GraphTalk München - Einführung in Graphdatenbanken und Neo4j
0 likes265 views
This document provides information about an identity and access management graph talk event. It will include an introduction to graph databases and Neo4j, a presentation on new approaches to successful identity and access management with graphs, and an open discussion over lunch. Presenters will discuss using graphs for IAM to provide more intuitive, flexible and agile solutions compared to traditional table-based approaches.
GraphTalk München - Einführung in Graphdatenbanken und Neo4j
- 1. Herzlich Willkommen! Graphtalks Identity & Access Management 1 stefan.kolmar@neo4j.com bruno.ungermann@neo4j.com
- 2. Neo4j GraphTalks Identity & Access Management • Einführung in Graphdatenbanken und Neo4j (10 Uhr) Bruno Ungermann, Neo4j • Neue Wege zum erfolgreichen Identity & Access Management mit Graphen • Intelligente Lösungen mit Graphen erstellen Stefan Kolmar, Neo4j • Offene Diskussion und Mittagessen (12 Uhr)
- 3. Complexity
- 5. Domain Model Logistics Process
- 6. Traditional Approach: Fixed Schema, Tables
- 7. Graph Model: Nodes & Relationships Container Load USING ROUTE Depart 2014-04-15 Arrive 2014-04-28 USING_CARRIER Vessel Physical Container Shipment Carrier Emission Class A Shipment: ID 256787 Carrier: DHL Route 10520km Route: 823km Fueling Max Wgt 80 Type Gas B Town: Tokyo Town: Hong Kong Town: Hamburg Container LoadContainer LoadContainer Load Parcel Weight 15.5kg Container Load
- 9. Flexibility
- 11. “We found Neo4j to be literally thousands of times faster than our prior MySQL solution, with queries that require 10-100 times less code. Today, Neo4j provides eBay with functionality that was previously impossible.” - Volker Pacher, Senior Developer “Minutes to milliseconds” performance Queries up to 1000x faster than other tested database types Speed
- 13. Neo4j - The Graph Company 500+ 7/10 12/25 8/10 53K+ 100+ 250+ 450+ Adoption Top Retail Firms Top Financial Firms Top Software Vendors Customers Partners • Creator of the Neo4j Graph Platform • ~250 employees • HQ in Silicon Valley, other offices include London, Munich, Paris and Malmö (Sweden) • $160M in funding from Morgan Stanley, Fidelity, Sunstone, Conor, Creandum, and Greenbridge Capital • Over 10M+ downloads, • 250+ enterprise subscription customers with over half with >$1B in revenue Ecosystem Startups in program Enterprise customers Partners Meet up members Events per year Industry’s Largest Dedicated Investment in Graphs
- 14. 14 • Record “Cyber Monday” sales • About 35M daily transactions • Each transaction is 3-22 hops • Queries executed in 4ms or less • Replaced IBM Websphere commerce • 300M pricing operations per day • 10x transaction throughput on half the hardware compared to Oracle • Replaced Oracle database • Large postal service with over 500k employees • Neo4j routes 10M+ packages daily at peak, with peaks of 5,000+ routing operations per second. Handling Large Graph Work Loads for Enterprises Real-time promotion recommendations Marriott’s Real-time Pricing Engine Handling Package Routing in Real-Time
- 15. Discrete Data Minimally connected data Neo4j is designed for data relationships Other NoSQL Relational DBMS Neo4j Graph DB Connected Data Focused on Data Relationships Development Benefits Easy model maintenance Easy query Deployment Benefits Ultra high performance Minimal resource usage Use the Right Database for the Right Job
- 16. How Neo4j Fits — Common Architecture Patterns From Disparate Silos To Cross-Silo Connections From Tabular Data To Connected Data From Data Lake Analytics to Real-Time Operations
- 17. Graph Transactions Graph Analytics Data Integration Development & Admin Analytics Tooling Drivers & APIs Discovery & Visualization Developers Admins Applications Business Users Data Analysts Data Scientists
- 18. Neo4j Bloom Features 18 • Prompted Search • Property Browser & editor • Category icons and color scheme • Pan, Zoom & Select
- 19. Kettle 19
- 20. 20 Common Graph Technology Use Cases Network & IT Operations Application Management Meta Data Management Real-Time Recommendations Identity & Access Mgt. Security Knowledge Management Fraud Detection, AML Compliance, GDPR
- 21. 21 Hierarchical Directories (static, internal) & The Real World (complexity, speed)
- 22. 22 A Property Graph is very applicable to IAM
- 24. 24 Problem Statement from a Fortune 50 Customer „Our IAM analysts are unable to accurately identify and manage security risks in an acceptable timeframe using tools that rely on our existing Active Directory implementation“ Sample Questions: • „How many accounts have „Local Admin“ access to a particular resource at a particular time?“ • „How can i define and determine which groups, acccounts and servers have the highest risk“ • „What is the most efficient way a assign access to a particular resource?“ • „How can i understand the impact of pruning groups from domains?“
- 25. 25 Person belongs to 1512 groups Server has 159 local admin accounts Group has local admin rights for 27239 servers Nested Groups: 151 local admin accounts ... Results based on a few hours of graph based analysis
- 26. Background • Oslo-based telcom provider is #1 in Nordic countries and #10 in world • Online, mission-critical, self-serve system lets users manage subscriptions and plans • availability and responsiveness is critical to customer satisfaction Business Problem • Logins took minutes to retrieve relational access rights • Massive joins across millions of plans, customers, admins, groups • Nightly batch production required 9 hours and produced stale data Solution and Benefits • Shifted authentication from Sybase to Neo4j • Moved resource graph to Neo4j • Replaced batch process with real-time login response measured in milliseconds that delivers real-time data, not yesterday’s snapshot • Mitigated customer retention risks SUBSCRIBED_BY CONTROLLED_BY PART_OFUSER_ACCESS Account Customer CustomerUser Subscription
- 27. Background • Top investment bank with $1+ trillion in assets • Using a relational database and Gemfire to manage employee permissions to research document and application-service resources • Permissions for new investment managers and traders provisioned manually Business Problem • Lost an average of 5 days per new hire while they waited to be granted access to hundreds of resources, each with its own permissions • Replace an unsuccessful onboarding process implemented by a competitor • Regulations left no room for error Solution and Benefits • Store models, groups and entitlements in Neo4j • Exceeded performance requirements • Major productivity advantage due to domain fit • Graph visualization ease permissioning process • Fewer compromises than with relational • Expanded Neo4j solution to online brokerage
- 29. Bootcamp