Deep Access Control: 5-Minute Interview with Manish Jain

What made you choose to partner with Neo4j?

Around 15 to 18 months ago, I started working on Neo4j and looked at ways we could introduce Neo4j in our solutions architect area. NTT does not provide software; we create solutions for other companies, where the latest technology will build on the old technology. We don’t want to completely override their old technology.

A key point for the companies when we’re providing a new solution is how we compare the new solution to what they already have. We need to compare the old scenario and the new scenario. We need to do a lot of analysis and show the client the benefits from the old and new and what software and technology we can use.

That’s why I’m looking at Neo4j from an analysis point of view to demonstrate the benefit of the solution we are proposing.

What have been the most surprising results you’ve seen from Neo4j?

We have patents in a particular area called deep access control and Neo4j’s graph technology is the main software we are working with, along with the Neo4j team.

During this time we have been working with companies that have 5,000 or 10,000 users, as well as some with as few as five users. We examine how are they accessing their systems. No tool captures it all. We capture the raw data for each and every access control. For each person, each type of hardware, each type of database, down to the attribute level of the database, the hardware level of the database, where the connection is coming from. We move that raw data into Neo4j and do the analysis. If this person is coming from a to b, and how many areas? How many points is he touching? The advantage of that is we can easily find out if there is a loop point.

This person has direct access to that area, and should not. Or if the person is moving from one organization to another organization, in the same company, then we need to move the access. When we move the person, it’s possible he has some old access that he should not.

Another key point is when a person leaves his job at the company, we need to remove all the access he had. But normally in 90% of these cases, the person still has that access after they leave. Either some process is still running or once he left, then some process is broken, and it’s very hard to find who is running those processes.

Neo4j can give deep points and loop points for those areas where a person has access. When a new person is hired, and we need to get a copy of the person running the process. Person a is joining. Person b is already there. We copy all that access. We know how much access he has and what type of privileges he has.

Deep access control is a very critical area and we did not find any solution, any software, or any application that handles it, but Neo4j easily finds the information. With the raw data, static data you don’t need too much volume and can easily perform those analyses. That’s my main project and I’m working with the Neo4j team very closely.

The other advantage for Neo4j is that we can convert large databases and data warehouse systems into Neo4j. That will save you storage, save you performance time and give you better response.

If you had to go back to when you first started using graphs, what would you change?

I mentor some people who are working in the IT area. They work on analysis. Some are high school or college students and we mentor them. What I say to them is that instead of going into too much manual analysis or writing too much code, you need to understand the raw data first. That is the most important. Don’t create a large data warehouse. Try to understand the static data and move it into the graph database. What are the relationships between your raw data there? How does it look?

On that point, I don’t see how relational database or NoSQL database can help you. Whereas on the fly you can easily create graph databases. Create a new graph schema or some models on the fly. On the same side of data. That’s my approach.

What is your favorite aspect of working with Neo4j?

My favorite thing about Neo4j is the analysis point of view. These days, people are moving into too much analytic area or machine language area to do more analysis. Data volume is increasing day by day, and how are we restoring that data?

If you don’t want all the raw data, all the static data, those critical information. We really need things to be basic but our elements we need to analyze. That’s the point of a new project we’re doing. Move the static information, key point areas into Neo4j as a node and build relationships on the fly.

Want to share about your Neo4j project in a future 5-Minute Interview? Drop us a line at content@neo4j.com