Security data redaction
First Claim
1. A method for securing access to data, the method comprising:
- receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameterswherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, andwherein the filter parameters accompany the request and determine the data included in a result set;
accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor;
accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy;
receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion;
determining a level of access assigned to the requestor;
inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access;
redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services;
retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor;
presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor.
3 Assignments
0 Petitions
Accused Products
Abstract
In accordance with one embodiment of the present invention, there are provided mechanisms and methods for securing access to data. These mechanisms and methods for securing access to data make it possible for systems to have improved control over accesses to information by redacting responses made by services based upon access policies. Requestors may be users, proxies or automated entities. This ability of a system to redact responses to queries or requests for services in accordance with access policies makes it possible to attain improved security in computing systems over conventional access control mechanisms that control based upon privileges for accessing a file, an account, a storage device or a machine upon which the information is stored.
-
Citations
21 Claims
-
1. A method for securing access to data, the method comprising:
-
receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameters wherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, and wherein the filter parameters accompany the request and determine the data included in a result set; accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor; accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy; receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion; determining a level of access assigned to the requestor; inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access; redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services; retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor; presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory computer-readable storage medium carrying one or more sequences of instructions for securing access to data, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameters wherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, and wherein the filter parameters accompany the request and determine the data included in a result set; accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor; accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy; receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion; determining a level of access assigned to the requestor; inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access; redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services; retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor; presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An apparatus for securing access to data, the apparatus comprising:
-
a processor; and one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of; receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameters wherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, and wherein the filter parameters accompany the request and determine the data included in a result set; accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor; accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy; receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion; determining a level of access assigned to the requestor; inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access; redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services; retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor; presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor.
-
Specification