[OTDev] Validation against confidential data
Nina Jeliazkova jeliazkova.nina at gmail.comFri Jan 21 18:56:38 CET 2011
- Previous message: [OTDev] Validation against confidential data
- Next message: [OTDev] Validation against confidential data
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 21 January 2011 19:41, Christoph Helma <helma at in-silico.ch> wrote: > > > On Thu, Jan 20, 2011 at 5:12 PM, chung <chvng at mail.ntua.gr> wrote: > > > Dear All, > > > After a meeting we had today with Nina, Martin and Andreas M. we > > > arrived to a first approach to the use case of model validation > against > > > confidential data. The proposal is attached and seems to be a good > > > basis for a first implementation. This will > > > Best Regards, > > > Pantelis > > > > > > Hello All, > > > > I just had a discussion with Andreas K. on validation against > > confidential data, and he was a bit concerned about our use case. So > > before proceeding, I would like to outline two use cases and would > > like to here what people think. The first one might be the most > > obvious use case that we have to get done: > > > > USE CASE > > * User has confidential data. He wants to use this data within the > > framework for building models (or use existing models), making > predictions, > > and validation without letting someone else see the data. > > > > Implementation within the framework: > > * Get the services working together, and get A&A up and running. > > * For paranoid users: install all services locally on your computer. > > > > The second use case is the one Nina, Pantelis and I were working on > yesterday: > > > > USE CASE > > * User wants to perform a validation on someone elses confidential > > data. He has no access to the actual data, but should be able to > > initialize a validation. He gets the validation results/report > > returned, not the predictions of the model/s that were used. The owner > > of the confidential data has to grant access to the data for > > validation purposes (to certain users) beforehand. > > > > Implementation within the framework: > > * See summary from Pantelis last email > > > > I think we had a good discussion with nice ideas on how to solve this. > > My question is, do people think that the second use case is realistic > > and should be implemented? > > My personal observations/opinions: > > I am not aware of any company/authority that would allow sensitive > information to pass their firewall. This is not a rational decision, but > lawyers and management simply wont allow it and I do not have the > impression that their mindset is going to change in the near future. > > So I would suggest not to invest too much time into fancy A&A solutions > (even if they make sense), because thy are not going to be accepted by > potential users. > > The only solution thats accepted (and frequently requested) is an > in-house installation of programs and services. Making this process as > painfree as possible would give OpenTox much more acceptance than > sophisticated A&A which is rarely going to be used. > I agree a local installation would be the most acceptable solution. We can leave the second use case as purely theoretical construct and include the description & figures in the final document , without investing time into implementation. Best regards, Nina > > Best regards, > Christoph > > _______________________________________________ > Development mailing list > Development at opentox.org > http://www.opentox.org/mailman/listinfo/development > >
- Previous message: [OTDev] Validation against confidential data
- Next message: [OTDev] Validation against confidential data
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list