Data security in a semantic data model

US 20060149739A1
Filed: 03/30/2005
Published: 07/06/2006
Est. Priority Date: 05/28/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method for defining security for a data model comprising:

creating a data model for semantically related data, the data model having a propositional structure with a finite set of data relations;

specifying data structure security requirements for the semantically related data; and

restricting access to the semantically related data based on the data structure security requirements.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data dependency path calculator for a semantic search engine is provided. A body of semantically related data is modeled according to a semantic data model. A user is presented a list of data elements from which they may select desired data elements. The system automatically calculates all of the possible paths through the database that may be used to retrieve meaningful data based on the selected data elements. The available data dependency paths are returned to the user for selection. The system further provides a type of data permission that allows restricted data elements to be used as a pass-through data element for relating, connecting and retrieving non-restricted data. Thus, a user can use restricted data to create data dependency paths to retrieve meaningful data. The system further provides for defining access privileges for all levels of data structures, allowing data to be secured with an increased level of granularity than previously possible.

63 Citations

View as Search Results

40 Claims

1. A method for defining security for a data model comprising:
- creating a data model for semantically related data, the data model having a propositional structure with a finite set of data relations;
  
  specifying data structure security requirements for the semantically related data; and
  
  restricting access to the semantically related data based on the data structure security requirements.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the model is a Metamodel.
  - 3. The method of claim 1, wherein the specifying step further comprises defining access privileges based on a data instance.
  - 4. The method of claim 1, wherein the specifying step further comprises defining access privileges based on a data version.
  - 5. The method of claim 1, wherein the specifying step further comprises defining access privileges based on a data element.
  - 6. The method of claim 1, wherein the specifying step further comprises defining access privileges based on a data relation.
  - 7. The method of claim 6, wherein the access privileges restricts access to a first data element based on participation by the first data element in a data relation with a second data element.
  - 8. The method of claim 1, wherein the specifying step further comprises defining access privileges based on a data view.
  - 9. The method of claim 1, wherein the specifying step further comprises defining access privileges for a data dependency path by combining access privileges for data relations, data elements, data versions, and data instances that are included in the data dependency path.
  - 10. The method of claim 1, wherein the restricting step further comprises hiding the existence of semantically related data.
  - 11. The method of claim 10, wherein the hiding step includes denying the existence of the semantically related data.
  - 12. The method of claim 1, further comprising:
    - defining a data dependency path for accessing the semantically related data.
  - 13. The method of claim 12, wherein the data dependency path includes restricted data.
  - 14. The method of claim 1, further comprising mapping the data model to the semantically related data.

15. A system for securing data comprising:
- a first data model for modeling semantically related target data resources;
  
  a second data model for modeling access privileges;
  
  a database for storing the target data resources; and
  
  a security access component for granting access to data based on the access privileges.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the first data model is a Metamodel.
  - 17. The system of claim 16, wherein the second data model is a Metamodel.
  - 18. The system of claim 17, wherein the first data model maps to the database storing the target data resources.
  - 19. The system of claim 18 further comprising a data dependency path.
  - 20. The system of claim 19, wherein the data dependency path comprises a set of semantically related data elements defined in the first data model.

21. A method for providing access to a user to secured data in a system storing the secured data in a semantic data model comprising:
- authenticating the user as an authorized user of the system;
  
  receiving a request from the user for the secured data in the semantic data model;
  
  analyzing the request;
  
  determining whether the authenticated user is entitled to the requested data.
- View Dependent Claims (22, 23, 24, 25, 26)
- - 22. The method of claim 21, wherein the data model comprises a propositional structure with a finite set of data relations.
  - 23. The method of claim 22, wherein the data model is a Metamodel.
  - 24. The method of claim 21, wherein the authenticating step further comprises:
    - comparing a data request received from the user to data stored in a security Metamodel.
  - 25. The method of claim 21, wherein the determining step further comprises:
    - applying security rules stored in a security database, the security database being stored in a second semantic data model.
  - 26. The method of claim 25, wherein the second semantic data model is a Metamodel.

27. A computer readable medium containing computer-executable instructions for performing a method for defining security for a data model, comprising:
- creating a data model for semantically related data, the data model having a propositional structure with a finite set of data relations;
  
  specifying data structure security requirements for the semantically related data; and
  
  restricting access to the semantically related data based on the data structure security requirements.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 28. The computer readable medium of claim 27, wherein the model is a Metamodel.
  - 29. The computer readable medium of claim 27, wherein the specifying step further comprises defining access privileges based on a data instance.
  - 30. The computer readable medium of claim 27, wherein the specifying step further comprises defining access privileges based on a data version.
  - 31. The computer readable medium of claim 27, wherein the specifying step further comprises defining access privileges based on a data element.
  - 32. The computer readable medium of claim 27, wherein the specifying step further comprises defining access privileges based on a data relation.
  - 33. The computer readable medium of claim 32, wherein the access privileges restricts access to a first data element based on participation by the first data element in a data relation with a second data element.
  - 34. The computer readable medium of claim 27, wherein the specifying step further comprises defining access privileges based on a data view.
  - 35. The computer readable medium of claim 27, wherein the specifying step further comprises calculating access privileges for a data dependency path by combining access privileges for data relations, data elements, data versions, and data instances that are included in the data dependency path.
  - 36. The computer readable medium of claim 27, wherein the restricting step further comprises hiding the existence of semantically related data.
  - 37. The computer readable medium of claim 36, wherein the hiding step includes denying the existence of the semantically related data.
  - 38. The computer readable medium of claim 27, further comprising:
    - defining a data dependency path for accessing the semantically related data.
  - 39. The computer readable medium of claim 38, wherein the data dependency path includes restricted data.
  - 40. The computer readable medium of claim 27, further comprising mapping the data model to the semantically related data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Metadata LLC
Original Assignee
Metadata LLC
Inventors
Myers, Jack E.

Application Number

US11/093,232
Publication Number

US 20060149739A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/6227 where protection concerns t...

Data security in a semantic data model

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

63 Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Data security in a semantic data model

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links