Flexible Authorization Model for Secure Search
First Claim
1. A method for authorizing a user in a secure search system, comprising:
- receiving a query from an authenticated user of the secure search system;
obtaining security attribute values for the authenticated user in response to the query;
appending the security attribute values to the query and passing the appended query to an appropriate data source for the query;
receiving results for the query from the appropriate data source based on terms in the query and the security attribute values; and
transmitting the results to the user.
2 Assignments
0 Petitions
Accused Products
Abstract
A flexible and extensible architecture allows for secure searching across an enterprise. Such an architecture can provide a simple Internet-like search experience to users searching secure content inside (and outside) the enterprise. The architecture allows for the crawling and searching of a variety or sources across an enterprise, regardless of whether any of these sources conform to a conventional user role model. The architecture further allows for security attributes to be submitted at query time, for example, in order to provide real-time secure access to enterprise resources. The user query also can be transformed to provide for dynamic querying that provides for a more current result list than can be obtained for static queries.
189 Citations
24 Claims
-
1. A method for authorizing a user in a secure search system, comprising:
-
receiving a query from an authenticated user of the secure search system;
obtaining security attribute values for the authenticated user in response to the query;
appending the security attribute values to the query and passing the appended query to an appropriate data source for the query;
receiving results for the query from the appropriate data source based on terms in the query and the security attribute values; and
transmitting the results to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for authorizing a user in a secure search system, comprising:
-
a search module operable to receive a query from an authenticated user of the secure search system; and
a callback mechanism operable to obtain security attribute values for the authenticated user in response to the query, the security attribute values being provided by an identity management system for a secure data source, the search module being operable to append the security attribute values to the query and pass the appended query to the secure data source, the search module being further operable to receive results for the query from the secure data source based on terms in the query and the security attribute values and transmit the results to the user. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer program product embedded in a computer readable medium for authorizing a user in a secure search system, comprising:
-
program code for receiving a query from an authenticated user of the secure search system;
program code for obtaining security attribute values for the authenticated user in response to the query;
program code for appending the security attribute values to the query and passing the appended query to an appropriate data source for the query;
program code for receiving results for the query from the appropriate data source based on terms in the query and the security attribute values; and
program code for transmitting the results to the user. - View Dependent Claims (21, 22, 23, 24)
-
Specification