Method and system for automated security access policy for a document management system

US 8,332,350 B2
Filed: 03/29/2010
Issued: 12/11/2012
Est. Priority Date: 04/08/2009
Status: Active Grant

First Claim

Patent Images

1. A computerized method for automatically creating a security access policy to an electronic document in a document management system, the method comprising:

employing at least one hardware processor for performing one or more of the following;

(a1) associating metadata with the document, the metadata comprising one or more attributes of the document;

(b1) configuring security access policies to be applied to documents in the document management system, comprising specifying one or more metadata rules governing application of security access policies to the documents, comprising specifying a dynamic metadata, which is dynamically retrieved based on external content analysis of the document performed outside the document management system, comprising the metadata not inferred from contents of the document; and

(c1) determining the security access policy to be applied to the document to be added to the document management system based on said one or more metadata rules and the metadata associated with the document.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for providing an automated security access policy in a document management system are described. The security policies are applied based on metadata rules. Once a document is added to the document managements system, the metadata rules are evaluated using the metadata of the document. Based on the results of the evaluation security access policies are applied to the document.

53 Citations

View as Search Results

20 Claims

1. A computerized method for automatically creating a security access policy to an electronic document in a document management system, the method comprising:
- employing at least one hardware processor for performing one or more of the following;
  
  (a1) associating metadata with the document, the metadata comprising one or more attributes of the document;
  
  (b1) configuring security access policies to be applied to documents in the document management system, comprising specifying one or more metadata rules governing application of security access policies to the documents, comprising specifying a dynamic metadata, which is dynamically retrieved based on external content analysis of the document performed outside the document management system, comprising the metadata not inferred from contents of the document; and
  
  (c1) determining the security access policy to be applied to the document to be added to the document management system based on said one or more metadata rules and the metadata associated with the document.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the step (b1) comprises:
    - (a2) creating said one or more metadata rules, comprising configuring a permission configuration web page;
      
      (b2) storing said one or more metadata rules in a permissions setting configuration file; and
      
      (c2) communicating the permissions setting configuration file to the document management system.
  - 3. The method of claim 2, wherein the step (b2) comprises storing the permissions setting configuration file in an Extensible Markup Language (XML) format.
  - 4. The method of claim 1, wherein the step (a1) comprises providing the attribute comprising a first field containing a name of the attribute and a second field containing a value of the attribute.
  - 5. The method of claim 4, wherein the step (b1) comprises specifying said one or more metadata rules comprising a target name, a target value, a comparison operation for comparing the target value with the second field of the attribute the first field of which matches the target name, and the security access policy, comprising a permission set to be applied to the document for controlling access to the document based on results of the comparison operation.
  - 6. The method of claim 5, wherein the step (c1) comprises:
    - (a6) receiving a notification from the document management system regarding adding the document to the document management system;
      
      (b6) evaluating each metadata rule by performing the comparison operation in said each metadata rule; and
      
      (c6) for said each metadata rule, applying the permission set to the document.
  - 7. The method of claim 6, wherein the step (c6) comprises changing an access control list in the document management system, the access control list including names of users having access to the document along with corresponding levels of access of the users.
  - 8. The method of claim 5, wherein the specifying said one or more metadata rules comprises specifying a compound expression for performing multiple comparisons on the target name and the target value.
  - 9. The method of claim 4, comprising providing the name of the attribute selected from the group consisting of file size, file name, file type, date modified, word count, and author.
  - 10. The method of claim 1, wherein the specifying the dynamic metadata comprises performing automated image analysis, content analysis of the document using natural language processing, or external database queries.

11. A non-transitory computer readable storage medium, having computer readable instructions stored thereon for execution by a processor, causing the processor to automatically create a security access policy to an electronic document in a document management system, comprising:
- (a10) associating metadata with a document, the metadata comprising one or more attributes of the document;
  
  (b10) configuring security access policies to be applied to documents in a document management system, comprising specifying one or more metadata rules governing application of security access policies to the documents, comprising specifying a dynamic metadata, which is dynamically retrieved based on external content analysis of the document performed outside the document management system, comprising the metadata not inferred from contents of the document; and
  
  (c10) determining a security access policy to be applied to the document to be added to the document management system based on said one or more metadata rules and the metadata associated with the document.

12. A system for automatically creating a security access policy to an electronic document in a document management system, the system comprising:
- a processor, and a computer readable storage medium having computer readable instructions stored thereon for execution by the processor, forming;
  
  (a11) a metadata storage module, storing metadata associated with the document, the metadata comprising one or more attributes of the document;
  
  (b11) a security policy configuration module, configuring security access policies to be applied to documents in the document management system, comprising specifying one or more metadata rules governing application of security access policies to the documents, comprising specifying a dynamic metadata, which is dynamically retrieved based on external content analysis of the document performed outside the document management system, comprising the metadata not inferred from contents of the document; and
  
  (c11) a security policy determination module, determining the security access policy to be applied to the document to be added to the document management system based on said one or more metadata rules and the metadata associated with the document.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The system of claim 12, wherein the security policy configuration module (b11) comprises:
    - (a12) a policy handler module, creating said one or more metadata rules, comprising configuring a permission configuration web page;
      
      (b12) a permissions setting configuration file, storing said one or more metadata rules; and
      
      (c12) a policy configuration control module, communicating the permissions setting configuration file to the document management system.
  - 14. The system of claim 12, wherein the attribute of the document comprises a first field containing a name of the attribute and a second field containing a value of the attribute.
  - 15. The system of claim 14, wherein said one or more metadata rules comprises a target name, a target value, a comparison operation for comparing the target value with the second field of the attribute the first field of which matches the target name, and the security access policy, comprising a permission set to be applied to the document for controlling access to the document based on results of the comparison operation.
  - 16. The system of claim 15, wherein the security policy determination module (c11) comprises:
    - (a16) a dispatcher module, receiving a notification from the document management system regarding adding the document to the document management system;
      
      (b16) a metadata rule evaluator module, evaluating each metadata rule by performing the comparison operation in said each metadata rule; and
      
      (c16) a permission processor module, applying, for each said metadata rule, the permission set to the document.
  - 17. The system of claim 16, wherein the permission processor module (c16) comprises computational means for changing an access control list in the document management system, the access control list including names of users having access to the document along with respective levels of access of the users.
  - 18. The system of claim 15, wherein said one or more metadata rules comprises a compound expression for performing multiple comparisons on the target name and the target value.
  - 19. The system of claim 14, wherein the name of the attribute is selected from the group consisting of file size, file name, file type, date modified, word count, and author.
  - 20. The system of claim 12, wherein the document management system is a Microsoft Share Point document library.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TITUS Inc.
Original Assignee
TITUS Inc.
Inventors
Pulfer, Charles Edouard, Whitney, Benjamin Taylor, Roy, Regi Baby
Primary Examiner(s)
Alam, Shahid
Assistant Examiner(s)
Bullock, Joshua

Application Number

US12/749,291
Publication Number

US 20100262577A1
Time in Patent Office

988 Days
Field of Search

707/608, 707783-785
US Class Current

707/608
CPC Class Codes

G06F 16/93   Document management systems

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

Method and system for automated security access policy for a document management system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

53 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for automated security access policy for a document management system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links