Examples on Principle 8 #30
Comments
|
Hi Giovanni, very good question thank you. Control comes in many forms. In we use the EKG Maturity Model as a guiding framework (https://maturiy.ekgf.org) to define "maturity levels" (i.e. levels of expectation), then at the lower levels, the average Knowledge Graph (let alone an Enterprise Knowledge Graph) will not provide much control beyond access control at the SPARQL endpoint and/or at the UI endpoint. However, at higher levels of maturity one would expect more advanced levels of control in various areas, not only access control (advanced context-specific entitlement computation) but also controls for regulatory compliance or "policy enforcement". Those types of control can (in my opinion), at least at enterprise scale, only be enabled and enforced by having a smart EKG architecture that has a service layer that sits in front of all your backend sources, not only semantic graph databases aka triplestores but any other type of source as well, they can all provide their piece of the overall Enterprise Knowledge Graph. That service layer is one of the topics that we're discussing in the EKGF community. We will soon start with a new workgroup called "EKGF Architecture Workgroup" which will discuss exactly that service layer and its requirements. So far every EKG project I've been involved in over the years builds their own equivalent of that service layer. It's time for standardisation and vendor products. Cheers |
|
If you mail me at [email protected] I can send you a draft document that explains that EKG architecture. |
|
thanks @jgeluk , I've sent you an e-mail 👍 |
Is there any more recommended literature on principle 8 around control ?
I would love to understand how that could be implemented in practice and some best practices around it
The text was updated successfully, but these errors were encountered: