Thoughts on Access Control in Enterprise Recommender Systems

14
gefördert durch das Kompetenzzentrenprogramm Heimo Gursch Some Thoughts and Aspects on Access Control Related Issues for Enterprise Recommender Systems www.know-center.at 10 July 2013 Workshop on Academic-Industrial Collaborations for Recommender Systems © Know-Center 2013 Thoughts on Access Control in Enterprise Recommender Systems

TAGS:

description

Some Thoughts and Aspects on Access Control Related Issues for Enterprise Recommender Systems This presentation was given on the 10th of July at the Mendeley event "Workshop on Academic-Industrial Collaborations for Recommender Systems"

Transcript of Thoughts on Access Control in Enterprise Recommender Systems

Page 1: Thoughts on Access Control in Enterprise Recommender Systems

gefördert durch das Kompetenzzentrenprogramm

Heimo Gursch

Some Thoughts and Aspects on Access Control

Related Issues for Enterprise Recommender

Systems

www.know-center.at

10 July 2013

Workshop on Academic-Industrial Collaborations for Recommender Systems

© Know-Center 2013

Thoughts on Access

Control in Enterprise

Recommender Systems

Page 2: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

2

Agenda

What am I working on?

Why are we working on that?

What are the major concerns?

Access Control

What are the problems?

What can be done about it?

Recommender

Why use them?

What can they achieve?

Page 3: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

3

Our Project & my background

Project Setting

Four large German Companies

Amounts of information is increasing

Enterprise search is not enough

Project Goals

Single entry point to all information

Help engineers to find whatever they are looking for

Create a prototype that is capable of

Enterprise Search

Recommender

Extract, show and use relations between data

Page 4: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

4

The Problems – Company Policy

Page 5: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

5

The Problems – What is Going on

Page 6: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

6

The big trade-off

Current situation is unsatisfying

Recommender would bring “too much” information

Recommend to user only Information where access is

possible

Closed Open

Information

Page 7: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

7

Access Control Concerns

Access Control is a “necessary evil” to ensure

Confidentiality

Traceability

Status quo

Role based access control (RBAC)[1]

1000s of roles

SSO only over some systems

Problems when changes are necessary

Solutions

Adapt the current system

Start over clean…

[1] D.F. Ferraiolo and D.R. Kuhn, “Role-Based Access Controls”, in 15th National Computer Security Conference, 1992,

Baltimore MD, Pages 554-563

Page 8: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

8

Possible Solutions[2]

Attribute Based Access Control

Problem: Decide on attributes

Authorization Based Access Control

Abbreviated ABAC or ZBAC

User checks out token to get access

Token holds all the information needed by target systems

Token or parts of it can be passed on

First realization[3]

SOAP Messages with X.509 Certificate

[2] A.H. Karp, H. Haury, and M.H. Davis, “From ABAC to ZBAC: The Evolution of Access Control Models From ABAC to ZBAC”,

2009

[3] J. Li and A. H. Karp, “Zebra Copy : A Reference Implementation of Federated Access Management 1”, 2007

Page 9: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

9

Bring in the Recommender…

Recommender can help with questions like…

Has anybody done something with…

Give me more like that

Combining -based Recommenders

Content-based: Short-term model

Knowledge-based: Long-term model

“Knowledge”

