project ManagementIT Project Management
IT Project Management
 
Project management
Project managementProject management
Project management
 
Versioning: It's more than just for software
Versioning: It's more than just for software Versioning: It's more than just for software
Versioning: It's more than just for software
 
Delivering Enterprise Business Solutions in the Era of Cloud Computing
Delivering Enterprise Business Solutions in the Era of Cloud ComputingDelivering Enterprise Business Solutions in the Era of Cloud Computing
Delivering Enterprise Business Solutions in the Era of Cloud Computing
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
Adopting Cloud Testing for Continuous Delivery
Adopting Cloud Testing for Continuous DeliveryAdopting Cloud Testing for Continuous Delivery
Adopting Cloud Testing for Continuous Delivery
 
Neville Fuller
Neville FullerNeville Fuller
Neville Fuller
 
Linked data the next 5 years - From Hype to Action
Linked data the next 5 years - From Hype to ActionLinked data the next 5 years - From Hype to Action
Linked data the next 5 years - From Hype to Action
 
Success Factors of FOSS Adoption
Success Factors of FOSS AdoptionSuccess Factors of FOSS Adoption
Success Factors of FOSS Adoption
 

Último

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Último (20)

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Thoughts on Access Control in Enterprise Recommender Systems

  • 1. gefördert durch das Kompetenzzentrenprogramm Heimo Gursch Some Thoughts and Aspects on Access Control Related Issues for Enterprise Recommender Systems www.know-center.at 10 July 2013 Workshop on Academic-Industrial Collaborations for Recommender Systems © Know-Center 2013 Thoughts on Access Control in Enterprise Recommender Systems
  • 2. © Know-Center 2013 2 Agenda  What am I working on?  Why are we working on that?  What are the major concerns?  Access Control  What are the problems?  What can be done about it?  Recommender  Why use them?  What can they achieve?
  • 3. © Know-Center 2013 3 Our Project & my background  Project Setting  Four large German Companies  Amounts of information is increasing  Enterprise search is not enough  Project Goals  Single entry point to all information  Help engineers to find whatever they are looking for  Create a prototype that is capable of  Enterprise Search  Recommender  Extract, show and use relations between data
  • 4. © Know-Center 2013 4 The Problems – Company Policy
  • 5. © Know-Center 2013 5 The Problems – What is Going on
  • 6. © Know-Center 2013 6 The big trade-off  Current situation is unsatisfying  Recommender would bring “too much” information  Recommend to user only Information where access is possible Closed Open Information
  • 7. © Know-Center 2013 7 Access Control Concerns  Access Control is a “necessary evil” to ensure  Confidentiality  Traceability  Status quo  Role based access control (RBAC)[1]  1000s of roles  SSO only over some systems  Problems when changes are necessary  Solutions  Adapt the current system  Start over clean… [1] D.F. Ferraiolo and D.R. Kuhn, “Role-Based Access Controls”, in 15th National Computer Security Conference, 1992, Baltimore MD, Pages 554-563
  • 8. © Know-Center 2013 8 Possible Solutions[2]  Attribute Based Access Control  Problem: Decide on attributes  Authorization Based Access Control  Abbreviated ABAC or ZBAC  User checks out token to get access  Token holds all the information needed by target systems  Token or parts of it can be passed on  First realization[3]  SOAP Messages with X.509 Certificate [2] A.H. Karp, H. Haury, and M.H. Davis, “From ABAC to ZBAC: The Evolution of Access Control Models From ABAC to ZBAC”, 2009 [3] J. Li and A. H. Karp, “Zebra Copy : A Reference Implementation of Federated Access Management 1”, 2007
  • 9. © Know-Center 2013 9 Bring in the Recommender…  Recommender can help with questions like…  Has anybody done something with…  Give me more like that  Combining -based Recommenders  Content-based: Short-term model  Knowledge-based: Long-term model  “Knowledge”  Job description  Assigned tasks  … Content Knowledge
  • 10. © Know-Center 2013 10 Content & Knowledge-based Recommender  User independent  Serendipity problem  Model overcomes the new user problem  Limitation of content analyse  Fast integration of new items  Tweaks by the user are possible  Changing user interest
  • 11. © Know-Center 2013 11 Combine Recommender & Access Control  Criteria for the solution  High-performance solution that is parallelisable  Ensure access control in any case  Possible solutions  Check access control before anything else is done  Use a multi-criteria recommender system  Multi-criteria recommender system  Define a aggregation function  Base recommendation on  Access control  Short-time model  Long-time model
  • 12. © Know-Center 2013 12 Key aspect for success  Give possible solution  Show that infrastructure is the result of the problem not the cause  Need to know vs. good to know  Show potential  Produce a prototype that consists of  Search  Recommender  Access-control concepts
  • 13. © Know-Center 2013 13 Summary & Closing Arguments  Project Settings  Problems and the current situation at our partners  User/role management  Information needs of employees  Situation we work towards  Change access management  Introduce the recommender systems  Improve enterprise search that employees actuality use it
  • 14. gefördert durch das Kompetenzzentrenprogramm Heimo Gursch Some Thoughts and Aspects on Access Control Related Issues for Enterprise Recommender Systems www.know-center.at 10 July 2013 Workshop on Academic-Industrial Collaborations for Recommender Systems © Know-Center 2013 Thoughts on Access Control in Enterprise Recommender Systems