Differentiated access control Differentiated access control to - - PowerPoint PPT Presentation

differentiated access control differentiated access
SMART_READER_LITE
LIVE PREVIEW

Differentiated access control Differentiated access control to - - PowerPoint PPT Presentation

Feb 10, 2024 436 likes •598 views

Differentiated access control Differentiated access control to graph data to graph data Application to TinkerPop-compatible Application to TinkerPop-compatible graph databases graph databases Marc de Lignie Marc de Lignie Image courtesy:

slide-1
SLIDE 1

Differentiated access control Differentiated access control to graph data to graph data

Application to TinkerPop-compatible Application to TinkerPop-compatible graph databases graph databases Marc de Lignie Marc de Lignie

Image courtesy: http://cosmicweb.barabasilab.com/

slide-2
SLIDE 2

FOSDEM 2019 2

  • 1. self-taught data scientist, starting from a PhD in physics
  • 2. interested in graph analytics and data fusion
  • 3. employed at a Dutch government agency
  • 4. contributor to
  • 5. active in community
  • 6. http://yaaics.blogspot.com

About me

slide-3
SLIDE 3

FOSDEM 2019 3

Differentiated access control to graph data

  • 1. Exploration
  • 2. Directions
  • 3. Application to TinkerPop/JanusGraph

<< notebook demo>>

  • 4. Wrap-up
slide-4
SLIDE 4

FOSDEM 2019 4

product2

  • rder1

product1 location1

Exploration: N data sources into 1 graph

person1

Business: buying history Finance: payments Marketing Research: facebook data

person2

  • rder2

(This) business department may not be allowed to use exact location and facebook data for recommendations

likes

slide-5
SLIDE 5

FOSDEM 2019 5

Exploration: unauthorized edges

person1

Store1 Store2

Some users may not be allowed to traverse edges from Store2

person4 person3 person2

slide-6
SLIDE 6

FOSDEM 2019 6

Differentiated access control to graph data

  • 1. Exploration
  • 2. Directions
  • separate graph stored per user group
  • datastore with cell-level security
  • filtering while traversing the graph
  • 3. Application to TinkerPop/JanusGraph

<< notebook demo>>

  • 4. Wrap-up
slide-7
SLIDE 7

FOSDEM 2019 7

Directions: separate graph stored per user group

Criterion

  • ne graph for all

graph per user group #management processes + limited ○ scales with #groups available (cache) memory + exclusive ○ divided between groups CPU efficiency ○ authorization processing ○ support additional I/O network I/O efficiency + data shared ○ no sharing disk I/O efficiency + data shared ○ no sharing resilience wrt corruption ○ everyone or no one + just one graph scalability #user groups + not needed ○ limited

slide-8
SLIDE 8

FOSDEM 2019 8

Directions: datastore with cell-level security

https://docs.janusgraph.org/0.3.1/data-model.html http://key-value-stories.blogspot.com/2015/02/neo4j-architecture.html

  • need cell-level security to have the data store honor user authorizations
  • cell-level user authorizations not implemented

in current JanusGraph and Neo4j data formats

slide-9
SLIDE 9

FOSDEM 2019 9

Directions: filtering while traversing the graph [1/2]

user 1 authz = ["biz;1","biz;2","biz;3","fb;1"] user 2 authz = ["biz;1","fin;1","fin;2","fin;3"] name = p0 authz = ["biz;3","fb;2"] name = p1 authz = ["fin;3"] name = p2 authz = ["fin2"]

Authorizations assigned to users Authorization options for element access

name = v1 authz = ["biz;3"] name = v2 authz = ["fin;2"] name = e01 authz = ["biz;3"] name = e11 authz = ["fin;3"] name = e22 authz = ["fin;4"] name = e12 authz = ["fin;3"]

slide-10
SLIDE 10

FOSDEM 2019 10

Directions: filtering while traversing the graph [2/2]

graph database API graph application model API Correctly honoring user authorizations as a separate concern private AuthorizedTraversal API graph application business logic & UI graph application query logic external graph database unused filtering & restriction

slide-11
SLIDE 11

FOSDEM 2019 11

Differentiated access control to graph data

  • 1. Exploration
  • 2. Directions
  • 3. Application to TinkerPop/JanusGraph

<< notebook demo>>

  • 4. Wrap-up
slide-12
SLIDE 12

FOSDEM 2019 12

Application to TinkerPop: java-gremlin DSL

GraphTraversalSource C GraphTraversal I Graph I DefaultGraphTraversal C

AuthorizedTraversalSource extends GraphTraversalSource:

  • a java-gremlin DSL on top of the TinkerPop APIs
  • restricts the TinkerPop APIs to authorized data access

(this needs a few instances of stack inspection, which is fragile)

__ anonymous graph traversal C TinkerGraph C StandardJanusGraph C

DSL

slide-13
SLIDE 13

FOSDEM 2019 13

Application to TinkerPop: notebook demo

https://github.com/vtslab/janusgraph/tree/fosdem2019/fosdem2019 userAuthz = ["biz;1", "biz;2", "biz;3"] graph.traversal(). V().has("authz", within(userAuthz)).has("name", "Mathilde").

  • utE("likes").has("authz", within(userAuthz)).

inV().has("authz", within(userAuthz)).

  • utE("lives").has("authz", within(userAuthz)).

inV().has("authz", within(userAuthz)).has("city", "Brussels") graph.traversal(AuthorizedTraversalSource.class). withAuthorization(userAuthz). V().has("name", "Jane").

  • ut("likes").
  • ut("lives").has("city", "Brussels")
slide-14
SLIDE 14

FOSDEM 2019 14

Wrap-up

  • 1. Right visibility of sensitive graph data to different user groups

is not easy to achieve

  • 2. Separate graphs per user group result in penalties for

performance and maintenance

  • 3. Cell-level security is not part of data format of current

graph databases

  • 4. Filtering while traversing the graph is feasible – if fragile –

provided that it is done within the context of a secure endpoint

slide-15
SLIDE 15

Differentiated access control Differentiated access control to graph data to graph data

THANK YOU THANK YOU

Image courtesy: http://cosmicweb.barabasilab.com/