Linkurious SDK: Build engaging graph application (1/3)

In this series of blog posts, we introduce the Linkurious SDK and showcase how it can help developers build enterprise-grade graph applications faster.

Part 1 (this article): Introduction to the Linkurious SDK and its security features
Part 2: Querying and displaying graph data
Part 3: Advanced interaction with the Ogma graph visualization library

Graph technologies have the potential to help us understand the complex connected data that surrounds us. They are changing the way we think about anti-financial crime, cyber-security or medical research. Getting started can be intimidating though, with the number of graph databases (DataStax, Neo4j, JanusGraph, OrientDB for example), graph processing frameworks (Apache Giraph, GraphX, Flink Gelly) or graph visualization libraries (d3.js, sigma.js, linkurious.js, Keylines and now Ogma) constantly growing.
In many cases, it makes sense to use an out-of-the-box solution like Linkurious Enterprise that quickly delivers the ability to investigate and detect patterns hidden in graph data. But sometimes, specific business needs require custom applications.

This is why we released the Linkurious SDK, a complete framework that helps developers build enterprise-grade graph applications faster.

The Linkurious SDK offers features, both on the client and on the server-side to build, test and deploy flexible web applications:

• Ogma is Linkurious’ powerful graph visualization toolkit. This JavaScript library (with built-in TypeScript typings) is used to display graphs in web applications, from small to large-scale (up to 100 000 nodes & edges);
• Linkurious REST API is the core way to interact with the Linkurious Server. It gives access to REST services in a secure manner allowing you to search and browse graph, edit graph data, build and share visualizations. The system is highly scalable and can be accessed by thousand users at the same time. It is compatible with graph databases like Neo4j, DataStax Enterprise Graph, Titan or the AllegroGraph RDF database;
• Linkurious REST-client is a library (available in JavaScript or TypeScript) that wraps the server REST API to simplify the communication between clients and the Linkurious server;
• A detailed documentation is available online and provides extensive descriptions and step-by-step instructions and examples to assist you during your project development.

Combined, these bricks allow developers to build interactive and secure graph applications faster with:

• Rich, interactive graph visualization interfaces that scale to large datasets;
• Advanced security features with the ability to authenticate users and manage access rights;
• Ability to leverage the performances of the graph database of your choice to detect suspicious patterns or activities;
• Advanced search capabilities (full-text search, fuzzy matching, support for multilingual);
• Multi-tenancy to manage various connected databases in a unified interface.

This stack offers features to build, test and deploy your own web-based application or add new capabilities to your existing applications faster. When developing it, one of our top priorities was security. Today the Linkurious SDK is compatible with the security requirements of Fortune 500 companies and government agencies. We implemented a security framework to secure the access to your graph data.

Below we review this security framework and other elements intended to protect your data and application.

Linkurious SDK provides enterprise-grade security for your graph data. In this section, we will review the different key elements that guarantee a safe environment for your users, data, and application: Linkurious server security layer, API keys, audit trail, and encryption.

The Linkurious SDK security framework builds on the Linkurious Server which includes a security layer with modular authentication for role-based access control policies. Requests sent to the API are authenticated with the user login. You can manage and apply data-access and data-edition restrictions to user groups. Permissions are defined at the node categories and edge types levels. User groups are defined for each data source. This way, you can make sure your users only access what they are supposed to.

You can also connect the Linkurious Server to the authentication service of your choice. With support for LDAP, Microsoft Azure AD, Active Directory or any OpenID Connect compatible services, it is easy to integrate with the authentication strategy of your organization.

In addition, administrators can control the default permissions for users logging in with LDAP, Active Directory or Azure AD by mapping existing groups onto Linkurious groups. After configuring group mapping, Linkurious will automatically assign users to groups in Linkurious depending on their groups in LDAP, Active Directory or Azure AD.

To simplify the development of your web-based application without reducing the security requirements, you can use API security keys to access Linkurious APIs.

Each API key is associated with a user group and a list of authorized actions. Those security tokens are sent along with every request to the Linkurious REST API. They allow third-party applications to perform authorized actions on behalf of a user if he is part of the user group. Linkurious user access controls are still applied on the server side. This gives your application multi-security layers, both on the application and user levels. It eases the application development since you can create application acting on behalf of a user without dealing with any password.

The Linkurious SDK includes different log capabilities to facilitate the work of compliance and IT teams. Enable the audit trail to record all operations performed by users of Linkurious on your graph database. You will obtain a detailed JSON file of your user’s activities that can be bounded to a log management system for monitoring and reporting. 

Finally, external communications from your web application to the Linkurious server can be encrypted with SSL for maximum security. 

From fraud detection to cybersecurity, IT operations or enterprise architecture, graph technologies are a powerful asset to quickly process, query and analyze large datasets of highly connected data. The Linkurious SDK will help you build applications to leverage your connected data and find suspicious patterns, understand hidden connections or discover new insights. It offers a complete solution to quickly deploy in your organization a secure and tailored graph application. Linkurious security framework and features guarantee a secure environment for your application.  

In the next article, we demonstrate that you can easily and quickly use the Linkurious SDK and the Ogma library to query and present graph data to your end user in a web application.