Multi-focused fine-grained security framework
First Claim
Patent Images
1. A method comprising:
- assigning a plurality of security annotation tags to at least one document in a corpus of electronic documents based upon one or more document properties corresponding to the at least one document;
building, by a processor, an electronic knowledge structure from the corpus of electronic documents, wherein the building further comprises;
generating a plurality of term tokens and storing the plurality of term tokens in a plurality of text fields, wherein the plurality of term tokens correspond to a plurality of terms included in the corpus of documents;
generating a plurality of security annotation tokens based on the plurality of security annotation tags and storing the plurality of security annotation tokens in a plurality of parallel fields that correspond to the plurality of text fields, wherein each of the plurality of security annotation tokens indicate a security level of one of the plurality of term tokens stored in the corresponding one of the plurality of text fields; and
storing the electronic knowledge structure in a memory;
matching, by the processor, one or more security policies corresponding to a search request to one or more of the plurality of security annotation tokens, wherein the search request is received over a computer network;
identifying, by the processor, a first subset of the plurality of term tokens that correspond to the matched one or more of the plurality of security annotation tokens and identifying a second subset of the plurality of term tokens not corresponding to the matched one or more of the plurality of security annotation tokens; and
generating, by the processor, one or more answers to the search request, wherein at least one of the one or more answers provides the second set of term tokens and obfuscates the first subset of term tokens.
1 Assignment
0 Petitions
Accused Products
Abstract
An approach is provided in which a knowledge manager generates a knowledge structure that includes security annotation tokens and term tokens. Each of the security annotation tokens are stored in a parallel field and align to at least one of the term tokens. The knowledge manager matches security policies corresponding to a search request to one or more of the security annotation tokens and, in turn, generates search results based upon obfuscation of one or more of the term tokens aligned to the matched security annotation tokens.
-
Citations
6 Claims
-
1. A method comprising:
-
assigning a plurality of security annotation tags to at least one document in a corpus of electronic documents based upon one or more document properties corresponding to the at least one document; building, by a processor, an electronic knowledge structure from the corpus of electronic documents, wherein the building further comprises; generating a plurality of term tokens and storing the plurality of term tokens in a plurality of text fields, wherein the plurality of term tokens correspond to a plurality of terms included in the corpus of documents; generating a plurality of security annotation tokens based on the plurality of security annotation tags and storing the plurality of security annotation tokens in a plurality of parallel fields that correspond to the plurality of text fields, wherein each of the plurality of security annotation tokens indicate a security level of one of the plurality of term tokens stored in the corresponding one of the plurality of text fields; and storing the electronic knowledge structure in a memory; matching, by the processor, one or more security policies corresponding to a search request to one or more of the plurality of security annotation tokens, wherein the search request is received over a computer network; identifying, by the processor, a first subset of the plurality of term tokens that correspond to the matched one or more of the plurality of security annotation tokens and identifying a second subset of the plurality of term tokens not corresponding to the matched one or more of the plurality of security annotation tokens; and generating, by the processor, one or more answers to the search request, wherein at least one of the one or more answers provides the second set of term tokens and obfuscates the first subset of term tokens. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification