Policy-based data-centric access control in a sorted, distributed key-value data store
US8914323B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 10, 2014 |
| Grant date | Dec 16, 2014 |
| Priority date | — |
| Expiry date | Apr 10, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2145
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method, apparatus and computer program product for policy-based access control in association with a sorted, distributed key-value data store in which keys comprise a cell-level access control. In this approach, an information security policy is used to create a set of pluggable policies. A pluggable policy may be used during data ingest time, when data is being ingested into the data store, and a pluggable policy may be used during query time, when a query to the data store is received for processing against data stored therein. Generally, a pluggable policy associates one or more user-centric attributes (or some function thereof), to a particular set of data-centric attributes. By using pluggable policies, preferably at both ingest time and query time, the data store is enhanced to provide a seamless and secure policy-based access control mechanism in association with the cell-level access control enabled by the data store.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.