ACCESS CONTROL FOR UNPROTECTED DATA STORAGE SYSTEM ENDPOINTS
3 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments provide access control to unprotected data storage system endpoints. In one embodiment, an authenticated query request is received. The request includes a query associated with an unprotected data storage system endpoint configured to execute queries anonymously. The query is written in a Resource Description Framework (RDF) query language and requests one or more datasets stored in a relational data storage system. A user parameter within the query is identified. The user parameter uniquely identifies a user requesting the query. The query is automatically rewritten to include a set of access control list properties for one or more subject variables in the query. Each of the set of access control list properties configures the query to return data from the one or more datasets for which the user is authorized to access.
99 Citations
20 Claims
-
1-7. -7. (canceled)
-
8. An information processing system for providing access control to unprotected data storage system endpoints, the information processing system comprising:
-
a memory; a processor communicatively coupled to the memory; and an access control manager communicatively coupled to the memory and the processor, wherein the access control manager is configured to perform a method comprising; receiving an authenticated query request comprising a query associated with an unprotected data storage system endpoint configured to execute queries anonymously, wherein the query is written in a Resource Description Framework (RDF) query language and requests one or more datasets stored in a relational data storage system; identifying a user parameter within the query, wherein the user parameter uniquely identifies a user requesting the query; and automatically rewriting the query to include a set of access control list properties for one or more subject variables in the query, wherein each of the set of access control list properties configures the query to return data from the one or more datasets for which the user is authorized to access. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer program product for providing access control to unprotected data storage system endpoints, the computer program product comprising:
a storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method comprising; receiving an authenticated query request comprising a query associated with an unprotected data storage system endpoint configured to execute queries anonymously, wherein the query is written in a Resource Description Framework (RDF) query language and requests one or more datasets stored in a relational data storage system; identifying a user parameter within the query, wherein the user parameter uniquely identifies a user requesting the query; and automatically rewriting the query to include a set of access control list properties for one or more subject variables in the query, wherein each of the set of access control list properties configures the query to return data from the one or more datasets for which the user is authorized to access. - View Dependent Claims (15, 16, 17, 18, 19, 20)
Specification