Job description

Assigned tasks

Content

Knowledge

Page 10: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

10

Content & Knowledge-based

Recommender

User independent Serendipity problem

Model overcomes the new

user problem

Limitation of content

analyse

Fast integration of new

items

Tweaks by the user are

possible

Changing user interest

Page 11: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

11

Combine Recommender & Access Control

Criteria for the solution

High-performance solution that is parallelisable

Ensure access control in any case

Possible solutions

Check access control before anything else is done

Use a multi-criteria recommender system

Multi-criteria recommender system

Define a aggregation function

Base recommendation on

Access control

Short-time model

Long-time model

Page 12: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

12

Key aspect for success

Give possible solution

Show that infrastructure is the result of the problem not the

cause

Need to know vs. good to know

Show potential

Produce a prototype that consists of

Search

Recommender

Access-control concepts

Page 13: Thoughts on Access Control in Enterprise Recommender Systems

© Know-Center 2013

13

Summary & Closing Arguments

Project Settings

Problems and the current situation at our partners

User/role management

Information needs of employees

Situation we work towards

Change access management

Introduce the recommender systems

Improve enterprise search that employees actuality use it

Page 14: Thoughts on Access Control in Enterprise Recommender Systems

gefördert durch das Kompetenzzentrenprogramm

Heimo Gursch

Some Thoughts and Aspects on Access Control

Related Issues for Enterprise Recommender

Systems

www.know-center.at

10 July 2013

Workshop on Academic-Industrial Collaborations for Recommender Systems

© Know-Center 2013

Thoughts on Access

Control in Enterprise

Recommender Systems


INTRODUCTION TO RECOMMENDER - Leuphana … · SYSTEMS AND THEIR EVALUATION Olga ... recommender systems Introduction Properties of recommender ... 11 Tutorial: Recommender Problems

INTRODUCTION TO RECOMMENDER - Leuphana … · SYSTEMS AND THEIR EVALUATION Olga ... recommender systems Introduction Properties of recommender ... 11 Tutorial: Recommender Problems

Recommender Introduction to Recommender Systems and ...

Recommender Introduction to Recommender Systems and ...

TFR: A Tourist Food Recommender System based on Collaborative Filtering · 2018-08-14 · Artificial Intelligence, Recommender System Keywords Food Recommender System, Tourist Recommender

TFR: A Tourist Food Recommender System based on Collaborative Filtering · 2018-08-14 · Artificial Intelligence, Recommender System Keywords Food Recommender System, Tourist Recommender

Course Recommender

Course Recommender

Recommender system

Recommender system

Open Recommender

Open Recommender

Recommender Systems Handbook - Home - Springer978-0-387-858… ·  · 2017-08-28Printed on acid-free paper ... interacting with recommender systems, recommender sys- ... 1.6 Recommender

Recommender Systems Handbook - Home - Springer978-0-387-858… ·  · 2017-08-28Printed on acid-free paper ... interacting with recommender systems, recommender sys- ... 1.6 Recommender

Tutorial: Recommender Systemswelling/teaching/CS77B... · Tutorial: Recommender Systems ... Recommender systems implementation & evaluation Product configuration systems Web mining

Tutorial: Recommender Systemswelling/teaching/CS77B... · Tutorial: Recommender Systems ... Recommender systems implementation & evaluation Product configuration systems Web mining

Recommender Systems Recommender Systems

Recommender Systems Recommender Systems

The Agriculture Energy Enterprise Initiative: Preliminary thoughts

The Agriculture Energy Enterprise Initiative: Preliminary thoughts

A Fuzzy Recommender System for eElections - unifr.ch Fuzzy Recommender System for eElections 63 2 Recommender Systems for eCommerce According to Yager [4], recommender systems used

A Fuzzy Recommender System for eElections - unifr.ch Fuzzy Recommender System for eElections 63 2 Recommender Systems for eCommerce According to Yager [4], recommender systems used

Recommender Lab

Recommender Lab

Personalized Recommender by Exploiting Domain based Expert ... · Incremental Collaborative Filtering Recommender system. B. Content-Based Recommender System Content based recommender

Personalized Recommender by Exploiting Domain based Expert ... · Incremental Collaborative Filtering Recommender system. B. Content-Based Recommender System Content based recommender

Affective recommender systems: the role of emotions in recommender systems

Affective recommender systems: the role of emotions in recommender systems

Recommender Lecture

Recommender Lecture

First Thoughts: Putting Artificial Intelligence into the Business Enterprise

First Thoughts: Putting Artificial Intelligence into the Business Enterprise

Movie genome: alleviating new item cold start in movie … · MM Multimedia RS Recommender systems VRS Video recommender systems MRS Movie recommender systems MMRS Multimedia recommender

Movie genome: alleviating new item cold start in movie … · MM Multimedia RS Recommender systems VRS Video recommender systems MRS Movie recommender systems MMRS Multimedia recommender

Incorporating Contextual Information in Recommender ...ids.csom.umn.edu/faculty/gedas/papers/context-in-recommender... · 1 Incorporating Contextual Information in Recommender Systems

Incorporating Contextual Information in Recommender ...ids.csom.umn.edu/faculty/gedas/papers/context-in-recommender... · 1 Incorporating Contextual Information in Recommender Systems

Recommender Systems

Recommender Systems

Recommender Systems an Introduction Chapter07 Evaluating Recommender Systems

Recommender Systems an Introduction Chapter07 Evaluating Recommender Systems