DATA SOURCE SECURITY CLUSTER
First Claim
1. A data source security cluster system, comprising:
- a federation engine structured with a memory and a processor, the processor in communication with the memory to;
generate a first data source security token and a second data source security token;
send the first data source security token to a first data source and the second data source security token to a second data source;
receive, from a client, a request comprising at least a query, a first security token and a second security token;
extract the query, the first security token and the second security token from the request;
query the first data source for the first data source security token and the second data source for the second data source security token;
determine a first match between the first data source security token and the first security token;
based upon the determining of the first match, authorizing the client to access the first data source;
generate a first sub-query based on the query; and
send the first sub-query to the first data source.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and computer program for implementing data source security cluster are provided. Security tokens may be generated for a plurality of data sources. Clients may request a security token from each data source. The client may send the security tokens and a data query to a federation engine. The federation engine may generate a plurality of sub-queries from the query. The federation engine may match a sub-query and particular security token to a data source. The federation engine may validate each security token and send, to each data source, the matching sub-query for that data source. Each data source may send a result to a sub-query to the federation engine, which may join all of the results into a virtual view.
19 Citations
20 Claims
-
1. A data source security cluster system, comprising:
a federation engine structured with a memory and a processor, the processor in communication with the memory to; generate a first data source security token and a second data source security token; send the first data source security token to a first data source and the second data source security token to a second data source; receive, from a client, a request comprising at least a query, a first security token and a second security token; extract the query, the first security token and the second security token from the request; query the first data source for the first data source security token and the second data source for the second data source security token; determine a first match between the first data source security token and the first security token; based upon the determining of the first match, authorizing the client to access the first data source; generate a first sub-query based on the query; and send the first sub-query to the first data source. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A computer-implemented method, comprising:
-
receiving an initial query, a first security token and a second security token; generating at least a first sub-query and a second sub-query from the initial query; matching the first sub-query to the first security token and the second sub-query to the second security token; sending the first sub-query and the first security token to the first data source; sending the second sub-query and the second security token to the second data source; and receiving a first result set from the first data source and a second result set from the second data source. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium comprising computer-readable instructions which, when executed by a processor, cause the processor to perform operations comprising:
-
receiving a query, a first security token and a second security token; generating at least a first sub-query and a second sub-query from the query; mapping the first sub-query to the first security token; mapping the second sub-query to the second security token; sending the first sub-query to the first data source; sending the second sub-query to the second data source; receiving a first result set from the first data source; receiving a second result set from the second data source; and joining the first result set and the second result set to create a third result set. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification