Sharing information between nexuses that use different classification schemes for information access control
First Claim
Patent Images
1. A computer-implemented method performed via a plurality of processors, the method comprising:
- obtaining, from a source database, via at least one of the plurality of processors, an identifier of an access control list, at least one access control item of the access control list, and one or more classification markings of the access control list;
generating, via at least one of the plurality of processors, an origin classification comprising an identifier of a classification scheme used for classifying information in the source database and comprising the one or more classification markings of the access control list;
wherein the classification scheme used for classifying information in the source database comprises a set of classification markings, each of the one or more classification markings of the access control list belonging to the set of classification markings of the classification scheme;
exporting, via at least one of the plurality of processors, export data to a peer database system;
wherein the export data comprises the identifier of the access control list, the at least one access control item, and the origin classification;
the peer database system receiving the export data via at least one of the plurality of processors; and
the peer database system storing, via at least one of the plurality of processors, in a target database at the peer database system, in association with the identifier of the access control list;
the at least one access control item, andone or classification markings belonging to a target classification scheme used for classifying information in the target database.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for sharing information between distributed computer systems connected to one or more data networks. In particular, a replication system implements methodologies for sharing database information between computer systems where the databases use different classification schemes for information access control.
429 Citations
18 Claims
-
1. A computer-implemented method performed via a plurality of processors, the method comprising:
-
obtaining, from a source database, via at least one of the plurality of processors, an identifier of an access control list, at least one access control item of the access control list, and one or more classification markings of the access control list; generating, via at least one of the plurality of processors, an origin classification comprising an identifier of a classification scheme used for classifying information in the source database and comprising the one or more classification markings of the access control list; wherein the classification scheme used for classifying information in the source database comprises a set of classification markings, each of the one or more classification markings of the access control list belonging to the set of classification markings of the classification scheme; exporting, via at least one of the plurality of processors, export data to a peer database system; wherein the export data comprises the identifier of the access control list, the at least one access control item, and the origin classification; the peer database system receiving the export data via at least one of the plurality of processors; and the peer database system storing, via at least one of the plurality of processors, in a target database at the peer database system, in association with the identifier of the access control list; the at least one access control item, and one or classification markings belonging to a target classification scheme used for classifying information in the target database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method performed via one or more processors, the method comprising:
-
obtaining, via at least one of the one or more processors, export data from a source database system representing at least creation, or modification, of an access control list in a source database of the source database system; wherein the export data comprises an identifier of the access control list, at least one access control item of the access control list, and a plurality of ranked origin classifications associated with the identifier of the access control list in the export data; wherein each ranked origin classification of the plurality of ranked origin classifications comprises one or more classification markings and comprises an identifier of a classification scheme to which the one or more classification markings of the each ranked origin classification belongs; identifying, via at least one of the one or more processors, a lowest ranked translatable origin classification, of the plurality of ranked origin classifications, where the one or more classification markings represented in the lowest ranked translatable origin classification can be translated, according to a translation rule, to one or more corresponding classification markings belonging to a target classification scheme used for classifying information in a target database; wherein the target classification scheme used for classifying information in the target database is not the classification scheme identified in the lowest ranked translatable origin classification; translating, via at least one of the one or more processors, the one or more classification markings in the lowest ranked translatable origin classification, according to the translation rule, to the one or more corresponding classification markings belonging to the classification scheme used for classifying information in the target database; and storing, via at least one of the one or more processors, in the target database in association with the identifier of the access control list, the at least one access control item and the one or more corresponding classification markings belonging to the target classification scheme used for classifying information in the target database. - View Dependent Claims (11, 12, 13, 14)
-
-
15. One or more non-transitory computer-readable media storing one or more computer programs which, when executed via a plurality of processors, causes performance of the steps of:
-
obtaining, from a source database, via at least one of the plurality of processors, an identifier of an access control list, at least one access control item of the access control list, and one or more classification markings of the access control list; generating, via at least one of the plurality of processors, an origin classification comprising an identifier of a classification scheme used for classifying information in the source database and comprising the one or more classification markings of the access control list; wherein the classification scheme used for classifying information in the source database comprises a set of classification markings, each of the one or more classification markings of the access control list belonging to the set of classification markings of the classification scheme; exporting, via at least one of the plurality of processors, export data to a peer database system; wherein the export data comprises the identifier of the access control list, the at least one access control item, and the origin classification; the peer database system receiving the export data via at least one of the plurality of processors; and the peer database system storing, via at least one of the plurality of processors, in a target database at the peer database system, in association with the identifier of the access control list; the at least one access control item, and one or classification markings belonging to a target classification scheme used for classifying information in the target database. - View Dependent Claims (16, 17, 18)
-
Specification