From cryptographic access keys to identity-based access control

Overview

As we move towards a cloud-based architecture more and more applications and services need access to cloud resources. Typically such access is authenticated with an access key or a connection string. That introduces the challenge of key management in a modern cloud environment. This page introduces the principles and technologies involved in securing access to cloud resources from the authentication & authorization perspective. Networking is another important aspect of secure access but it is not the scope of this page.

https://brightlineit.com/understanding-encryption-key-management-businesses/

The problem

Services typically do not have a user interface and thus use different access control mechanisms when accessing backend resources. The…


Does Microsoft really enter the space of Data Governance?

Data governance is essential for maximizing the business value and insights from our data while complying with international law and regulations. Massive volumes of data introduce complex challenges that a good data governance program helps to solve. First, it helps data consumers find the data they need and understand its content. Further, it enables the company to maintain a persistent level of quality and trust, and finally, it assures compliance with privacy and security regulations. Modern businesses rely on data. Bad data means bad decisions, therefore it is essential to maintain a high level of data quality. Almost every system…


There is one thing you need to know before starting an RPA project that is key to your project success.

RPA is everywhere, it feels like anyone with a digital transformation program must have an RPA strategy. The promise of RPA is huge, but the reality is much less glamorous. It turns out that RPA is confusing. It's hard to implement and fulfill the promise and so numerous RPA projects fail with millions of dollars that are thrown down the drain. Why? What can you do better? By the end of this paper, you will know and understand a simple rule that will lead you to success.

Automation is the future. The financial and psychological gains are obvious. “Let machines…


How to identify and expose the knowledge that matters

A successful business is almost always driven by high-quality knowledge and expertise. Modern organizations expose their knowledge with conversational interfaces such as bots and expert systems so customers, partners, and employees will have immediate access to the knowledge that drives success. We, data scientists and engineers, are responsible to make that happens. We need to answer a simple question: How do you represent business knowledge so it is easy and simple to consume? There are many approaches and possible strategies for exposing knowledge. …


How to identify private information in APIs

Privacy is all about data management. You need to know which type of information you are dealing with and what really happens to it on the backend. Data catalogs can help you see what is really going on, and visualize what happens to your data. For details, please read the story I published on the subject. Today I want to discuss what can be done to identify PIIs in the context of APIs.

based on the economist

APIs transfer information back and forth and so you want to know if part of that information should be considered private. To help you with that task…


How to choose your graph database wisely

Graph databases are not new. The web is full of great content that describes in detail all you need to know about these powerful types of databases. Unfortunately, the term “graph databases” is a little confusing because, under the roof of that one concept live two different types of products, property graphs, and knowledge graphs, which are fundamentally different. Surprisingly whenever I speak with a colleague who is not specifically an expert about graph databases, I find out that most times that my conversation partner fails to do this basic distinction. …


BERT stands for “Bidirectional Encoder Representations from Transformers”. When I first read this definition, it did not make sense to me. So if you feel the same, it’s OK. When I started reading about BERT, I found that most articles assume tons of background knowledge, which might be challenging for most readers, so I thought to write something that explains BERT from the ground up in a way that everyone can follow.

Produced by Microsoft

Motivations

Let’s start with the why. Natural Language Understanding (NLU) is a subdomain of Natural Language Processing (NLP). NLU deals with the methods and technologies to make machines comprehend…


Software certification is a standard procedure implemented in almost all modern companies before adopting a software tool or package. The process verifies that new pieces of software will not break the security and privacy policies of the company. Security is a complex matter which deals with a wide range of aspects related to any given software product. From identity, through cryptography to software development practices, the list of things to check when certifying software is never-ending. Intelligent data management is at the core of any security and privacy policy, yet when integrating external software, it introduces significant challenges. To be…


How to use semantics to improve the performance of traditional ML recommendation algorithms

Similarity, distance, and correlation are a core concept in data science. They give a numeric measure to the basic question of how “close” or “far” things are. There are many different methods to compute similarities such as cosine similarity, Pearson correlation coefficient and many more. In this article, I will discuss semantic similarity and its application in recommendation algorithms.

Classic Collaboration Filtering (CF) recommenders are based on behavioral data. We collect user rating or usage behavior and create a “rating matrix” from which we identify statistical patterns and compute behavioral similarity. …


In previous posts, I described the different schools of AI which are relevant when designing an intelligent application. In this post, I would like to look at it from a different angle. The difference between two major approaches to solving problems. The Statistical vs Cognitive approaches.

The statistic approach claims that with enough data, and computing power we can solve almost any problem. Most classical machine learning algorithms live here. The assumption is that some statistical pattern exists in the data, even if it was never been designed to be there. ML algorithms identify those hidden patterns and use them…

Manu Cohen-Yashar

Chief Data Architect in Alert Innovation

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store