Fluree Core Knowledge Graph Intelligent Database
Fluree Sense Structured Data AI Golden Record Pipeline
Fluree CAM Unstructured Data Auto Content Tagging
Fluree ITM Taxonomy Manager Controlled Vocabularies
Fluree HQ 486 Patterson Ave Ste 221 Winston-Salem, NC 27101 – – –
Fluree NY 11 Park Place New York, NY, 10007 – – –
Fluree India 5th Floor, Trifecta Adatto, c/o 91 Springboard Business Hub Pvt Ltd, 21 ITPL Main Rd, Garudachar Palya, Near Phoenix Mall, Karnataka-560048 India
Fluree CO 14143 Denver West Parkway, Suite 100 Golden, CO 80401 – – –
Fluree EMEA Lange Dreef 11 Begane grond 4131 NJ Vianen The Netherlands
Welcome to part three of Fluree’s Data-Centric Architecture series, where we peel back each layer of Fluree’s data-centric architecture stack.Our first installment, “Data-Centric Trust,” describes the ways in which data provenance, lineage, and integrity are central to a healthy data ecosystem. Our second installment, “Semantic Data Interoperability,” covers how formatting data under a common vocabulary can help technologies exchange information with meaning.
Together, these concepts of “trust” and “interoperability” open the door to a new era of data collaboration, defined by dynamic data ecosystems, where data is published, accessed, and collaborated on by a wide variety of stakeholders.
However, as more stakeholders enter these data ecosystems, we’ll need to enforce various permissions and rules related to identity and access. In other words, as we broaden the audiences that are accessing data or transacting against data sets, we must rethink how and where we implement security.
This is where Fluree’s next “layer” is required: data-centric security.
The Data-Centric philosophy involves moving data management responsibilities from the application tier to the data tier — and security is no exception. With data-centric security, permissions related to data are baked in to the architecture as a core ingredient:
Data-centric security is an approach to information cybersecurity that emphasizes the security of data itself rather than the security of applications or networks. In a data-centric security framework, security policies and protocols are defined and enforced at the data layer, rather than deferred to a server, application, or network.
There are three key objectives to data-centric security: Manage, Track, and Protect.
Manage – Define policies that determine who and how data can be accessed, contributed, or used
Track – Monitor data’s supply chain as it moves through systems and users
Protect – Enforce identity and access management protocols
In Fluree, these security objectives are defined, codified, stored, and executed as data in the database in the form of SmartFunctions
More data silos = more attack surfaces: Data today is used and reused across multiple contexts, shared via webs of APIs, and duplicated into data silos for analytics. At every stage of reuse we introduce a new potential attack surface that must be monitored. Attackers know this – according to Akamai’s 2020 State of Internet Security report, 75% of total cyberattacks in the financial services industry were targeted on APIs. Re-implementing data security in every middleware, data lake, and API along this digital supply chain is simply not scalable.
Once you’re in, you’ve got root access: As exemplified by many of the data breaches in recent news, information security in an application-centric architecture is only as good as its endpoint security. The more attacks grow in complexity, the deeper security measures get pushed into online infrastructure. Yet data, the ultimate reward at the core of every hack, often remains unprotected.
Cloud computing, SaaS, and the era of remote devices: Thanks to the advent of cloud computing, enterprise data is now published to the cloud and accessed by many users across many devices across many networks (especially in today’s work-from-home era). The proliferation of bring-your-own personal devices and wifi networks is just one example of our inability to control how our information is being accessed and passed through systems.The data supply chain is becoming complex and regulated: Data has been called the new “oil” – whether this is an accurate or poor analogy, we can all ascertain its ubiquity and importance in our global economy. And when something becomes ubiquitous, it is followed by regulation:
The first wave of data regulation has already taken place in the form of GDPR, CCPA, and the like. At the same time, data has evolved to become somewhat of an asset that can be passed around, exchanged, and even brokered. In other words, data now has a supply chain with various stakeholders. Add these emerging compliance pressures to this already complex supply chain mix, and now you’ve got quite the set of security demands to manage.
While there is certainly still merit to securing endpoints and tightening up network security, the above trends demonstrate a clear need to bring data-centric security into the overall enterprise strategy.
In a data-centric security context, information will remain protected as it moves in and out of storage systems or applications as well as changing business contexts, regardless of the network or application security. We call this “data defending itself.” Security is baked in, and thus inseparable from the data it protects.
As you might imagine, data-centric security can simplify and automate data governance and security for data sets. By baking security directly into the data tier, we find many benefits, among them:
To sum up these benefits, when data can “defend itself,” we can (1) mitigate data theft or loss, (2) build better governance and compliance strategies, and (3) provide improved delivery velocity to end users while reducing attack surfaces.
