[FoRK] Specific System Architecture

Frank Bergman (fraber) fraber at fraber.de
Mon Jun 10 09:43:56 PDT 2013


> only advantage

That's the key feature if you want to grant the British
access only to their nationals while ensuring compliance
with the - apparently somehow restricted - access to 
information about US citizens.


> RBAC

Not RBAC but "target-object based access control", or 
control based on certain meta-data (i.e. the object's 
nationality): www.mathzor.com/docs/frankieSurvey.pdf

The other big feature is server-side programming. I guess
that's for faster iteration in the graph algorithms 
mentioned in the NSA Big Graph slides below ("But 
iteration in MapReduce is expensive..."). Iteration is
what propagates the relevancy score from one object to 
it's neighbours. PL/SQL live on!

The other place to dig around for "the architecture" 
is www.autonomy.com. They used to be big in enterprise 
knowledge management, but went mainly for "government 
customers" in the last few years. They can mine 
petabytes of interal investment bank emails for hints 
on fraudulent behaviour, so don't think that you can
disguise your conversation topics by using codenames 
for dirty things. Make sure your bigram or trigram 
probability distribution doesn't change between emails!
www.aclweb.org/anthology-new/A/A00/A00-2020.pdf


Cheers!
Frank


-----Original Message-----
From: fork-bounces at xent.com [mailto:fork-bounces at xent.com] On Behalf Of
Gregory Alan Bolcer
Sent: Monday, June 10, 2013 5:38 PM
To: fork at xent.com
Subject: Re: [FoRK] Specific System Architecture

Accumulo's only advantage over other bigtable implementations, ie. OTS
Hadoop/Hbase is that it provides column level data partitioning and access.

I don't see how building that into the technology is an advantage.  You need
something like a physically secure omniscient jedi archive, some clever
dynamic metadata tagging, but then you do the real RBAC at the proxy level
(patent pending, thank you very much).

Greg

On 6/10/2013 7:42 AM, Frank Bergman (fraber) wrote:
>> Any thoughts on the specific system architecture to implement what's 
>> described here?
>
> - The PRISM tuple-store ...
>    http://en.wikipedia.org/wiki/Apache_Accumulo
>
> - ... still provides some challenges...
>    
> http://www.pdl.cmu.edu/SDI/2013/slides/big_graph_nsa_rd_2013_56002v1.p
> df
>
> - ... in the Bluffdale datacenter.
>    http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/
>
>
> 1M square feed apparently hold a Yottabyte of data.
> You don't need that amount unless you want to store all data.
>
> Anybody wonders why European and other "Rest of the World" businesses 
> are "lagging" in public cloud adoption?
>
> Cheers!
> Frank
>
> ---
>
> http://www.twitter.com/projop ... still :-) 
> http://www.facebook.com/projectopen.org ... deprecated
>
>
--
greg at bolcer.org, http://bolcer.org, c: +1.714.928.5476
_______________________________________________
FoRK mailing list
http://xent.com/mailman/listinfo/fork



More information about the FoRK mailing list