System and method for access control for data of heterogeneous origin

US 10,146,955 B2
Filed: 02/11/2013
Issued: 12/04/2018
Est. Priority Date: 07/12/2012
Status: Active Grant

First Claim

Patent Images

1. An apparatus for controlling access to data of heterogeneous origin, the apparatus comprising:

a processor; and

one or more stored sequences of instructions which, when executed by the processor, cause the processor to;

create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available;

receive a request from a user to access heterogeneous data related to an entity;

determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node;

provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and

recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for controlling access to data of heterogeneous origin. A system creates combined access rights from access rights and other access rights for combined data that includes data and other data. The system receives a request to access data that is part of the combined data. The system determines whether to provide access to at least part of the data based on access rights that are part of the combined access rights. The system provides access to at least part of the data in response to a determination to provide access to at least part of the data based on the access rights that are part of the combined access rights.

147 Citations

12 Claims

1. An apparatus for controlling access to data of heterogeneous origin, the apparatus comprising:
- a processor; and
  
  one or more stored sequences of instructions which, when executed by the processor, cause the processor to;
  
  create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available;
  
  receive a request from a user to access heterogeneous data related to an entity;
  
  determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node;
  
  provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and
  
  recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available.
- View Dependent Claims (2, 3)
- - 2. The apparatus of claim 1, wherein at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprise a number of access instances.
  - 3. The apparatus of claim 1, wherein providing access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data comprises:
    - creating another combined data comprising the internal data portion and the public web-extracted data portion based on the access rights lattice that corresponds to the request to access the heterogeneous data, the other combined data comprising less of the internal data portion and the public web-extracted data portion than the internal data portion and the public web-extracted data portion; and
      
      providing access to at least a part of the other combined data.

4. A computer program product comprising computer-readable program code to be executed by one or more processors when retrieved from a non-transitory computer-readable medium, wherein the computer program product comprises a non-transitory computer readable medium, the program code including instructions to:
- create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available;
  
  receive a request from a user to access heterogeneous data related to an entity;
  
  determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node;
  
  provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and
  
  recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available.
- View Dependent Claims (5, 6)
- - 5. The computer program product of claim 4, wherein at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprise a number of access instances.
  - 6. The computer program product of claim 4, wherein providing access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data comprises:
    - creating another combined data comprising the internal data portion and the public web-extracted data portion based on the access rights lattice that corresponds to the request to access the heterogeneous data, the other combined data comprising less of the internal data portion and the public web-extracted data portion than the internal data portion and the public web-extracted data portion; and
      
      providing access to at least a part of the other combined data.

7. A computer-implemented method for controlling access to data of heterogeneous origin, the method comprising:
- creating an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available;
  
  receiving a request from a user to access heterogeneous data related to an entity;
  
  determining, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and
  
  providing access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and
  
  recreating the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7, wherein at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprise a number of access instances.
  - 9. The method of claim 7, wherein providing access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data comprises:
    - creating another combined data comprising the internal data portion and the public web-extracted data portion based on the access rights lattice that corresponds to the request to access the heterogeneous data, the other combined data comprising less of the internal data portion and the public web-extracted data portion than the internal data portion and the public web-extracted data portion; and
      
      providing access to at least a part of the other combined data.

10. A computer implemented method for transmitting code for controlling access to data of heterogeneous origin, the method comprising:
- transmitting, by a computing device, code to create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available;
  
  transmitting, by the computing device, code to receive a request from a user to access heterogeneous data related to an entity;
  
  transmitting, by the computing device, code to determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and
  
  transmitting, by the computing device, code to provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and
  
  transmitting, by the computing device, code to recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available.
- View Dependent Claims (11, 12)
- - 11. The method for transmitting code of claim 10, wherein at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprise a number of access instances.
  - 12. The method for transmitting code of claim 10, wherein transmitting, by the computing device, code to providing access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data comprises:
    - transmitting, by the computing device, code to create another combined data comprising the internal data portion and the public web-extracted data portion based on the access rights lattice that corresponds to the request to access the heterogeneous data, the other combined data comprising less of the internal data portion and the public web-extracted data portion than the internal data portion and the public web-extracted data portion; and
      
      transmitting, by the computing device, code to provide access to at least a part of the other combined data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Fuchs, Matthew
Primary Examiner(s)
Gracia, Gary S

Application Number

US13/764,477
Publication Number

US 20140020120A1
Time in Patent Office

2,122 Days
Field of Search

726 30
US Class Current
CPC Class Codes

G06F 21/6236 between heterogeneous systems

System and method for access control for data of heterogeneous origin

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

147 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for access control for data of heterogeneous origin

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

147 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links