Classification separation router
First Claim
Patent Images
1. A method for addressing a request for classified electronic data, comprising:
- segregating data stored in a storage into at least two classifications;
receiving a request for data, wherein an identifier associated with the request includes a security attribute and a subject category;
filtering data from the storage based upon presence of the security attribute in at least one of the classifications of the data and based upon presence of a security policy defining access to the classifications of data;
dynamically creating a partition to contain request-specific filtered data in response to the request;
populating the created partition with a copy of the filtered data, wherein the created partition contains only data meeting the security policy and the subject category of the request; and
redirecting the request to the created partition to satisfy the request from the created partition.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system are provided to classify and convey data to satisfy a client request. The classification system is a two dimensional data classification system, including a first dimension pertaining to subject matter and a second dimension pertaining to data security. A partition is dynamically created, and data that satisfies the request populates the created partition to convey parsed data based satisfying both dimensions of the request.
-
Citations
17 Claims
-
1. A method for addressing a request for classified electronic data, comprising:
-
segregating data stored in a storage into at least two classifications; receiving a request for data, wherein an identifier associated with the request includes a security attribute and a subject category; filtering data from the storage based upon presence of the security attribute in at least one of the classifications of the data and based upon presence of a security policy defining access to the classifications of data; dynamically creating a partition to contain request-specific filtered data in response to the request; populating the created partition with a copy of the filtered data, wherein the created partition contains only data meeting the security policy and the subject category of the request; and redirecting the request to the created partition to satisfy the request from the created partition. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer system, comprising:
-
a server in communication with a data storage medium; data stored local to the storage medium segregated into at least two classifications; a receiving manager in communication with the server configured to receive a request for data, the request having an identifier with a security attribute and a subject category; a filter in communication with the receiving manager, the filter to parse data from the storage medium based upon presence of the security attribute in at least one of the classifications of the data and based upon presence of a security policy that defines access to the classifications of data; a partition manager in communication with the receiving manager, the partition manager to dynamically create a partition to contain request-specific filtered data in response to the request, wherein the created partition contains only data meeting the security policy and the subject category of the request; the partition manager to populate the created partition with a copy of the filtered data to satisfy the request. - View Dependent Claims (8, 9, 10, 11)
-
-
12. An article comprising:
-
a computer-readable data storage device including computer program instructions configured to address a request for classified electronic data, the instructions comprising; instructions to separate stored data into at least two classifications; instructions to receive a request for data, wherein an identifier associated with the request includes a security attribute; instructions to filter data from a storage based upon presence of the security parameter in at least one of the classifications of the data and based upon presence of a security policy defining access to the classifications of data; instructions to dynamically create a partition configured to contain the filtered data in response to the request; and instructions to satisfy the request from the created partition, including populating the created partition with a copy of request-specific filtered data and redirecting the request to the created partition, wherein the created partition contains only data meeting the security policy and the subject category of the request. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification