System and method for dynamic data redaction

US 7,748,027 B2
Filed: 09/08/2005
Issued: 06/29/2010
Est. Priority Date: 05/11/2005
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for securing access to data, comprising:

providing a computer including a processor, storage medium, and security service module operating thereon;

receiving, at the security service module, a request from a requestor to access one or more resources;

accessing the one or more resources on behalf of the requestor;

receiving, at the security service module, responses from the one or more resources, and aggregating a result set wherein the aggregated result set includes several portions of disparate resource data;

determining current access policies for the requestor corresponding to each of said several portions of disparate resource data;

redacting from the aggregated result set a portion of said disparate resource data that the requestor is not permitted to receive, based on said current access policies, to create a redacted result set from said aggregated result set when said aggregated result set exceeds the requestor'"'"'s authorization while each of said disparate resources the requestor is authorized to access; and

providing the redacted result set to the requestor.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and media for dynamically redacting data based on the evaluation of one or more policies. In one embodiment, the method comprises receiving a request to access one or more resources, receiving responses from the one or more resources and assembling a result set which includes several portions of data, determining current access policies for the requestor to the one or more resources, and redacting from the result set a portion of the data that the requestor is not permitted to receive, based on the current access policies.

166 Citations

View as Search Results

18 Claims

1. A computer-implemented method for securing access to data, comprising:
- providing a computer including a processor, storage medium, and security service module operating thereon;
  
  receiving, at the security service module, a request from a requestor to access one or more resources;
  
  accessing the one or more resources on behalf of the requestor;
  
  receiving, at the security service module, responses from the one or more resources, and aggregating a result set wherein the aggregated result set includes several portions of disparate resource data;
  
  determining current access policies for the requestor corresponding to each of said several portions of disparate resource data;
  
  redacting from the aggregated result set a portion of said disparate resource data that the requestor is not permitted to receive, based on said current access policies, to create a redacted result set from said aggregated result set when said aggregated result set exceeds the requestor'"'"'s authorization while each of said disparate resources the requestor is authorized to access; and
  
  providing the redacted result set to the requestor.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein the redacting further comprises:
    - after receiving, at the security service module, the responses from the one or more resources, and assembling then result set then deleting the portion of the data from the result set that the requestor is not permitted to receive, prior to providing the redacted result set to the requestor.
  - 3. The method of claim 1 wherein the redacting further comprises:
    - after receiving, at the security service module, the responses from the one or more resources, and assembling then result set then encrypting the portion of the data in the result set that the requestor is not permitted to receive, prior to providing the redacted result set and the encrypted portion to the requestor.
  - 4. The method of claim 1 wherein the redacting further comprises:
    - evaluating at least one policy to determine if the requestor is permitted to receive the portion of the data, including determining which roles, if any, the requestor belongs, and determining which policies, if any, apply to the current request based on mapped roles, target resource and requested action.
  - 5. The method of claim 1 wherein:
    - the result set is an XML document, and wherein, the portions of data to be redacted from the XML document are redacted by the security service module using one or more XML Query and/or XML Path Language commands.
  - 6. The method of claim 1, wherein the one or more resources is a plurality of resources, and wherein the method includesreceiving a request from a requestor to access the plurality of resources;
    - assembling the result set based on aggregated responses from the plurality of resources;
      
      determining current access policies for the requestor to combinations of information in the result set based on the aggregated responses;
      
      using the current access policies to determine which, if any, portions of data to be redacted to create the redacted result set.

7. A machine readable storage medium having instructions embedded thereon and performing the following functions when executed by a processor:
- receive, at a security service module, a request from a requester to access one or more resources;
  
  access the one or more resources on behalf of the requester;
  
  receive, at the security service module, responses from the one or more resources, and aggregating a result set wherein the aggregated result set includes several portions of disparate resource data;
  
  determine current access policies for the requester corresponding to each of said several portions of disparate resource data;
  
  redact from the aggregated result set a portion of said disparate resource data that the requester is not permitted to receive, based on the current access policies, to create a redacted result set from said aggregated result set when said aggregated result set exceeds the requestor'"'"'s authorization while each of said disparate resources the requestor is authorized to access; and
  
