ROW LEVEL SECURITY INTEGRATION OF ANALYTICAL DATA STORE WITH CLOUD ARCHITECTURE
First Claim
1. A method of building a secure read only analytic data structure, the method including:
- accessing a data set from at least one transactional data management system, wherein data in the data set has security attributes managed by the transactional data management system;
processing first security translation rules that accept the security attributes as predicates and generating one or more security tokens for each object in the data set; and
storing the one or more security tokens by association with each secured object in a read only analytic data structure generated from the data set, wherein the stored security tokens govern access to each secured object.
1 Assignment
0 Petitions
Accused Products
Abstract
A predicate-based row level security system is used when workers build or split an analytical data store. According to one implementation, predicate-based means that security requirements of source transactional systems can be used as predicates to a rule base that generates one or more security tokens, which are associated with each row as attributes of a dimension. Similarly, when an analytic data store is to be split, build job, user and session attributes can be used to generate complementary security tokens that are compared to security tokens of selected rows. Efficient indexing of a security tokens dimension makes it efficient to qualify row retrieval based on security criteria.
43 Citations
22 Claims
-
1. A method of building a secure read only analytic data structure, the method including:
-
accessing a data set from at least one transactional data management system, wherein data in the data set has security attributes managed by the transactional data management system; processing first security translation rules that accept the security attributes as predicates and generating one or more security tokens for each object in the data set; and storing the one or more security tokens by association with each secured object in a read only analytic data structure generated from the data set, wherein the stored security tokens govern access to each secured object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system of building a secure read only analytic data structure, the system including:
a processor and a computer readable storage medium storing computer instructions configured to cause the processor to; access data set from at least one transactional data management system, wherein data in the data set has security attributes managed by the transactional data management system; process first security translation rules that accept the security attributes as predicates and generating one or more security tokens for each object in the data set; and store the one or more security tokens by association with each secured object in a read only analytic data structure generated from the data set, wherein the stored security tokens govern access to each secured object. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
Specification