×

Access control for enterprise knowledge

  • US 10,326,768 B2
  • Filed: 05/28/2015
  • Issued: 06/18/2019
  • Est. Priority Date: 05/28/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method implemented in a data processing apparatus, comprising:

  • receiving documents of an enterprise, each document having a respective access control list specifying access privileges to the document for one or more members of the enterprise, and the documents including data describing entities related to the enterprise and relationships among the entities;

    deriving entity facts of the entities from the documents of the enterprise, each entity fact describing at least one feature of an entity of the entities from the documents, wherein the feature of the entity is a relationship between the entity and another entity and wherein each entity fact is derived from one or more corresponding documents in which the entity fact is described, wherein deriving the entity facts comprises selecting each document from the documents, and for the selected document;

    determining a first entity identified within the document;

    determining a second entity identified within the document;

    determining a relationship between the first entity and the second entity that is described within the document; and

    generating, as the entity fact, data describing the first entity, the second entity, and the relationship between the first entity and the second entity as described in the document;

    wherein multiple entity facts are derived from a selected document;

    determining, for each entity fact, from the respective access control list of each document from which the entity fact is derived, an entity fact access control list, wherein;

    each entity fact access control list is different from the access control lists provided for the documents of the enterprise; and

    at least one entity fact access control list is determined from two or more separate access control lists that each specify access privileges to respectively separate documents from which the at least one entity fact is identified;

    storing data describing the entities, entity facts and the respective entity fact access control lists in a searchable index, wherein each entity fact is associated with its corresponding entity fact access control list; and

    providing, to each of the members of the enterprise, access privileges to the data describing the entities and the entity facts in the searchable index according to the respective entity fact access control lists.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×