• No results found

Security in Knowledge Management [ Insiders as Security Risks ]

N/A
N/A
Protected

Academic year: 2021

Share "Security in Knowledge Management [ Insiders as Security Risks ]"

Copied!
40
0
0

Loading.... (view fulltext now)

Full text

(1)

Security in

Security in

Knowledge Management

Knowledge Management

[ Insiders as Security Risks ]

[ Insiders as Security Risks ]

Dr. Rajat Mukherjee

Principal Architect, Verity, Inc.

(2)

Verity, The Market Leader

“Verity #1 Vendor in Portal Infrastructure by Market Share”

– Delphi Group 5/01

“Verity is the Established Market Leader in Enterprise Search”

– OVUM 7/01

Verity is #17 on Fortune 100 Fastest Growing Companies

– Fortune Magazine 8/01 “Verity is the Market Share Leader in Text Search and Retrieval”

– IDC 9/01 Report Verity Leader in the Gartner 2002 Enterprise Search Magic Quadrant

(3)

Verity Corporate Overview

• 1500+ Corporations

• 175 E-Commerce Sites

• 220 OEM Applications

• 430+ Staff Worldwide

• NASDAQ ( VRTY)

• $245 Million in Cash and investments

• 4th Consecutive Profitable Year

(4)

Return On Investment

Knowledge Workers (KW) spend 15% of their time searching

for information. –

AIIM (Assn for information and Image Mgmt.)

Knowledge Workers spend 25% of their time searching for

information. –

Ford Motor Company

Companies without a portal “waste $4.8 million per year. As

the volume and velocity of document-based information

increases, the problem becomes even more severe.”

(5)
(6)

The Opportunity

HTML

World Wide Web

~50+ TB

Online Data in the World

4,000,000+ TB

SQL

Databases

~8,000+ TB

(7)

Document Level Security

Strategic Planning (Upcoming Gartner Report):

• Through 2005, enterprises that incorporate

security as an element of search installations will

realize 50 percent greater return on investment

than those who do not.

• Through 2006, 40 percent of enterprises that

choose initially not to include security as an

element of a search installation will revise the

initiative to do so within 24 months of

(8)
(9)

Online chat Workflow Single sign-on Collaboration Personalization Taxonomy Search 59 % 47 % 43 % 31 % 24 % 8 % 8 %

“What are the Key Enabling Features of The Enterprise Portal?”

(10)

What do the farmers and

merchants want to do with it?

Organize the haystack

Needle in the haystack

3 Tiers of Knowledge Management

INTEGRATED

SCALABLE

(11)

3 Tiers of Knowledge Management

Concept Maps Business Rules Relational Taxonomy Automatic Rules Parametric Search Federated Search Structured Search Multiple Languages Keyword Search Universal Index

Secure Gateways

Advanced Search Popular Ranking Recommendation Expert Location Community Profiling Peer to Peer

(12)

Tier 1

Tier 1

Discovery

(13)

Discovery Paradigm

• I don’t know what I want…

• I

sort of

know what I want…

(14)

Gateways & Filters

• SECURE

Gateways for Indexing

– File system

– HTTP

– MS Exchange

– ODBC

– Documentum

– Lotus Notes

– Others…

(15)

K2 Ticket

Login (NT,LD A P,…)

Authorization

(16)

Node, Document Level Security

• Ticket

– A Ticket represents a user in

the k2 search system.

– Used For caching Gateway

certificates in K2Server

– Obtained via K2UserLogin

• Node level security

– The node level security is

enforced by K2Ticket based on a Ticket

• Document level security

– Doc. Security is enforced

through the gateway

K2Client K2Broker K2Ticket K2Server Gateway Repository Coll. Level Security Repository Credential

(17)

K2 Ticket

Full Wire Encryption

(18)

Federated Infrastructure

• Single point of “discovery”

• Integrate multiple sources of information

• Allows user login credentials via

parameters for each source

• Filtering, Merging, Re-ranking of results

• Infrastructure for enterprise application

integration (EAI)

• Infrastructure basis for P2P Technology

(Personal to Portal)

(19)

Federated Flow

END USER

Federated Infrastructure

WORKER WORKER WORKER

RANKING

(20)
(21)

Tier 2

Tier 2

Content

Content

Organization

Organization

(22)

Taxonomies

Animal Dog Cat Build Taxonomy Animal Cat Use It Animal Dog Cat Populate Taxonomy Animal Dog Cat Build Model Automatic Domain Expert Combination

(23)

Taxonomies

Manual Business Rules Concept Extraction Relational Taxonomies Industry Taxonomy Industry Taxonomy

Search & Browse Manual Import Import Browse Automatic Automatic Classification (training) Automatic Naming

Use the

Taxonomy

Populate the

Taxonomy

Build a Model

for Each Node

Build the

Taxonomy

Paw or hoof Feline Canine Animal Dog Cat Animal Dog Cat Paw or hoof Animal Dog Cat Animal Cat 9 9 9 9 9 9 9 9 9 9 9 9 9 9

(24)
(25)

Automatic Classification

Reuters Benchmark:

9603 training docs,

3299 test docs

Micro-Averaged

Precision, Recall

Ref: Susan Dumais (MS research) published in IEEE Intelligent Systems

Findsim 61.7 Naive Bayes 75.2 Taper2 (IBM) 77 BayesNet (MS) 80 Centriod Bay es Bay es Bay es Bayesian 20% error Quality Quality 80 80 0 0 60 60 40 40 20 20 100 100 New Technology Classifiers Verity LRC 12% error LRC SVM 8.2 SVM (MS) 87 LRC (Verity) 8

(26)

Automatic Classification

Findsim 61.7 Naive Bayes 75.2 Taper2 (IBM) 77 BayesNet (MS) 80 Centriod Bay es Bay es Bay es Bayesian 20% error Quality Quality 80 80 0 0 60 60 40 40 20 20 100 100 New Technology Classifiers Verity LRC 12% error LRC SVM 8.2 SVM (MS) 87 LRC (Verity) 8

• With LRC (1 level) : 12% error

• With LRC (3 levels): 32% error

• With business rules: 1-5% error

• 1 level taxonomy: 20% error

• 2 levels: 36% error

(27)

Tier 3

Tier 3

Social Networks

(28)

Social Networks – Implicit Links

• Represents users, documents, categories and queries in

a dynamic multidimensional Tensor Space

• Model continually learns explicit and implicit

(29)

Content-based Personalization

my interactions my documents my interests

(30)

Verity’s Recommendation Engine

Functions:

• Popular (Adaptive) Ranking

• Document

Recommendation

• Document Similarity

• Community

• Expert Location

• User Transactions

Engine ensures that secure documents

are not recommended.

(31)

Auto-Initialization

User Feedback

Weblogs

Customer Databases

LDAP

Databases

(32)

Sample Applications

• Corporate Intranets

– Recommendation, finding domain experts,…

• Intellectual Property

– Finding related research, consultations,…

• Medical Applications

– Matching patients to doctors, clinical trials,…

• Customer Relationship Management

– Matching customer problems to internal experts in Technical

Support, Development,…

• Recruitment

– Matching job postings to resumes, creating profiles from

resumes,…

• Criminal Profiling

(33)

• Provides an environment that enables

privacy and builds trust.

• Provides capabilities that adhere to the 4

pillars of trust:

1. Identification

2. Notice

3. Transparency

4. Control

(34)

Secure Mode:

Secure Mode:

User profile unreadable

User profile unreadable

default product

default product

Open Mode:

Open Mode:

Authorized personnel

Authorized personnel

able to export User

able to export User

Profiles in the clear, if

Profiles in the clear, if

required by

required by

organization.

organization.

User profile

User profile

Transparency

(35)

User Control

Easy to

configur

e canned

user

profiles

(XML)

Privacy

Opt

Opt

-

-

in/opt

in/opt

-

-

out

out

possible

(36)

Screenshots-Adaptive

Ranking

(37)
(38)
(39)

Summary

• Security issues do not stop outside

the firewall

• Node-level, document-level security

are critical within enterprise

• Huge security lapses can occur

without document level security

• Encryption, privacy, trust are

important in some settings

• Infrastructure must have security

(40)

Thank You

Thank You

rajatm

References

Related documents

Figure 2: Alternate Flow Profiles over Chute and Location of Minimum Depth It is clear also from this discussion that determination of the critical rock size requires the

Forchini 2010 Proprietor’s Reserve Estate Grown Old Vine Zinfandel (Dry Creek Valley, Sonoma County; $28) Robust black cherry and black raspberry; nicely oaked, with a crisp,

Monitoring and Alarm System (EMAS) which is a computer-based system designed to collect environmental data electronically for incubators, refrigerators, freezers, laboratories

Also providing valuable insights into African on-the-ground knowledge governance modalities was the recent work of the World Intellectual Property Organisation (WIPO)

Neste estudo observou-se uma prevalência discretamente maior destes fatores de risco nos idosos institucionalizados, o que corrobora com o fato da institucionalização ser, por si

In conclusion , our study showed that gender based differences in DPN are statistically not significant with respect to frequency of diabetes, age at diagnosis of diabetes or

This section provides a brief comparison of pattern groups created by MPG Multiple- Events using Dataset 2 with patterns which were created by human malware analysts at Blue

• If you have inserted a microSD card into your Sansa Connect player, select microSD Card to view the card’s available memory and the number of songs and photos stored on it.. •