Enforcing access control on resources at a location other than the source location

Assignee

• Microsoft Corporation · US

Inventors

• Srikanth Shoroff · Sammamish, US
• F. Soner Terek · Bellevue, US
• Sankrant Sanu · Redmond, US
• Andrew Wallace · Bellevue, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99939
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Systems and methods for enforcing access control on secured documents that are stored outside of the direct control of the original application that would normally store and govern access to the documents. Access security can be enforced at a search engine associated with an indexing system that compiles references to documents at any number of network locations. The search engine discloses to the requesting user only those documents that the user is authorized to read. If a document is identified for potential disclosure to a user, and the document's source location has an access control system that is not directly interoperable with a native access control system of the search engine, a security provider at the search engine enforces access control. The security provider, in cooperation with the source location of the document, converts the user context that identifies the requesting user to a format that can be used by the security provider. The security provider also retrieves the access control information from the document's source location. The security provider then applies the user context to the access control information to determine if the user is authorized to read the…