Document retrieval system with access control
First Claim
1. A method of document retrieval in a network environment having web sites where documents are stored with a plurality of access levels and query servers where document searches are launched comprising,executing a query on a query server having access to a document index of documents available for searching on document servers provided in the web site by a person having a unique identification code without regard to access control limitations, yielding a list of all relevant documents, each document having a unique URL,reviewing all URLs by the document servers after the search is executed using an access control list associated with each document server to check whether each URL is compatible with the access level of the identification code of the person executing the query,delivering only those URLs that are compatible with the access level of the person, wherein each URL that is not compatible with the access level of the person is withheld, andpreventing the person from discovering the URLs that are not compatible with the access level of the person.
4 Assignments
0 Petitions
Accused Products
Abstract
An electonic document retrieval system and method for a collection of information distributed over a network having documents stored in web or document servers in which an access control list relates user identification to documents to which a user has access. No access control lists are contained in the documents themselves nor are comparisons made between lists of users, with their access levels, and the classifications of documents. Rather, by the use of URLs or pointers, it is possible to associate every document to which a user has access with the user identification number or code. URLs have a hierchical format which allows partial URLs to indicate levels of access. HTTP protocol, FTP and CGI protocol employ URL calls for documents and can use the access control method and system of the present invention. When a search query is applied to a query server, a list of hits is returned, together with pertinent URLs. The query server consults each access control list associated with each document server, to present to the user only those URLs for which he has a proper access level. Other URLs for which the user does not have proper access are kept hidden from the user.
204 Citations
16 Claims
-
1. A method of document retrieval in a network environment having web sites where documents are stored with a plurality of access levels and query servers where document searches are launched comprising,
executing a query on a query server having access to a document index of documents available for searching on document servers provided in the web site by a person having a unique identification code without regard to access control limitations, yielding a list of all relevant documents, each document having a unique URL, reviewing all URLs by the document servers after the search is executed using an access control list associated with each document server to check whether each URL is compatible with the access level of the identification code of the person executing the query, delivering only those URLs that are compatible with the access level of the person, wherein each URL that is not compatible with the access level of the person is withheld, and preventing the person from discovering the URLs that are not compatible with the access level of the person.
-
10. A method of document retrieval in a network environment having web sites where documents are stored and query servers where document searches are launched comprising,
providing a plurality of document servers in the web sites, each having an association with a plurality of documents, each document identified with a unique URL, each document server having an access control list defining user identification and for each user identification listing URLs for which access is permitted or denied, executing a query on a query server having access to a document index of documents available for searching on the document servers by a person having one of said identification codes, determining by one of the document servers whether each URL is compatible with the access level of the identification code of the person; - and
producing only those documents whose URL is compatible with the access level of the identification code of the person, wherein each non-compatible URL is withheld. - View Dependent Claims (11, 12, 13, 14, 15, 16)
- and
Specification