With Fluree’s SmartFunctions, it is possible to embed data permissioning logic within the system as data itself. Because these policies are embedded within the data layer, they can leverage any conceivable set of data conditions or linked data in the Fluree system as context for evaluation. This is made possible by Fluree’s notion of identity, in which all users transact or query via provable cryptographic identities that can be tied to various authorizations. These authorization rules can be complex and arbitrary, and can be enforced by evaluating a wide range of possible connections in the database (e.g. is the user linked to this data? is this data’s security score less than or equal to the user’s security score? are both the user and the data linked to the same organization, and is that organization located in country X, Y, or Z?).
Security = Identity + Rules
Smart Functions can reliably evaluate user identity and user data, because of Fluree’s fundamental implementation of cryptographic signatures for all queries and transactions. To read more about this set of features and values, check out Fluree’s guide to identity.
SmartFunctions allow the enforcement of arbitrarily complex data security policies and data shape validation at the data layer and support data-centric security initiatives such as cell-level security, attribute-based access control (ABAC) models, and granular permissioning logic that relies on linked data relationships. Within this framework, we can open up our data sets to be queried directly by virtually anyone; data will be filtered out according to the established rules associated with the user’s identity.
Using these powerful embedded operations, we can turn business logic into enforced policies that travel alongside the data, forever.
Let’s explore some simple ideas of how SmartFunctions can enforce data-driven policies around queries and transactions:
Thanks for taking the time to read about security, the third layer of Fluree’s Data-Centric Architecture. Check out our next post on Data-Centric Time.
Additional Resources on Data-Centric Security:
Read up about SmartFunctions in the Fluree Docs
Read Co-founder Brian Platz’s byline in Forbes on Data-Centric Security
Watch a demo Fluree application of data-centric security within a master data management scenario
Watch our one-hour webinar on data-centric security in Fluree
Fill out the form below to schedule a call.
"*" indicates required fields
Fluree is integrated with AWS, allowing users to build sophisticated applications with increased flexibility, scalability, and reliability.
Visit Partner Site
Semiring’s natural language processing pipeline utilizes knowledge graphs and large language models to bring hidden insights to light.
Industry Knowledge Graph LLC is a company that specializes in creating and utilizing knowledge graphs to unlock insights and connections within complex datasets, aiding businesses in making informed decisions and optimizing processes.
Cobwebb specializes in providing comprehensive communication and networking solutions, empowering businesses with tailored services to enhance efficiency and connectivity.
Deploy and Manage Fluree Nodes on Zeeve’s Cloud Infrastructure.
Visit Partner Site More Details
Sinisana provides food traceability solutions, built with Fluree’s distributed ledger technology.
Lead Semantics provides text-to-knowledge solutions.
TextDistil, powered by Fluree technology, targets the cognitive corner of the technology landscape. It is well-positioned to deliver novel functionality by leveraging the power of Large Language Models combined with the robust methods of Semantic Technology.
Project Logosphere, from Ikigai, is a decentralized knowledge graph that empowers richer data sets and discoveries.
Cibersons develops and invests in new technologies, such as artificial intelligence, robotics, space technology, fintech, blockchain, and others.
Powered by Fluree, AvioChain is an aviation maintenance platform built from the ground up for traceability, security, and interoperability.
Thematix was founded in 2011 to bring together the best minds in semantic technologies, business and information architecture, and traditional software engineering, to uniquely address practical problems in business operations, product development and marketing.
Opening Bell Ventures provides high-impact transformational services to C-level executives to help them shape and successfully execute on their Omni-Channel Digital Strategies.
Datavillage enables organizations to combine sensitive, proprietary, or personal data through transparent governance. AI models are trained and applied in fully confidential environments ensuring that only derived data (insights) is shared.
Vitality Technet has partnered with Fluree to accelerate drug discovery processes and enable ongoing collaboration across internal departments, external partners, and regulatory offices through semantics, knowledge graphs, and digital trust technologies.
SSB Digital is a dynamic and forward-thinking IT company specializing in developing bespoke solutions tailored to meet the unique needs and challenges of clients, ranging from predictive analytics and smart automation to decentralized applications and secure transactions.
Marzex is a bespoke Web3 systems development firm. With the help of Fluree technology, Marzex completed one of the first successful blockchain-based online elections in history.
Semantic Arts delivers data-centric transformation through a model-driven, semantic knowledge graph approach to enterprise data management.
Intigris, a leading Salesforce implementation partner, has partnered with Fluree to help organizations bridge and integrate multiple Salesforce instances.
