Identity and Access Management for a complex media workflow was actually my first experience with Neo4j as a graph database solution that enabled us to represent access throughout the flow in a structure realistic to the way it actually existed. During the last 4+ years since then I’ve continued to see Identity and Access Management as major beneficiary of the flexible data model and performance of non-JOIN node traversal of the Neo4j graph database.
The access and authorization structure in enterprises today is constantly evolving and becoming increasing complex. The user structure within organizations today rarely fits well into simple tree structure, especially when dealing with approvals, collaboration across internal groups and integration with external groups where role levels of access and permission vary by business use case rather than by the position or title held within the organization.
- Access is No Longer Static Based on Title
In the modern enterprise access and authorization tends to be driven by function rather than position. As collaboration across departments and teams becomes the default the increasing complexity of permissions for such a user model does not fit well into traditional user and access management systems.
- Performance Degrades as Complexity Increases
As users have their roles and access evolving with ever more caveats driven by the function within a particular team at that time, the queries to return access and authorization for specific actions increase drastically until there becomes a need to duplicate the user account to represent their multiple functions purpose With users, permissions, and products growing, older systems no longer deliver a responsive query performance, leading to user frustration and diminished experience.
- Adding New Users Takes Hours
Due to increased user size and expanding metadata complexity, entering a new user into the system is taking hours or in some cases even days to prepare the user to have the correct access and authorization permissions.
The benefits of going graph with Neo4j:
- A Native Graph Store
Neo4j houses connected access and authorization relationships that are neither hierarchical nor linear. Its native graph storing allows for simplified relationship structures without forcing intermediate indexing at every turn.
- A Versatile Schema
The versatility of Neo4j’s graph model makes it simpler to evolve organization identity and access management models as the organization evolves, which enables an enterprise to move at the pace of business rather than IT.
- Non-JOIN Authorization Performance
With a query engine that traverses about 4 million nodes and relationships per second on commodity hardware, the Neo4j graph database can authorize access over large, complicated data structures in just milliseconds.
The Neo4j graph database is capable of housing intricate and highly connected access control structures consisting of parties, resources and other business entities. Its variable and flexibly structured data model offers support for both non-hierarchical and hierarchical structures, while its extensive property model captures rich metadata on each element within the system.
Solutions for access control and authorization powered by Neo4j on GraphGrid can offer significant benefits to organizations of any size experiencing challenges representing their authorization and access control structures in non-graph systems. Contact us today to learn more.