Method, system, and program for an improved enterprise spatial system

US 10,073,979 B2
Filed: 02/06/2015
Issued: 09/11/2018
Est. Priority Date: 03/16/2002
Status: Active Grant

First Claim

Patent Images

1. A method for access control, comprising:

controlling, with a processor of a computer, access to a data set associated with a data layer using a layer definition table, a user table, a resource access control list table, and an application definition table, wherein the layer definition table has a layer identifier column that maps to a resource identifier column of the resource access control list table, and wherein the resource access control list table has a user identifier column that maps to a user identifier column of the user table and has an entry in an access type column that points to a row of the application definition table, by;

receiving a request, from a user having a user identifier, to access the data set associated with the data layer having a data layer identifier;

accessing a resource access control list entry of the resource access control list table to determine whether the user has access to the data layer based on whether there is a first match of a user identifier of the user identifier column of the resource access control list entry and the user identifier of the user and a second match of a resource identifier of the resource identifier column of the resource access control list entry and the data layer identifier of the data layer;

in response to determining that there is the first match and the second match, providing access to the data layer by;

locating a layer definition table entry in the layer definition table using the data layer identifier of the data layer;

identifying a data store in the layer definition table entry; and

retrieving data for the data set from the data store; and

in response to determining that the resource access control list entry does not specify the data layer identifier, denying access to the data layer.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a method, system, and program for providing access to spatial data. A request for data is received. Enterprise and third party data are integrated. The integrated data is processed. Spatially referenced results are generated using the processed data. The spatially referenced results are returned in response to the request.

77 Citations

View as Search Results

12 Claims

1. A method for access control, comprising:
- controlling, with a processor of a computer, access to a data set associated with a data layer using a layer definition table, a user table, a resource access control list table, and an application definition table, wherein the layer definition table has a layer identifier column that maps to a resource identifier column of the resource access control list table, and wherein the resource access control list table has a user identifier column that maps to a user identifier column of the user table and has an entry in an access type column that points to a row of the application definition table, by;
  
  receiving a request, from a user having a user identifier, to access the data set associated with the data layer having a data layer identifier;
  
  accessing a resource access control list entry of the resource access control list table to determine whether the user has access to the data layer based on whether there is a first match of a user identifier of the user identifier column of the resource access control list entry and the user identifier of the user and a second match of a resource identifier of the resource identifier column of the resource access control list entry and the data layer identifier of the data layer;
  
  in response to determining that there is the first match and the second match, providing access to the data layer by;
  
  locating a layer definition table entry in the layer definition table using the data layer identifier of the data layer;
  
  identifying a data store in the layer definition table entry; and
  
  retrieving data for the data set from the data store; and
  
  in response to determining that the resource access control list entry does not specify the data layer identifier, denying access to the data layer.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - filtering the data set using a data filter in the layer definition table entry.
  - 3. The method of claim 1, further comprising:
    - rendering the data set using a rendering specification.
  - 4. The method of claim 1, further comprising:
    - obtaining access credentials from the layer definition table entry to access a data store string the data set.

5. A system for access control, comprising:
- a processor; and
  
  a storage device connected to the processor, wherein the storage device has stored thereon a program, and wherein the processor is configured to execute instructions of the program to perform operations, wherein the operations comprise;
  
  controlling access to a data set associated with a data layer using a layer definition table, a user table, a resource access control list table, and an application definition table, wherein the layer definition table has a layer identifier column that maps to a resource identifier column of the resource access control list table, and wherein the resource access control list table has a user identifier column that maps to a user identifier column of the user table and has an entry in an access type column that points to a row of the application definition table, by;
  
  receiving a request, from a user having a user identifier, to access the data set associated with the data layer having a data layer identifier;
  
  accessing a resource access control list entry of the resource access control list table to determine whether the user has access to the data layer based on whether there is a first match of a user identifier of the user identifier column of the resource access control list entry and the user identifier of the user and a second match of a resource identifier of the resource identifier column of the resource access control list entry and the data layer identifier of the data layer;
  
  in response to determining that there is the first match and the second match, providing access to the data layer by;
  
  locating a layer definition table entry in the layer definition table using the data layer identifier of the data layer;
  
  identifying a data store in the layer definition table entry; and
  
  retrieving data for the data set from the data store; and
  
  in response to determining that the resource access control list entry does not specify the data layer identifier, denying access to the data layer.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 5, wherein the operations further comprise:
    - filtering the data set using a data filter in the layer definition table entry.
  - 7. The system of claim 5, wherein the operations further comprise:
    - rendering the data set using a rendering specification.
  - 8. The system of claim 5, wherein the operations further comprise:
    - obtaining access credentials from the layer definition table entry to access a data store string the data set.

9. An article of manufacture comprising a non-transitory computer readable medium storing a program for access control, wherein the program, when executed by a processor of a computer, is configured to perform:
- controlling access to a data set associated with a data layer using a layer definition table, a user table, a resource access control list table, and an application definition table, wherein the layer definition table has a layer identifier column that maps to a resource identifier column of the resource access control list table, and wherein the resource access control list table has a user identifier column that maps to a user identifier column of the user table and has an entry in an access type column that points to a row of the application definition table, by;
  
  receiving a request, from a user having a user identifier, to access the data set associated with the data layer having a data layer identifier;
  
  accessing a resource access control list entry of the resource access control list table to determine whether the user has access to the data layer based on whether there is a first match of a user identifier of the user identifier column of the resource access control list entry and the user identifier of the user and a second match of a resource identifier of the resource identifier column of the resource access control list entry and the data layer identifier of the data layer;
  
  in response to determining that there is the first match and the second match, providing access to the data layer by;
  
  locating a layer definition table entry in the layer definition table using the data layer identifier of the data layer;
  
  identifying a data store in the layer definition table entry; and
  
  retrieving data for the data set from the data store; and
  
  in response to determining that the resource access control list entry does not specify the data layer identifier, denying access to the data layer.
- View Dependent Claims (10, 11, 12)
- - 10. The article of manufacture of claim 9, wherein the program, when executed by the processor of the computer, is configured to perform:
    - filtering the data set using a data filter in the layer definition table entry.
  - 11. The article of manufacture of claim 9, wherein the program, when executed by the processor of the computer, is configured to perform:
    - rendering the data set using a rendering specification.
  - 12. The article of manufacture of claim 9, wherein the program, when executed by the processor of the computer, is configured to perform:
    - obtaining access credentials from the layer definition table entry to access a data store string the data set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CeleritasWorks, LLC (RGS Senior Management Group, LC)
Original Assignee
The Paradigm Alliance, Inc.
Inventors
Von Kaenel, Tim A., Dyrnaes, David Neil, Kumar, C. Suresh, Wayman, Jared Paul, Goodwin, Jonathan David, Trivelpiece, Craig Evan, Mihalich, Joseph, Jenkins, Anthony Page, Odom, Jr., Richard Hoyt, Stier, Mark Andrew, Obee, Anne Janetta
Primary Examiner(s)
Wu, Yicun

Application Number

US14/616,562
Publication Number

US 20150193630A1
Time in Patent Office

1,313 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 16/29   Geographical information da...

G06F 21/604   Tools and structures for ma...

G06Q 40/08   Insurance

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99945   Object-oriented database st...

Y10S 707/99948   Application of database or ...

Method, system, and program for an improved enterprise spatial system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

77 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method, system, and program for an improved enterprise spatial system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links