×

System and method for efficiently securing enterprise data resources

  • US 8,327,419 B1
  • Filed: 08/19/2008
  • Issued: 12/04/2012
  • Est. Priority Date: 05/22/2008
  • Status: Active Grant
First Claim
Patent Images

1. A method of implementing policy based access controls within a role based access control model of a data management system comprising a plurality of data resources, said method comprising:

  • receiving a policy based security definition specifying a set of policy based rules to define a logical partition of the data resources, the logical partition specifying data that is accessible within the data resources;

    according to the policy based security definition, defining a set of filters as a secure resource, each filter specifying a portion of the data resources available to a user submitting a query, the available portion of the data resources based on a set of user attributes associated with each filter, each filter being parameterized based on the set of user attributes associated with a role of the user submitting the query;

    storing the secure resource and the set of policy based rules defining the logical partition in a secure repository;

    by a computer, producing a role based security definition by configuring a role based access control declaration for the secure resource based on at least one particular user role and at least one user attribute, the secure resource for modifying a submitted query for processing, the query being modified based on the set of user attributes associated with each filter, wherein processing the submitted query comprises executing the submitted query with each filter on the data resources; and

    storing the role based access control declaration in the secure repository.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×