Fine grain security for analytic data sets
First Claim
1. A method comprising:
- extracting fields of data from one or more secured, primary database sources on a batch basis;
assigning field level security to the fields, wherein the assigning comprises;
identifying a first subset of the fields with user selectable inheritance, wherein the field level security for each field of the first subset of the fields is determined based at least in part on inheriting security from one or more source fields associated with the first subset of the fields extracted from the one or more secured, primary database sources; and
identifying a second subset of the fields with pinnable inheritance, wherein the field level security for each field of the second subset of the fields is determined based at least in part on a user pinning inheritance of field level security for the second subset of the fields to reference fields, wherein the reference fields are bound to one or more attributes in the one or more secured, primary database sources and are distinct from the second subset of the fields;
compiling the fields with the assigned field level security to obtain compiled fields, wherein the compiled fields support real-time querying by a dashboard for display in a graphical user interface (GUI);
storing the compiled fields in one or more analytical, read-only databases, wherein the one or more analytical, read-only databases are distinct from the one or more secured, primary database sources;
receiving a request for query results from a user; and
producing, for display in the GUI, the query results from the compiled fields supporting the real-time querying based at least in part on the assigned field level security and subject to field level security permissions of the user.
1 Assignment
0 Petitions
Accused Products
Abstract
The technology disclosed relates to assigning field level security to fields extracted from primary sources on a batch basis and compiled into analytical, read-only databases, for ultra-fast, ad-hoc data exploration and faceted navigation on integrated, heterogeneous data sets. The method includes assigning field level security to the extracted fields by combining user selectable inheritance of field level security from source fields that yield the extracted fields, with pinning of inheritance of field level security for the extracted fields to reference fields in the database sources wherein the reference fields are distinct from the extracted fields. The disclosed method also includes receiving additional fields as unsecured data sets, and assigning field level security to the additional fields, received by combining user selectable explicit specification of field level security for the received fields with pinning of inheritance of field level security for the received fields to reference fields in the database sources.
194 Citations
25 Claims
-
1. A method comprising:
-
extracting fields of data from one or more secured, primary database sources on a batch basis; assigning field level security to the fields, wherein the assigning comprises; identifying a first subset of the fields with user selectable inheritance, wherein the field level security for each field of the first subset of the fields is determined based at least in part on inheriting security from one or more source fields associated with the first subset of the fields extracted from the one or more secured, primary database sources; and identifying a second subset of the fields with pinnable inheritance, wherein the field level security for each field of the second subset of the fields is determined based at least in part on a user pinning inheritance of field level security for the second subset of the fields to reference fields, wherein the reference fields are bound to one or more attributes in the one or more secured, primary database sources and are distinct from the second subset of the fields; compiling the fields with the assigned field level security to obtain compiled fields, wherein the compiled fields support real-time querying by a dashboard for display in a graphical user interface (GUI); storing the compiled fields in one or more analytical, read-only databases, wherein the one or more analytical, read-only databases are distinct from the one or more secured, primary database sources; receiving a request for query results from a user; and producing, for display in the GUI, the query results from the compiled fields supporting the real-time querying based at least in part on the assigned field level security and subject to field level security permissions of the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system including at least one server comprising one or more processors and memory coupled to the processors, the memory comprising computer instructions that, when executed on the processors, cause the system to:
-
extract fields of data from one or more secured, primary database sources on a batch basis; assign field level security to the fields, wherein the assigning comprises; identifying a first subset of the fields with user selectable inheritance, wherein the field level security for each field of the first subset of the fields is determined based at least in part on inheriting security from one or more source fields associated with the first subset of the fields extracted from the one or more secured, primary database sources; and identifying a second subset of the fields with pinnable inheritance, wherein the field level security for each field of the second subset of the fields is determined based at least in part on a user pinning inheritance of field level security for the second subset of the fields to reference fields, wherein the reference fields are bound to one or more attributes in the one or more secured, primary database sources and are distinct from the second subset of the fields; compile the fields with the assigned field level security to obtain compiled fields, wherein the compiled fields support real-time querying by a dashboard for display in a graphical user interface (GUI); store the compiled fields in one or more analytical, read-only databases, wherein the one or more analytical, read-only databases are distinct from the one or more secured, primary database sources; receive a request for query results from a user; and produce, for display in the GUI, the query results from the compiled fields supporting the real-time querying based at least in part on the assigned field level security and subject to field level security permissions of the user. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. One or more non-transitory tangible computer readable media impressed with instructions that are executable by a computer device and one or more servers to:
-
extract fields of data from one or more secured, primary database sources on a batch basis; assign field level security to the fields, wherein the assigning comprises; identifying a first subset of the fields with user selectable inheritance, wherein the field level security for each field of the first subset of the fields is determined based at least in part on inheriting security from one or more source fields associated with the first subset of the fields extracted from the one or more secured, primary database sources; and identifying a second subset of the fields with pinnable inheritance, wherein the field level security for each field of the second subset of the fields is determined based at least in part on a user pinning inheritance of field level security for the second subset of the fields to reference fields, wherein the reference fields are bound to one or more attributes in the one or more secured, primary database sources and are distinct from the second subset of the fields; compile the fields with the assigned field level security to obtain compiled fields, wherein the compiled fields support real-time querying by a dashboard for display in a graphical user interface (GUI); store the compiled fields in one or more analytical, read-only databases, wherein the one or more analytical, read-only databases are distinct from the one or more secured, primary database sources; receive a request for query results from a user; and produce, for display in the GUI, the query results from the compiled fields supporting the real-time querying based at least in part on the assigned field level security and subject to field level security permissions of the user. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification