In my use case, we have a number of clients who would like to access a (personalised) Kibana dashboard (pre-made in kibana). However, we wouldn't like different clients to see other clients data (for obvious reasons!)
The problem is, kibana "saves" dashboards as a URL (i.e.):
hxxp://myserver:8080/#/dashboard/Dash-1?embed&_g=(refreshInterval:(display:Off,pause:!f,section:0,value:0),time:(from:now-2y,mode:quick,to:now))&_a=(filters:!(),panels:!((col:1,id:UK-Log-Map,row:3,size_x:5,size_y:6,type:visualization),(col:1,id:Total-logs,row:1,size_x:12,size_y:2,type:visualization),(col:6,id:Logs-by-week,row:3,size_x:7,size_y:3,type:visualization),(col:6,id:Log-histogram,row:6,size_x:7,size_y:3,type:visualization)),query:(query_string:(analyze_wildcard:!t,query:'Name:Joe')),title:'Dash')
would represent a dashboard with 4 elements for "Joe" (filtered in the query - last part of URL).
Changing "joe" to any other client (i.e. "dave") would show their data, thus causing a security hole. What would be the best way to secure the data whilst providing the dashboards for each user?
I have full control over most of the tech used for this, so anything can be considered. I.e. libraries, proxies, RESTful services etc. This just needs a way forward!
Another user has tried to achieve this with encrypted URLs (js), but this seems a little hacky to me. There must be a cleaner way?
Related
Lets say we have the following url:
https://www.sale.com/?utm_source=CDTest3Newsletter&utm_medium=CDTest3Email&utm_campaign=CDTest3FallSale&utm_id=CDT3ID
A user clicks on the link and surf through it and then close the session.
An hour later he/she navigates to www.purchase.com and a conversion occurs, is there a way to track and relate the conversion to the utm_id=cdt3id?
In Summary the conversion happens in the second domain and we want to relate that to the first domain marketing campaign!
Please note i know hot to enable linker while redirecting from origin domain to target domain!
You have to realize that this kind of behavior is not standard. Therefore, it will require non-standard solutions.
Having said that, your real problem is not the attribution. In the described scenario, you are likely to lose the user completely. Purchase.com will have no idea that this client is supposed to have the same id as on the previous site. The linker adds an explicit _ga query param to the url for the ga library on the purchase.com to know to use that as a user id and not to generate a new one.
If you're not able to reliably pass the client id to the checkout TLD through front-end, you have to use your backend to match the user by the BE auth/session token. Same exact logic applies if you want to pass the attribution data. You just keep it on the backend, bound to the user session token and throw it to the user's cookie on checkout, then grab it with GTM and populate it however you like. Or you can as well just conduct a BE redirect, appending both the _ga and the UTM query params to the url.
There are a bit more options if you're not using GA for your actual analysis. If you're able to match users and calculate attributions on your own either through ETL or persistent derived tables/SQL. So, basically, if you download your GA data to a third party storage like snowflake, asure or BQ and then use a BI tool on top of that. But at this point those options should be pretty apparent from the issue and possible solution described above.
In my new job at a community hall in the Netherlands, we work with databases that contain privacy-sensitive data (e.g. citizen service numbers). They also recently started working with Azure, which i'm getting familiar with as we speak. So this might be a beginners question but I hope someone can lead me in the right direction: Is there a way, to retrieve data through a direct connection with a database and make it 'anonymous' for example by hashing or using a key-file of some sorts somewhere in the pipeline?
I know that the pipelines are .JSON files and that it's possible to do some transformations. I'm curious about the possibilities for doing this in Azure!
** EDIT **
To be more clear: I want to write a piece of code preferably in the pipeline, that does something like this:
citizen service number person 1
102541220
#generate key/hash somewhere in pipeline of loading in data in azure
anonymous citizen service number, that is specific for person 1
0x10325476
Later, I want to add columns to this database, for example what kind of value the house has this person lives in. I want to be able to 'couple' the databases by using the
anonymous citizen service number 1
0x10325476
It sounds like you'd be interested in Azure SQL Database dynamic data masking.
SQL Database dynamic data masking limits sensitive data exposure by
masking it to non-privileged users.
Dynamic data masking helps prevent unauthorized access to sensitive
data by enabling customers to designate how much of the sensitive data
to reveal with minimal impact on the application layer. It’s a
policy-based security feature that hides the sensitive data in the
result set of a query over designated database fields, while the data
in the database is not changed.