  provide the redacted result set to the requester.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The machine readable storage medium of claim 7, further comprising instructions that when used cause the system to:
    - after receiving, at the security service module, the responses from the one or more resources, and assembling then result set then delete the portion of the data from the result set that the requestor is not permitted to receive, prior to providing the redacted result set to the requestor.
  - 9. The machine readable storage medium of claim 7, further comprising instructions that when used cause the system to:
    - after receiving, at the security service module, the responses from the one or more resources, and assembling then result set then encrypt the portion of the data in the result set that the requestor is not permitted to receive, prior to providing the redacted result set and the encrypted portion to the requestor.
  - 10. The machine readable storage medium of claim 7, further comprising instructions that when used cause the system to:
    - evaluate at least one policy to determine if the requestor is permitted to receive the portion of the data, including determining which roles, if any, the requestor belongs, and determining which policies, if any, apply to the current request based on mapped roles, target resource and requested action.
  - 11. The machine readable storage medium of claim 7 wherein:
    - the result set is an XML document, and wherein, the portions of data to be redacted from the XML document are redacted by the security service module using one or more XML Query and/or XML Path Language commands.
  - 12. The machine readable storage medium of claim 7, further comprising instructions that when used cause the system toreceive a request to access a plurality of resources;
    - assemble the result set based on aggregated responses from the plurality of resources;
      
      determine current access policies for the requestor to combinations of information in the result set based on the aggregated responses;
      
      use the current access policies to determine which, if any, portions of data to be redacted to create the redacted result set.

13. A system for securing access to data, said system comprising:
- a computer including a processor, storage medium, and security service module operating thereon, wherein the security service module is configured to perform steps comprising;
  
  receiving, at the security service module, a request from a requester to access one or more resources;
  
  accessing the one or more resources on behalf of the requester;
  
  receiving, at the security service module, responses from the one or more resources, and aggregating a result set wherein the aggregated result set includes several portions of disparate resource data;
  
  determining current access policies for the requester corresponding to each of said several portions of disparate resource data;
  
  redacting from the aggregated result set a portion of said disparate resource data that the requester is not permitted to receive, based on the current access policies, to create a redacted result set from said aggregated result set when said aggregated result set exceeds the requestor'"'"'s authorization while each of said disparate resources the requestor is authorized to access; and
  
  providing the redacted result set to the requester.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The system of claim 13 wherein the redacting further comprises:
    - after receiving, at the security service module, the responses from the one or more resources, and assembling then result set then deleting the portion of the data from the result set that the requestor is not permitted to receive, prior to providing the redacted result set to the requestor.
  - 15. The system of claim 13 wherein the redacting further comprises:
    - after receiving, at the security service module, the responses from the one or more resources, and assembling then result set then encrypting the portion of the data in the result set that the requestor is not permitted to receive, prior to providing the redacted result set and the encrypted portion to the requestor.
  - 16. The system of claim 13 wherein the redacting further comprises:
    - evaluating at least one policy to determine if the requestor is permitted to receive the portion of the data, including determining which roles, if any, the requestor belongs, and determining which policies, if any, apply to the current request based on mapped roles, target resource and requested action.
  - 17. The system of claim 13 wherein:
    - the result set is an XML document, and wherein, the portions of data to be redacted from the XML document are redacted by the security service module using one or more XML Query and/or XML Path Language commands.
  - 18. The system for securing access to data of claim 13, wherein the security service module is configured to perform steps comprisingreceiving a request from a requestor to access a plurality of resources;
    - assembling the result set based on aggregated responses from the plurality of resources;
      
      determining current access policies for the requestor to combinations of information in the result set based on the aggregated responses;
      
      using the current access policies to determine which, if any, portions of data to be redacted to create the redacted result set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
BEA Systems Incorporated (Oracle Corporation)
Inventors
Patrick, Paul B.
Primary Examiner(s)
Chai; Longbit

Application Number

US11/222,071
Publication Number

US 20060259954A1
Time in Patent Office

1,755 Days
Field of Search

726/2
US Class Current

726/2
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/6209   to a single file or object,...

G06F 21/6227   where protection concerns t...

G06F 2221/2141   Access rights, e.g. capabil...

System and method for dynamic data redaction

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

166 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for dynamic data redaction

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

166 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links