Follow us on Linkedin
Join our Mailing List
Subscribe to our LinkedIn Newsletter
Subscribe to our YouTube channel
Partner, Analytic Strategy Partners; Frederick H. Rawson Professor in Medicine and Computer Science, University of Chicago and Chief of the Section of Biomedical Data Science in the Department of Medicine
Robert Grossman has been working in the field of data science, machine learning, big data, and distributed computing for over 25 years. He is a faculty member at the University of Chicago, where he is the Jim and Karen Frank Director of the Center for Translational Data Science. He is the Principal Investigator for the Genomic Data Commons, one of the largest collections of harmonized cancer genomics data in the world.
He founded Analytic Strategy Partners in 2016, which helps companies develop analytic strategies, improve their analytic operations, and evaluate potential analytic acquisitions and opportunities. From 2002-2015, he was the Founder and Managing Partner of Open Data Group (now ModelOp), which was one of the pioneers scaling predictive analytics to large datasets and helping companies develop and deploy innovative analytic solutions. From 1996 to 2001, he was the Founder and CEO of Magnify, which is now part of Lexis-Nexis (RELX Group) and provides predictive analytics solutions to the insurance industry.
Robert is also the Chair of the Open Commons Consortium (OCC), which is a not-for-profit that manages and operates cloud computing infrastructure to support scientific, medical, health care and environmental research.
Connect with Robert on Linkedin
Founder, DataStraits Inc., Chief Revenue Officer, 3i Infotech Ltd
Sudeep Nadkarni has decades of experience in scaling managed services and hi-tech product firms. He has driven several new ventures and corporate turnarounds resulting in one IPO and three $1B+ exits. VC/PE firms have entrusted Sudeep with key executive roles that include entering new opportunity areas, leading global sales, scaling operations & post-merger integrations.
Sudeep has broad international experience having worked, lived, and led firms operating in US, UK, Middle East, Asia & Africa. He is passionate about bringing innovative business products to market that leverage web 3.0 technologies and have embedded governance risk and compliance.
Connect with Sudeep on Linkedin
CEO, Data4Real LLC
Julia Bardmesser is a technology, architecture and data strategy executive, board member and advisor. In addition to her role as CEO of Data4Real LLC, she currently serves as Chair of Technology Advisory Council, Women Leaders In Data & AI (WLDA). She is a recognized thought leader in data driven digital transformation with over 30 years of experience in building technology and business capabilities that enable business growth, innovation, and agility. Julia has led transformational initiatives in many financial services companies such as Voya Financial, Deutsche Bank Citi, FINRA, Freddie Mac, and others.
Julia is a much sought-after speaker and mentor in the industry, and she has received recognition across the industry for her significant contributions. She has been named to engatica 2023 list of World’s Top 200 Business and Technology Innovators; received 2022 WLDA Changemaker in AI award; has been named to CDO Magazine’s List of Global Data Power Wdomen three years in the row (2020-2022); named Top 150 Business Transformation Leader by Constellation Research in 2019; and recognized as the Best Data Management Practitioner by A-Team Data Management Insight in 2017.
Connect with Julia on Linkedin
Senior Advisor, Board Member, Strategic Investor
After nine years leading the rescue and turnaround of Banco del Progreso in the Dominican Republic culminating with its acquisition by Scotiabank (for a 2.7x book value multiple), Mark focuses on advisory relationships and Boards of Directors where he brings the breadth of his prior consulting and banking/payments experience.
In 2018, Mark founded Alberdi Advisory Corporation where he is engaged in advisory services for the biotechnology, technology, distribution, and financial services industries. Mark enjoys working with founders of successful businesses as well as start-ups and VC; he serves on several Boards of Directors and Advisory Boards including MPX – Marco Polo Exchange – providing world-class systems and support to interconnect Broker-Dealers and Family Offices around the world and Fluree – focusing on web3 and blockchain. He is actively engaged in strategic advisory with the founder and Executive Committee of the Biotechnology Institute of Spain with over 50 patents and sales of its world-class regenerative therapies in more than 30 countries.
Prior work experience includes leadership positions with MasterCard, IBM/PwC, Kearney, BBVA and Citibank. Mark has worked in over 30 countries – extensively across Europe and the Americas as well as occasional experiences in Asia.
Connect with Mark on Linkedin
Chair of the Board, Enterprise Data Management Council
Peter Serenita was one of the first Chief Data Officers (CDOs) in financial services. He was a 28-year veteran of JPMorgan having held several key positions in business and information technology including the role of Chief Data Officer of the Worldwide Securities division. Subsequently, Peter became HSBC’s first Group Chief Data Officer, focusing on establishing a global data organization and capability to improve data consistency across the firm. More recently, Peter was the Enterprise Chief Data Officer for Scotiabank focused on defining and implementing a data management capability to improve data quality.