For example, a service representative at a call center may identify
callers by several digits of their credit card number, but those data
items should not be fully exposed to the service representative. A
masking rule can be defined that masks all but the last four digits of
any credit card number in the result set of any query. As another
example, an appropriate data mask can be defined to protect personally
identifiable information (PII) data, so that a developer can query
production environments for troubleshooting purposes without violating
compliance regulations.
https://learn.microsoft.com/en-us/azure/sql-database/sql-database-dynamic-data-masking-get-started
This won't anonymise data irreversibly, in terms of it can be re-personalised by those who have the permissions in SQL server.
It will however allow you to do joins inside of SQL server but not expose the personal data back out.
Let's say that I'm developing an application similar to Twitter. I can see the profile of a user tom if I visit https://twitter.com/tom, but there are several application reserved endpoints like /login, /logout, /settings, /about, etc.
Twitter actually tells you the reason why you cannot take a certain username:
And I suppose the following message applies to reserved endpoints:
My question is: how does Twitter maintain a list of reserved endpoints for filtering out new registrations? It would appear that there is one check that matches the username against a list of registered users, and a second check that looks for reserved keywords.
Keeping a table with these keywords seems like an obvious answer, but I find one could easily forget to update after each creation of a top level (reserved) page.
You're not going to get an answer to how Twitter does it because that would almost certainly require somebody to break an NDA. I would expect it to be a database table, but I have no inside information.
The preferred practice is to not overload a collection endpoint like that. Better would be
/users/tom
/login
/logout
...
Then your URI structure solves the problem for you.
How would I go about tracking the unique page views for a page in a NodeJS app and saving them into the DB? Something like most app like Instagram or Dribbble etc. has where they count the views of a certain page uniquely means a page refresh won't recount.
What's the best algorithm behind this?
A simple approach would be to count the number of records in your "sessions" table/collection.
Another way would be to track all IPs that requests are made from, but this isn't advisable because you'll miss people behind a router.
If you just wish to track registered users, you could:
Maintain a 'lastLogin' property in the User model so you can make queries like "number of users who have visited since [datetime]"
Maintain a separate collection/table that maintains sessionIds, IPs, usernames and anything else you want. This would allow you to track very flexibly at the expense of more database work. This works for both registered and unregistered users since you track everything that identifies a visit.
You may also wish to reconsider if you want to track pageviews/sessions at all. If traction is all you want to measure, this will suffice. But if you wish to measure engagement, a better tactic would be to employ tracking at the action/controller level instead of session level. A combination of both is required to understand what users like and what they like not. Your purpose for tracking should decide what method/s you need to employ.
Use a widely-adopted solution: Google Analytics.
Good luck!
We have a Sharepoint Project Management site up and is active amongst our clients. The site url looks like this:
https://projects.acme.com/clients/[client_name]
Each of our clients has to remember (or bookmark) this long url; the users of this site are not very savvy. They fumble with it all the time. We also do not want clients to know who each other are; so client 1 shouldn't know that client 2 is a client.
We would like to put a login form on our website, prompting for user id and password. Then we would like to be able to route the user based on a successful authentication, to the specific web that is theirs.
Is there a good clean way to make this happen? Is forms authentication the way to go? Are there drawbacks to using forms authentication?
Given my url structure, would this approach work?
http://msdn.microsoft.com/en-us/library/bb975136(v=office.12).aspx
Update: I'm not particularly interested in a solution that requires two weeks of effort on the part of a programmer/admin to setup, nor am I particularly interested in one of the commercial solutions that are $4k-8k. I was hoping to discover a pretty straightforward way to get this done in under a day of effort.
Yes, you can implement it using FBA.
However, if you use only the user ID and the password, the user IDs across all websites will need to be unique (i.e. if client 1 creates a john.smith user ID, client 2 will have to use john-smith or johnsmith or something completely different). The easy solution is to ask additionally for the company name on the login form, the user ID and the password, but then you'll probably have to handle different ways the users will enter the company name (i.e. acme, ACME, Acme, Acme Ltd, Acme Inc, Acme Inc.).
Update:
You can also consider host-named site collections and have URLs like https://client_name.acme.com. The downside is that you cannot use Central Administration to create a host-named site collection - you can do it by using PowerShell or custom code.
Generally it is highly unlikely you will find a free solution to get your task done in under a day of effort - admittedly, SharePoint does support FBA, but does not provide basic things like a login form, a change password form or user management; you need to create them yourself or use some existing solution (e.g. SharePoint 2010 FBA Pack).
If you want to separate users and also make URL's more sweet you have a two ways.
Create a web applications per user.
Create one application with multi tenancy support. Check more on this Spence's Harbar article.
Second approach is more flexible, but harder to implement, and if you plan to have many clients (more than 50) it's the only way.