Security Issues in OpenStack

•

16 j'aime•4,598 vues

Presentation of a Master thesis project that analyzed security issues in OpenStack Object Storage - open source cloud storage software.

Technologie

Security Issues in OpenStack Master's thesis Rostyslav Slipetskyy Supervisors: Prof. Danilo Gligoroski (NTNU, Norway) Associate Prof. Christian W. Probst (DTU, Denmark)

What is OpenStack? Open source software to build private and public clouds. The mission of OpenStack is "to produce the ubiquitous open source cloud computing platform that will meet the needs of public and private clouds regardless of size, by being simple to implement and massively scalable"

What is OpenStack? (2) + Nova : Cloud Controller Swift : Cloud Storage =

Why Do We Concentrate on Security? ,[object Object],[object Object],[object Object]

Methodology ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Identifying Security Issues Relevant to Cloud Computing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Tackling Project Size and Requirements ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Identity and Access Management Security Issues ,[object Object],[object Object],[object Object],[object Object]

Authentication Systems: Devauth ,[object Object]

Authentication Systems: SWAuth ,[object Object]

Authentication: Security Token Generation ,[object Object],[object Object],[object Object]

Authentication: Portability of stored data ,[object Object],[object Object]

Authentication: Portability of stored data (2) ,[object Object],[object Object]

Authentication: Portability of stored data (3) ,[object Object],[object Object]

Authentication: Portability of stored data (4)

Authentication: Portability of stored data (5)

Authorization: Inadequate Permissions of Reseller Admins ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Authorization: Inadequate Permissions of Reseller Admins (2) ,[object Object],[object Object],[object Object],[object Object],[object Object]

Authorization: Inadequate Permissions of Reseller Admins (3) ,[object Object],[object Object]

Data Management Security Issues ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Isolation of files in OpenStack ,[object Object],MD5 hash function Path to the file on the storage node

Isolation of files in OpenStack (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Isolation of files in OpenStack (3) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Contenu connexe

Tendances

OpenStack keystone identity service

openstackindia

Building IAM for OpenStack

Steve Martinelli

Keystone supports four different types of tokens, UUID, PKI, PKIZ, and Fernet. Let’s take a deep dive into: Understanding token formats Pros and Cons of each format in Production Performance across multiple data centers Token revocation workflow for each of the formats Horizon usage of the different token types We previously deployed UUID and PKI in Production and are now moving towards the latest format, Fernet. We would like to share our lessons learned with different formats and help you decide on which format is suitable for your cloud.

Deep Dive into Keystone Tokens and Lessons Learned

Priti Desai

Cloud Breach - Forensics Audit Planning The goal of this presentation is to assist IT Risk and Security professionals with adding Cloud computing forensics to their Incident Response team. It should assist them with understanding the technical ways of capturing forensic data from cloud service providers using security controls that incorporate and integrate logging, chain of evidence, virtualization and cloud security architecture

Cloud Breach - Forensics Audit Planning

Valdez Ladd MBA, CISSP, CISA,

Keystone - Openstack Identity Service

Prasad Mukhedkar

Intro to the FIWARE Lab

FIWARE

Container Security

Amazon Web Services

Keystone is the IAM project for OpenStack, and as such has to handle many different methods of deployment - On-Prem, Hybrid, Hosted - at many differing levels of scale. Some deployments are no more than a VM used for development purposes, while others are 100,000s of cores across multiple data centers and continents. This session will cover details of Keystone, what can be accomplished with it today, how OpenStack integrates with your enterprise identity solution, the OpenStack model of access management today and our plans for the future.

CIS 2015- Building IAM for OpenStack- Steve Martinelli

CloudIDSummit

This procedure for archive-to-cloud builds on the techniques used for copy-to-tape. The difference is that it sends backups to cloud repositories for longer term storage. This procedure includes configuring a credential wallet to store TDE master keys, because backups are encrypted before they are archived to a cloud repository. The initial configuration tasks are performed in the Oracle Key Vault to prepare the wallet. At the end, a job template is created and run for archive-to-cloud.

Zdlra copy to cloud

SubramanyaUdupa3

Setting up your virtual infrastructure using FIWARE Lab Cloud

Fernando Lopez Aguilar

IJSRED-V2I2P10

IJSRED

A hybrid cloud approach for secure authorized deduplication

Papitha Velumani

Secure deduplicaton with efficient and reliable convergent

Jayakrishnan U

Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate check besides the data itself.We also present several new deduplication constructions supporting authorized duplicate check in a hybrid cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead compared to normal operations.

