System and method for content management security
First Claim
1. A method for providing content management security to federated content repositories in a content management system, the method comprising:
- integrating a plurality of content repositories, including a first content repository having a first security mechanism and a second content repository lacking any security mechanism, into a virtual content repository (VCR);
intercepting a request to access content stored in a first node of a plurality of nodes within the plurality of content repositories and a second node of the plurality of nodes within the plurality of content repositories, wherein the first node includes content stored in the first content repository and the second node includes content stored in the second content repository;
determining whether the request will be permitted by applying a security policy to a result set returned by the first content repository and the second content repository responsive to the request and applying the first security mechanism to only that portion of the result set returned by the first content repository; and
providing the result set when the request satisfies the security policy and the first security mechanism.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with embodiments, there are provided mechanisms and methods for providing content management security to federated content repositories in a content management system and for interacting with a virtual content repository. These mechanisms and methods can enable embodiments to provide secure access to repositories based upon policies defined at a federated repository level and to secure repository access at the federated level based upon policies defined for differing classes of users. These abilities of embodiments can enable users to create services and applications by integrating content from unsecured repositories.
127 Citations
18 Claims
-
1. A method for providing content management security to federated content repositories in a content management system, the method comprising:
-
integrating a plurality of content repositories, including a first content repository having a first security mechanism and a second content repository lacking any security mechanism, into a virtual content repository (VCR);
intercepting a request to access content stored in a first node of a plurality of nodes within the plurality of content repositories and a second node of the plurality of nodes within the plurality of content repositories, wherein the first node includes content stored in the first content repository and the second node includes content stored in the second content repository;
determining whether the request will be permitted by applying a security policy to a result set returned by the first content repository and the second content repository responsive to the request and applying the first security mechanism to only that portion of the result set returned by the first content repository; and
providing the result set when the request satisfies the security policy and the first security mechanism. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A machine-readable medium carrying one or more sequences of instructions for providing content management security to federated content repositories in a content management system, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
integrating a plurality of content repositories, including a first content repository having a first security mechanism and a second content repository lacking any security mechanism, into a virtual content repository (VCR);
intercepting a request to access content stored in a first node of a plurality of nodes within the plurality of content repositories and a second node of the plurality of nodes within the plurality of content repositories, wherein the first node includes content stored in the first content repository and the second node includes content stored in the second content repository;
determining whether the request will be permitted by applying a security policy to a result set returned by the first content repository and the second content repository responsive to the request and applying the first security mechanism to only that portion of the result set returned by the first content repository; and
providing the result set when the request satisfies the security policy and the first security mechanism. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus for providing content management security to federated content repositories in a content management system, the apparatus comprising:
-
a processor; and
one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of;
integrating a plurality of content repositories, including a first content repository having a first security mechanism and a second content repository lacking any security mechanism, into a virtual content repository (VCR);
intercepting a request to access content stored in a first node of a plurality of nodes within the plurality of content repositories and a second node of the plurality of nodes within the plurality of content repositories, wherein the first node includes content stored in the first content repository and the second node includes content stored in the second content repository;
determining whether the request will be permitted by applying a security policy to a result set returned by the first content repository and the second content repository responsive to the request and applying the first security mechanism to only that portion of the result set returned by the first content repository; and
providing the result set when the request satisfies the security policy and the first security mechanism.
-
-
18. A method for transmitting code on a transmission medium, comprising:
-
transmitting code to integrate a plurality of content repositories, including a first content repository having a first security mechanism and a second content repository lacking any security mechanism, into a virtual content repository (VCR);
transmitting code to intercept a request to access content stored in a first node of a plurality of nodes within the plurality of content repositories and a second node of the plurality of nodes within the plurality of content repositories, wherein the first node includes content stored in the first content repository and the second node includes content stored in the second content repository;
transmitting code to determine whether the request will be permitted by applying a security policy to a result set returned by the first content repository and the second content repository responsive to the request and applying the first security mechanism to only that portion of the result set returned by the first content repository; and
transmitting code to provide the result set when the request satisfies the security policy and the first security mechanism.
-
Specification