Document retrieval system with access control

US 7,031,954 B1
Filed: 09/10/1997
Issued: 04/18/2006
Est. Priority Date: 09/10/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method of document retrieval in a network environment having web sites where documents are stored with a plurality of access levels and query servers where document searches are launched comprising,executing a query on a query server having access to a document index of documents available for searching on document servers provided in the web site by a person having a unique identification code without regard to access control limitations, yielding a list of all relevant documents, each document having a unique URL,reviewing all URLs by the document servers after the search is executed using an access control list associated with each document server to check whether each URL is compatible with the access level of the identification code of the person executing the query,delivering only those URLs that are compatible with the access level of the person, wherein each URL that is not compatible with the access level of the person is withheld, andpreventing the person from discovering the URLs that are not compatible with the access level of the person.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electonic document retrieval system and method for a collection of information distributed over a network having documents stored in web or document servers in which an access control list relates user identification to documents to which a user has access. No access control lists are contained in the documents themselves nor are comparisons made between lists of users, with their access levels, and the classifications of documents. Rather, by the use of URLs or pointers, it is possible to associate every document to which a user has access with the user identification number or code. URLs have a hierchical format which allows partial URLs to indicate levels of access. HTTP protocol, FTP and CGI protocol employ URL calls for documents and can use the access control method and system of the present invention. When a search query is applied to a query server, a list of hits is returned, together with pertinent URLs. The query server consults each access control list associated with each document server, to present to the user only those URLs for which he has a proper access level. Other URLs for which the user does not have proper access are kept hidden from the user.

204 Citations

16 Claims

1. A method of document retrieval in a network environment having web sites where documents are stored with a plurality of access levels and query servers where document searches are launched comprising,executing a query on a query server having access to a document index of documents available for searching on document servers provided in the web site by a person having a unique identification code without regard to access control limitations, yielding a list of all relevant documents, each document having a unique URL,reviewing all URLs by the document servers after the search is executed using an access control list associated with each document server to check whether each URL is compatible with the access level of the identification code of the person executing the query,delivering only those URLs that are compatible with the access level of the person, wherein each URL that is not compatible with the access level of the person is withheld, andpreventing the person from discovering the URLs that are not compatible with the access level of the person.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further defined by providing a data link between the query server and access control lists for associated web servers.
  - 3. The method of claim 2 further defined by storing the access control list separately from the index of documents.
  - 4. The method of claim 2 further defined by storing the access control list separately from the documents.
  - 5. The method of claim 1 further defined by implementing access control with partial URLs indicating the hierarchy of documents to which a person with a unique identification code has access.
  - 6. The method of claim 1 further defined by implementing access control with a common gateway interface script.
  - 7. The method of claim 6 wherein said common gateway interface script returns a message to the query server indicating URLs to which a person with a unique identification code has access.
  - 8. The method of claim 2 wherein a single access control list is provided for all document servers.
  - 9. The method of claim 2 wherein an access control list is provided for each document server.

10. A method of document retrieval in a network environment having web sites where documents are stored and query servers where document searches are launched comprising,providing a plurality of document servers in the web sites, each having an association with a plurality of documents, each document identified with a unique URL, each document server having an access control list defining user identification and for each user identification listing URLs for which access is permitted or denied,executing a query on a query server having access to a document index of documents available for searching on the document servers by a person having one of said identification codes,determining by one of the document servers whether each URL is compatible with the access level of the identification code of the person;
- andproducing only those documents whose URL is compatible with the access level of the identification code of the person, wherein each non-compatible URL is withheld.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10 wherein the URLs are expressed in HTTP protocol.
  - 12. The method of claim 10 wherein each access control list lists URLs for each user identification number with a hierarchical indication of documents for which access is permitted or denied.
  - 13. The method of claim 12 wherein said hierarchical indication of documents is by partial URLs.
  - 14. The method of claim 10 further defined by accessing the access control list by the filesystem of the query server.
  - 15. The method of claim 10 further defined by accessing the access control list by a file transfer protocol.
  - 16. The method of claim 10 further defined by confirming access to the access control list by a script message from a document server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Kirsch, Steven T.
Primary Examiner(s)
Gaffin, Jeffrey
Assistant Examiner(s)
ABEL JALIL, NEVEEN

Application Number

US08/927,022
Time in Patent Office

3,142 Days
Field of Search

707/10, 707/2, 707/6, 707/9, 707/101, 707/104.1, 707/516, 707/105, 707/4, 707/3, 395/200, 395/33, 395/3, 709/217, 709/225, 709/229, 709/203, 709/224, 709/245, 709/910, 703/201, 345/333, 705/9, 380/21, 711/202
US Class Current

707/731
CPC Class Codes

G06F 16/9535   Search customisation based ...

G06F 21/6227   where protection concerns t...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2149   Restricted operating enviro...

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99934   Query formulation, input pr...

Y10S 707/99939   Privileged access

Document retrieval system with access control

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

204 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Document retrieval system with access control

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

204 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links