A Hybrid Cloud Approach for Secure Authorized Deduplication

SWAMI06

Setting up your virtual infrastructure using FIWARE Lab Cloud

Fernando Lopez Aguilar

OpenStack keystone identity service

openstackindia

Join FIWARE Lab

Federico Michele Facca

Key aggregate cryptosystem for scalable data sharing in cloud storage

Adz91 Digital Ads Pvt Ltd

Cloud Forensics

sdavis532

key aggregate cryptosystem for scalable data sharing in cloud storage abstract

Sanjana Yemajala

Tendances (20)

OpenStack keystone identity service

Building IAM for OpenStack

Deep Dive into Keystone Tokens and Lessons Learned

Cloud Breach - Forensics Audit Planning

Keystone - Openstack Identity Service

Intro to the FIWARE Lab

Container Security

CIS 2015- Building IAM for OpenStack- Steve Martinelli

Zdlra copy to cloud

Setting up your virtual infrastructure using FIWARE Lab Cloud

IJSRED-V2I2P10

A hybrid cloud approach for secure authorized deduplication

Secure deduplicaton with efficient and reliable convergent

A Hybrid Cloud Approach for Secure Authorized Deduplication

Setting up your virtual infrastructure using FIWARE Lab Cloud

OpenStack keystone identity service

Join FIWARE Lab

Key aggregate cryptosystem for scalable data sharing in cloud storage

Cloud Forensics

key aggregate cryptosystem for scalable data sharing in cloud storage abstract

Similaire à Security Issues in OpenStack

report on network security fundamentals

Jassika

Secure File Sharing on Cloud

Supriya .

Cloud computing final show

ahmad abdelhafeez

Cloud computing is a technology that used for storing and accessing. The data on remote location. It is totally internet-based.it is self-service and on Demand technology. That’s why now days it’s mostly used and popular term. Enterprises and organizations used cloud storage for access data to third-party. As like, the single user also use the confidential data anywhere, anytime on earth It is now becoming business standard. Its simplify users accessibility. It is cost saving and flexible for better performance on internet. But is also occur drawbacks like security and integrity on data. Like many times the data is already available on storage but it contain slightly difference. So overcome this problems we introduce two secure system, namely seccloud and seccloud+. Seccloud is used for generating tags on data before uploading and seccloud+ is maintain the integrity auditing and secure de-duplication on data because every customer wants to encrypt their data before uploading. Data integrity and storage efficiency are tw o important aspect of cloud storage. Proof of Retrievability (POR) and Proof of Data Possession (PDP) techniques Assure data integrity for cloud storage. Proof of Ownership (POW) improves Storage efficiency by securely removing unnecessarily duplicated data on the Storage server. Cloud computing is one of the most talked about IT trends today.in cloud more application availability on the cloud. Also cloud increased growth in the market.

Secure Auditing and Deduplicating Data on Cloud

IJMTST Journal

[DevDay 2016] OpenStack and approaches for new users - Speaker: Chi Le – Head...

DevDay.org

Data Security And The Security

Rachel Phillips

Presentation (6).pptx

MSMuthu5

Storage of user or application-generated user-specific private, confidential data on a third party storage provider comes with its own set of challenges. Although such data is usually encrypted while in transit, securely storing such data at rest presents unique security challenges. The first challenge is the generation of encryption keys to implement the desired threat containment. The second challenge is secure storage and management of these keys. This can be accomplished in several ways. A naive approach can be to trust the boundaries of a secure network and store the keys within these bounds in plain text. A more sophisticated method can be devised to calculate or infer the encryption key without explicitly storing it. This paper focuses on the latter approach. Additionally, the paper also describes the implementation of a system that in addition to exposing a set of REST APIs for secure CRUD operations also provides a means for sharing the data among specific users.

Multi-part Dynamic Key Generation For Secure Data Encryption

CSCJournals

Automated security analysis of aws clouds v1.0

CSA Argentina

Paper id 712019116

IJRAT

IRJET - Confidential Image De-Duplication in Cloud Storage

IRJET Journal

Educause Annual 2007

Neil Matatall

Decentralized access control with authentication anonymous of data stored in ...

Guellord Mpia

We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable to centralized approaches.

A Privacy Preserving Attribute Based Access Control Mechanism In Distributed ...

Editor IJCATR

Final project presentation of Final year B.tech CSE Project APJ Abdul Kalam Technological University. About the project Cloud computing has now become a major trend, it is a new data hosting technology that is very popular in recent years. In this project, we are developing an web application that can securely store the files to a cloud server. We proposes a system that uses hybrid cryptography technique to securely store the data in cloud. The hybrid approach when deployed in cloud environment makes the remote server more secure and thus, helps the users to fetch more trust of their data in the cloud. For data security and privacy protection issues, the fundamental challenge of separation of sensitive data and access control is fulfilled. Cryptography technique translates original data into unreadable format. This technique uses keys for translate data into unreadable form. So only authorized person can access data from cloud server. We provide a cloud storage that uses multiple crypotraphic technique which is known by hybrid cryptography. The product provides confidentiality by using security for both upload and download. The data will be secured since we use multi level security techniques and multiple servers for storage.

SECRY - Secure file storage on cloud using hybrid cryptography

ALIN BABU

The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published. The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability. Theoretical work submitted to the Journal should be original in its motivation or modeling structure. Empirical analysis should be based on a theoretical framework and should be capable of replication. It is expected that all materials required for replication (including computer programs and data sets) should be available upon request to the authors. The International Journal of Engineering & Science would take much care in making your article published without much delay with your kind cooperation

Secured Authorized Deduplication Based Hybrid Cloud

theijes

E031102034039

theijes

1. Security and vulnerability assessment analysis tool - Microsoft Baseline Security Analyzer (MBSA) for Windows OS Locate and launch MBSA CLI Check computer for common security misconfigurations MBSA will automatically select by default to scan WINDOWS VM WINATCK01 While scanning WINDOWS VM WINATCK01 Security Assessment Report 2 Security updates are missing ACTION **Requires immediate installation to protect computer 1 Update roll up is missing ACTION **Obtain and install latest service pack or update roll up by using download link Administrative Vulnerabilities More than 2 Administrators were found on the computer, ACTION **Keep number to a minimum because administrators have complete control of the computer. User accounts have non-expiring passwords ACTION ***Password should be changed regularly to prevent password attacks Windows firewall disabled and has exceptions configured Great! Auto logon is disabled (Even if it is configured, provided password is encrypted; not stored as text) GREAT! Guest account is disabled on the computer. GREAT! Anonymous access is restricted from the computer ADMINISTRATIVE SYSTEM INFORMATION DANGER! Logon success and logon failure auditing is not enabled. ACTION ** Enable and turn on auditing for specific events such as logon and logoff to watch for unauthorized access. 3 Shares are present ACTION ** Review list of shares and remove any shares that are not needed. GREAT! Internet explorer has secure settings for all users. Following to be included in the SAR a. Windows administrative vulnerabilities present are that more than 2 Administrators were found on the computer. It is advised to keep minimum number because administrators have complete control of the computer. b. Windows accounts were found to have non-expiring passwords while passwords should be changed regularly to prevent password attacks. One user account has blank or simple password or could not be analyzed c. Windows OS has two security updates missing and so requires immediate installation to protect the computer. One update roll up is missing which requires that latest service pack should be obtained and installed or roll up updated using the download link. 2.Security and vulnerability assessment analysis tool – OpenVAS for Linux OS Using the ifconfig command in Terminal to check the IP Address assigned to your VM Linux machine. eth0: (device name for Linux Ethernet cards), with IP Address in this example is determined to be 172.21.20.185 The IP address, 127.0.0.1, is the loopback address that points to the localhost, or the computer that applications or commands are being run from. This address will be used to access the OpenVas application on the VM. Using OpenVAS Web Interface which is running on port number 9392 and can be opened using the Mozilla Firefox browser. After getting a security exception, on Adding Exception Scan IP address by typing 127.0.0.1 next to the ‘Start Scan’ button, then click. ...

1. Security and vulnerability assessment analysis tool - Microsoft.docx

paynetawnya

The Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also describe other application of our schemes. In particular, our schemes give the first public-key patient controlled encryption for flexible hierarchy, which was yet to be known.

A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...

Editor IJCATR

Abstract--Due to risk in service availability failure and the possibilities of malicious insiders in the single cloud, a movement towards “Multi-clouds” has emerged recently. In general a multi-cloud security system there is a possibility for third party to access the user files. Ensuring security in this stage has become tedious since, most of the activities are done in network. In this paper, an enhanced security methodology has been introduced in order to make the data stored in cloud more secure. Duple authentication process introduced in this concept defends malicious insiders and shields the private data. Various disadvantages in traditional systems like unauthorized access, hacking have been overcome in this proposed system and a comparison made with the traditional systems in terms of performance and computational time have shown better results.