Peter is currently the Chairman of the Enterprise Data Management Council, a trade organization advancing data management globally across industries. Peter was a member of the inaugural Financial Research Advisory Committee (under the U.S. Department of Treasury) tasked with improving data quality in regulatory submissions to identify systemic risk.
Connect with Peter on Linkedin
Turn Data Chaos into Data Clarity
Enter details below to access the whitepaper.
Pawan came to Fluree via its acquisition of ZettaLabs, an AI based data cleansing and mastering company.His previous experiences include IBM where he was part of the Strategy, Business Development and Operations team at IBM Watson Health’s Provider business. Prior to that Pawan spent 10 years with Thomson Reuters in the UK, US, and the Middle East. During his tenure he held executive positions in Finance, Sales and Corporate Development and Strategy. He is an alumnus of The Georgia Institute of Technology and Georgia State University.
Connect with Pawan on Linkedin
Andrew “Flip” Filipowski is one of the world’s most successful high-tech entrepreneurs, philanthropists and industry visionaries. Mr. Filipowski serves as Co-founder and Co-CEO of Fluree, where he seeks to bring trust, security, and versatility to data.
Mr. Filipowski also serves as co-founder, chairman and chief executive officer of SilkRoad Equity, a global private investment firm, as well as the co-founder, of Tally Capital.
Mr. Filipowski was the former COO of Cullinet, the largest software company of the 1980’s. Mr. Filipowski founded and served as Chairman and CEO of PLATINUM technology, where he grew PLATINUM into the 8th largest software company in the world at the time of its sale to Computer Associates for $4 billion – the largest such transaction for a software company at the time. Upside Magazine named Mr. Filipowski one of the Top 100 Most Influential People in Information Technology. A recipient of Entrepreneur of the Year Awards from both Ernst & Young and Merrill Lynch, Mr. Filipowski has also been awarded the Young President’s Organization Legacy Award and the Anti-Defamation League’s Torch of Liberty award for his work fighting hate on the Internet.
Mr. Filipowski is or has been a founder, director or executive of various companies, including: Fuel 50, Veriblock, MissionMode, Onramp Branding, House of Blues, Blue Rhino Littermaid and dozens of other recognized enterprises.
Connect with Flip on Linkedin
Brian is the Co-founder and Co-CEO of Fluree, PBC, a North Carolina-based Public Benefit Corporation.
Platz was an entrepreneur and executive throughout the early internet days and SaaS boom, having founded the popular A-list apart web development community, along with a host of successful SaaS companies. He is now helping companies navigate the complexity of the enterprise data transformation movement.
Previous to establishing Fluree, Brian co-founded SilkRoad Technology which grew to over 2,000 customers and 500 employees in 12 global offices. Brian sits on the board of Fuel50 and Odigia, and is an advisor to Fabric Inc.
Connect with Brian on Linkedin
Eliud Polanco is a seasoned data executive with extensive experience in leading global enterprise data transformation and management initiatives. Previous to his current role as President of Fluree, a data collaboration and transformation company, Eliud was formerly the Head of Analytics at Scotiabank, Global Head of Analytics and Big Data at HSBC, head of Anti-Financial Crime Technology Architecture for U.S.DeutscheBank, and Head of Data Innovation at Citi.
In his most recent role as Head of Analytics and Data Standards at Scotiabank, Eliud led a full-spectrum data transformation initiative to implement new tools and technology architecture strategies, both on-premises as well as on Cloud, for ingesting, analyzing, cleansing, and creating consumption ready data assets.
Connect with Eliud on Linkedin
Get the right data into the right hands.
Build your Verifiable Credentials/DID solution with Fluree.
Wherever you are in your Knowledge Graph journey, Fluree has the tools and technology to unify data based on universal meaning, answer complex questions that span your business, and democratize insights across your organization.
Build real-time data collaboration that spans internal and external organizational boundaries, with protections and controls to meet evolving data policy and privacy regulations.
Fluree Sense auto-discovers data fitting across applications and data lakes, cleans and formats them into JSON-LD, and loads them into Fluree’s trusted data platform for sharing, analytics, and re-use.
Transform legacy data into linked, semantic knowledge graphs. Fluree Sense automates the data mappings from local formats to a universal ontology and transforms the flat files into RDF.
Whether you are consolidating data silos, migrating your data to a new platform, or building an MDM platform, we can help you build clean, accurate, and reliable golden records.
Our enterprise users receive exclusive support and even more features. Book a call with our sales team to get started.
Download Stable Version Download Pre-Release Version
Register for Alpha Version
By downloading and running Fluree you agree to our terms of service (pdf).
Hello this is some content.