System and method for access control for data of heterogeneous origin
First Claim
1. An apparatus for controlling access to data of heterogeneous origin, the apparatus comprising:
- a processor; and
one or more stored sequences of instructions which, when executed by the processor, cause the processor to;
create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available;
receive a request from a user to access heterogeneous data related to an entity;
determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node;
provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and
recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for controlling access to data of heterogeneous origin. A system creates combined access rights from access rights and other access rights for combined data that includes data and other data. The system receives a request to access data that is part of the combined data. The system determines whether to provide access to at least part of the data based on access rights that are part of the combined access rights. The system provides access to at least part of the data in response to a determination to provide access to at least part of the data based on the access rights that are part of the combined access rights.
-
Citations
12 Claims
-
1. An apparatus for controlling access to data of heterogeneous origin, the apparatus comprising:
-
a processor; and one or more stored sequences of instructions which, when executed by the processor, cause the processor to; create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available; receive a request from a user to access heterogeneous data related to an entity; determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available. - View Dependent Claims (2, 3)
-
-
4. A computer program product comprising computer-readable program code to be executed by one or more processors when retrieved from a non-transitory computer-readable medium, wherein the computer program product comprises a non-transitory computer readable medium, the program code including instructions to:
-
create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available; receive a request from a user to access heterogeneous data related to an entity; determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available. - View Dependent Claims (5, 6)
-
-
7. A computer-implemented method for controlling access to data of heterogeneous origin, the method comprising:
-
creating an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available; receiving a request from a user to access heterogeneous data related to an entity; determining, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and providing access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and recreating the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available. - View Dependent Claims (8, 9)
-
-
10. A computer implemented method for transmitting code for controlling access to data of heterogeneous origin, the method comprising:
-
transmitting, by a computing device, code to create an access rights lattice for heterogeneous data comprising internal data of an organization and public web-extracted data, the access rights lattice including a plurality of internal data nodes and a public web-extracted data node, each of the plurality of internal data nodes controlling access to corresponding internal data, and the public web-extracted data node controlling access to corresponding public web-extracted data, at least one of the access rights lattice, the plurality of internal data nodes, and the public web-extracted data node comprising a time during which access is available; transmitting, by the computing device, code to receive a request from a user to access heterogeneous data related to an entity; transmitting, by the computing device, code to determine, based upon one or more node connections between nodes in the access rights lattice and a user node that represents access rights of the user, whether the user has access rights to an internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and whether the user has access rights to a public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and transmitting, by the computing device, code to provide access to the internal data portion and the public web-extracted data portion of the requested heterogeneous data when it is determined, based upon one or more node connections between nodes in the access rights lattice and the user node that represents access rights of the user, that the user has access rights to the internal data portion of the requested heterogeneous data that is controlled by at least one of the plurality of internal data nodes and access rights to the public web-extracted data portion of the requested heterogeneous data that is controlled by the public web-extracted data node; and transmitting, by the computing device, code to recreate the requested data when it is determined that the requested data may no longer be valid, the requested data being recreated using the minimum amount of information and the minimum amount of processing when it is determined that the requested data is combined from heterogeneous origins and at least some of the requested data is still available. - View Dependent Claims (11, 12)
-
Specification