Abstract: The technology described herein protects the privacy and security of data stored in a knowledge graph (“graph”) by enforcing visibility policies when returning property information in response to a query or other attempt to extract property information from the graph and/or about the graph. The visibility policies may be stored with the object and used to prevent restricted properties from being extracted from the object, let alone the graph. The object-specific visibility policy may be stored in the storage layer of the knowledge-graph object with the object properties and content. Some implementations may include multiple visibility records for a single object. Together the visibility records form the object visibility policy. An object visibility policy may have a single visibility record or multiple visibility records.

Abstract: Examples of the present disclosure describe systems and methods for user profile aggregation and inference generation. In an example, user profiles for a plurality of services may be stored by a unified profile service. An inferred user profile may be generated for a user, which may be used to provide inferred user information for inclusion in a new user profile. Accordingly, the user may not need to reenter information that may already be stored by the unified profile service. The inferred user profile may be generated based on one or more confidence levels in order to determine which user information is most likely to be accurate. In some examples, a user may update aspects of an inferred user profile and may indicate that the update should be incorporated into other user profiles stored by the unified profile service.

Abstract: The technology described herein protects the privacy and security of data stored in a knowledge graph (“graph”) by enforcing visibility policies when returning property information in response to a query or other attempt to extract property information from the graph and/or about the graph. The visibility policies may be stored with the object and used to prevent restricted properties from being extracted from the object, let alone the graph. The object-specific visibility policy may be stored in the storage layer of the knowledge-graph object with the object properties and content. Some implementations may include multiple visibility records for a single object. Together the visibility records form the object visibility policy. An object visibility policy may have a single visibility record or multiple visibility records.

Abstract: The technology described herein protects the privacy of data stored in a knowledge graph (“graph”) by enforcing privacy policies when returning information in response to a query or other attempt to extract information from the graph and/or about the graph. In one aspect, unauthorized information is trimmed from the information output in response to a query. In other words, the privacy policy for a knowledge graph is enforced during the information extraction process. This is in contrast to other methods that attempt to enforce privacy policies at the information ingestion process or through some other service-level process after information is output from the graph. The privacy policies may be stored in a node of the graph.

Abstract: In non-limiting examples of the present disclosure, systems, methods and devices for maintaining and interacting with organizational graphs are presented. An organizational graph comprised of nodes including relationship edges may be maintained. The edges may be traversable from one node to another via the relationship data they are defined by. New relationships may be automatically identified amongst organizational entities, and an organizational graph may be automatically updated to reflect those new relationships. An organizational graph may also be updated to reflect organizational relationships that are determined to have been modified and organizational relationships that are determined to no longer exist. User queries may be processed against an organizational graph to identify relevant nodes and their corresponding organizational relationship data.

Abstract: Examples of the present disclosure describe systems and methods for user profile aggregation and inference generation. In an example, user profiles for a plurality of services may be stored by a unified profile service. An inferred user profile may be generated for a user, which may be used to provide inferred user information for inclusion in a new user profile. Accordingly, the user may not need to reenter information that may already be stored by the unified profile service. The inferred user profile may be generated based on one or more confidence levels in order to determine which user information is most likely to be accurate. In some examples, a user may update aspects of an inferred user profile and may indicate that the update should be incorporated into other user profiles stored by the unified profile service.