Improving Efficiency of Security in Multi-Cloud

IJTET Journal

Similaire à Security Issues in OpenStack (20)

report on network security fundamentals

Secure File Sharing on Cloud

Cloud computing final show

Secure Auditing and Deduplicating Data on Cloud

[DevDay 2016] OpenStack and approaches for new users - Speaker: Chi Le – Head...

Data Security And The Security

Presentation (6).pptx

Multi-part Dynamic Key Generation For Secure Data Encryption

Automated security analysis of aws clouds v1.0

Paper id 712019116

IRJET - Confidential Image De-Duplication in Cloud Storage

Educause Annual 2007

Decentralized access control with authentication anonymous of data stored in ...

A Privacy Preserving Attribute Based Access Control Mechanism In Distributed ...

SECRY - Secure file storage on cloud using hybrid cryptography

Secured Authorized Deduplication Based Hybrid Cloud

E031102034039

1. Security and vulnerability assessment analysis tool - Microsoft.docx

A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...

Improving Efficiency of Security in Multi-Cloud

Dernier

Histor y of HAM Radio presentation slide

vu2urc

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Handwritten Text Recognition for manuscripts and early printed texts

Maria Levchenko

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Explore 'The Codex of Business: Writing Software for Real-World Solutions,' a compelling SlideShare presentation that delves into digital transformation in healthcare. Discover through a detailed case study how Agile methodologies empower healthcare providers to develop, iterate, and refine digital solutions that address real-world challenges. Learn how strategic planning, user feedback, and continuous improvement drive success in deploying technologies that enhance patient care and operational efficiency. Ideal for healthcare professionals, IT specialists, and digital transformation advocates seeking actionable insights and practical examples of technology making a real difference.

The Codex of Business Writing Software for Real-World Solutions 2.pptx

Malak Abu Hammad

Choosing the right accounts payable services provider is a strategic decision that can significantly impact your business's financial performance and operational efficiency. By considering factors such as expertise, range of services, technology infrastructure, scalability, cost, and reputation, businesses can make informed decisions and select a provider that aligns with their unique needs and objectives. Partnering with the right provider can streamline accounts payable processes, drive cost savings, and position your business for long-term success. https://katprotech.com/accounts-payable-and-purchase-order-automation/

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Katpro Technologies

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

Microsoft's Threat Matrix for Kubernetes helps organizations understand the attack surface a Kubernetes deployment introduces to their environments. This ensures that adequate detections and mitigations are in place. By covering over 40 different attacker techniques, defenders can learn about Kubernetes-specific mitigations and controls to deploy to their environments. In this session, we will explore the MS-TA9013 Host Path Mount technique, which is commonly used by attackers to perform privilege escalation in a Kubernetes cluster. Attendees will learn how attackers and defenders can: * Escape the container's host volume mount to gain persistence on an underlying node * Move laterally from the underlying node into the customer's cloud environment * Analyze Kubernetes audit logs to detect pods deployed with a hostPath mount * Deploy an admission controller that prevents new pods from using a hostPath mount

Breaking the Kubernetes Kill Chain: Host Path Mount

Puma Security, LLC

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Slack Application Development 101 Slides

praypatel2

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

Scaling API-first – The story of a global engineering organization

Radu Cotescu

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Sara Mae O’Brien Scott and Tatiana Baquero Cakici, Senior Consultants at Enterprise Knowledge (EK), presented “AI Fast Track to Search-Focused AI Solutions” at the Information Architecture Conference (IAC24) that took place on April 11, 2024 in Seattle, WA. In their presentation, O’Brien-Scott and Cakici focused on what Enterprise AI is, why it is important, and what it takes to empower organizations to get started on a search-based AI journey and stay on track. The presentation explored the complexities of enterprise search challenges and how IA principles can be leveraged to provide AI solutions through the use of a semantic layer. O’Brien-Scott and Cakici showcased a case study where a taxonomy, an ontology, and a knowledge graph were used to structure content at a healthcare workforce solutions organization, providing personalized content recommendations and increasing content findability. In this session, participants gained insights about the following: Most common types of AI categories and use cases; Recommended steps to design and implement taxonomies and ontologies, ensuring they evolve effectively and support the organization’s search objectives; Taxonomy and ontology design considerations and best practices; Real-world AI applications that illustrated the value of taxonomies, ontologies, and knowledge graphs; and Tools, roles, and skills to design and implement AI-powered search solutions.

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Enterprise Knowledge

Dernier (20)