Brussels / 2 & 3 February 2019


Differentiated access control to graph data

Applied to TinkerPop-compatible graph databases

JanusGraph provides access to persisted graph data in a way that is scalable in data size and graph traversal length. Graphs become more valuable if data from multiple sources is ingested, but in general not all users will be authorized to access all data in the graph, given privacy laws on personal data and corporate policies. Since it is not practical to maintain separate copies of large graphs for the different authorization groups, a technical solution for access control is required. This presentation deals with this issue and discusses techniques to provide access to graph data under heterogeneous confidentiality regimes. In particular, an add-on TinkerPop API is presented that provides an abstration to the required filtering and supports the auditing of gremlin queries for validity.


Marc De Lignie