Security data redaction

US 8,086,615 B2
Filed: 01/27/2006
Issued: 12/27/2011
Est. Priority Date: 03/28/2005
Status: Active Grant

First Claim

Patent Images

1. A method for securing access to data, the method comprising:

receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameterswherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, andwherein the filter parameters accompany the request and determine the data included in a result set;

accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor;

accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy;

receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion;

determining a level of access assigned to the requestor;

inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access;

redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services;

retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor;

presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with one embodiment of the present invention, there are provided mechanisms and methods for securing access to data. These mechanisms and methods for securing access to data make it possible for systems to have improved control over accesses to information by redacting responses made by services based upon access policies. Requestors may be users, proxies or automated entities. This ability of a system to redact responses to queries or requests for services in accordance with access policies makes it possible to attain improved security in computing systems over conventional access control mechanisms that control based upon privileges for accessing a file, an account, a storage device or a machine upon which the information is stored.

Citations

21 Claims

1. A method for securing access to data, the method comprising:
- receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameterswherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, andwherein the filter parameters accompany the request and determine the data included in a result set;
  
  accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor;
  
  accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy;
  
  receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion;
  
  determining a level of access assigned to the requestor;
  
  inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access;
  
  redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services;
  
  retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor;
  
  presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein providing access to the result set further comprises:
    - providing the result set according to access policies if the requestor is permitted by the access policies to access only a portion of the result set.
  - 3. The method of claim 1, further comprising:
    - determining whether the requestor is making an authorized request to access datasets that the plurality of data access services access.
  - 4. The method of claim 1, wherein service includes at least one of a network based application, a web server resident application, a web portal, a search engine, a photographic, audio or video information storage application, an e-Commerce application, a backup application, a storage application, a sales/revenue planning, marketing, forecasting, accounting, inventory management application.
  - 5. The method of claim 1, further comprising:
    - determining a portion of the result set to be passed back to the requestor based on filter parameters accompanying with a request to access the plurality of data access services from the requestor.
  - 6. The method of claim 1, further comprising:
    - reformatting queries to improve performance based on execution time, resource use, efficiency and other performance criteria.
  - 7. The method of claim 1, further comprising:
    - comparing a security level associated with information in the result set received from the plurality of data access services and the requestor'"'"'s permitted access policy security level.
  - 8. The method of claim 1, further comprising:
    - mapping the result set into a special format suited for the requestor, wherein the special format is one of a plurality of formats, and wherein each one of the plurality of formats is associated with one of different requestors.
  - 9. The method of claim 1, wherein as the level of access assigned to the requestor increases, the amount of information in the result set available to the requestor also increases.
  - 10. The method of claim 1, wherein the level of access is associated with a condition that varies with time, said condition including a market activity level.

11. A non-transitory computer-readable storage medium carrying one or more sequences of instructions for securing access to data, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
- receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameterswherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, andwherein the filter parameters accompany the request and determine the data included in a result set;
  
  accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor;
  
  accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy;
  
  receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion;
  
  determining a level of access assigned to the requestor;
  
  inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access;
  
  redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services;
  
  retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor;
  
  presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The non-transitory computer-readable medium as recited in claim 11, wherein the instructions for carrying out the step of providing access to the result set include instructions for carrying out the steps of:
    - providing the result set according to access policies if the requestor is permitted by the access policies to access only a portion of the result set.
  - 13. The non-transitory computer-readable medium as recited in claim 11, further comprising instructions, which when executed by the one or more processors cause the one or more processors to carry out the steps of:
    - determining whether the requestor is making an authorized request to access datasets that the plurality of data access services access.
  - 14. The non-transitory computer-readable medium as recited in claim 11, wherein service includes at least one of a network based application, a web server resident application, a web portal, a search engine, a photographic, audio or video information storage application, an e-Commerce application, a backup application, a storage application, a sales/revenue planning, marketing, forecasting, accounting, inventory management application.
  - 15. The non-transitory computer-readable medium as recited in claim 11, further comprising instructions, which when executed by the one or more processors cause the one or more processors to carry out the steps of:
    - determining a portion of the result set to be passed back to the requestor based on filter parameters accompanying with a request to access the plurality of data access services from the requestor.
  - 16. The non-transitory computer-readable medium as recited in claim 11, further comprising instructions, which when executed by the one or more processors cause the one or more processors to carry out the steps of:
    - reformatting queries to improve performance based on execution time, resource use, efficiency and other performance criteria.
  - 17. The non-transitory computer-readable medium as recited in claim 11, further comprising instructions, which when executed by the one or more processors cause the one or more processors to carry out the steps of:
    - comparing a security level associated with information in the result set received from the plurality of data access services and the requestor'"'"'s permitted access policy security level.
  - 18. The non-transitory computer-readable medium as recited in claim 11, further comprising instructions, which when executed by the one or more processors cause the one or more processors to carry out the steps of:
    - mapping the result set into a special format suited for the requestor, wherein the special format is one of a plurality of formats, and wherein each one of the plurality of formats is associated with one of different requestors.
  - 19. The non-transitory computer-readable medium as recited in claim 11, wherein as the level of access assigned to the requestor increases, the amount of information in the result set available to the requestor also increases.
  - 20. The non-transitory computer-readable medium as recited in claim 11, wherein the level of access is associated with a condition that varies with time, said condition including a market activity level.

21. An apparatus for securing access to data, the apparatus comprising:
- a processor; and
  
  one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of;
  
  receiving a request from a requestor to access a plurality of data access services, said request associated with a service model, and said request including filter parameterswherein the service model provides a plurality of structured views of data in a format specific to the requestor, and wherein data returned to the requestor is mapped to one of the plurality of structured views associated with the requestor, andwherein the filter parameters accompany the request and determine the data included in a result set;
  
  accessing an authorization policy upon receiving the request to identify which of the plurality of data access services are available to the requestor, wherein the authorization policy includes one or more rules that are used to permit access to the plurality of data access services based on the requestor;
  
  accessing, based on the requestor, the plurality of data access services for which access is permitted by the authorization policy;
  
  receiving a combined filtered result set, the combined result set including the results from accessing the plurality of data access services, wherein the results from each of the plurality of data access services is filtered based on the filter parameters, and wherein each portion of the combined filtered result set is assigned a minimum level of access required to access the portion;
  
  determining a level of access assigned to the requestor;
  
  inspecting the combined filtered result set and determining, for each portion of the combined filtered result set, whether the requestor is permitted to access said portion of the combined filtered result set by comparing the minimum level of access associated with each portion in the combined filtered result set with the requestor'"'"'s level of access;
  
  redacting said portion from the combined filtered result set if the requestor is not permitted by the level of access to access said portion of the combined filtered result set, wherein said redacting is performed after the combined filtered result set is received from the plurality of data access services;
  
  retaining said portion within the combined filtered result set if the requestor is permitted to access said portion of the combined filtered result set based on the level of access assigned to the requestor;
  
  presenting to the requestor at least one of the plurality of structured views of the combined filtered result set, wherein each portion that is not permitted to be accessed by the requestor is redacted from the result set, and wherein the at least one of the plurality of different views presented is based upon a determination of which of the plurality of data access services are relevant to the requestor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Patrick, Paul B., Gupta, Naveen
Primary Examiner(s)
DEODHAR, OMKAR A

Application Number

US11/341,836
Publication Number

US 20060277220A1
Time in Patent Office

2,160 Days
Field of Search

707/999, 707/754, 463/43
US Class Current

707/754
CPC Class Codes

G06F 21/6218 to a system of files or obj...

G06F 21/6227 where protection concerns t...

Security data redaction

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Security data redaction

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links