-
公开(公告)号:US11989314B2
公开(公告)日:2024-05-21
申请号:US17244426
申请日:2021-04-29
Applicant: Elasticsearch B.V.
Inventor: Adrien Grand
Abstract: Methods and systems for a document-level attribute-based access control service are provided. The document-level attribute-based access control service may be positioned between a directory service and a search engine service. The directory service can manage information and permissions for users. The document-level attribute-based access control service can map security attributes to the user based on the information and permissions. Based on the mapping, it can be determined whether to permit the user making a query to the search engine service to access documents based on the query. Information and permissions attributes can be injected into queries dynamically via a template. Attributes may be combined with role query templates to create document-level attribute-based access control on top of role-based access control. The present technology can enable enforcement of security policies requiring all of a combination of attributes to be satisfied before permitting certain access.
-
公开(公告)号:US20250117373A1
公开(公告)日:2025-04-10
申请号:US18907009
申请日:2024-10-04
Applicant: Elasticsearch B.V.
Inventor: Henning Andersen , Alexandros Batsakis , Adrien Grand , David Christopher Turner , Jason Tedor , Tanguy Leroux , Timothy Regan Brooks
IPC: G06F16/22 , G06F12/02 , G06F16/215
Abstract: According to an aspect, a search system includes an indexing tier and a search tier. The indexing tier is configured to generate an index structure from a plurality of documents, store the index structure in a local storage device, and transmit the index structure to an external object store, the external object store configured to store the index structure. The search tier is configured to receive a search query from a client device and communicate with the external object store or the indexing tier to retrieve at least a portion of the index structure to search data based on the search query.
-
Patent Agency Ranking
公开(公告)号:US20210216652A1
公开(公告)日:2021-07-15
申请号:US17217589
申请日:2021-03-30
Applicant: Elasticsearch B.V.
Inventor: Adrien Grand
Abstract: Methods and systems for a document-level attribute-based access control service are provided. The document-level attribute-based access control service may be positioned between a directory service and a search engine service. The directory service can manage information and permissions for users. The document-level attribute-based access control service can map security attributes to the user based on the information and permissions. Based on the mapping, it can be determined whether to permit the user making a query to the search engine service to access documents based on the query. Information and permissions attributes can be injected into queries dynamically via a template. Attributes may be combined with role query templates to create document-level attribute-based access control on top of role-based access control. The present technology can enable enforcement of security policies requiring all of a combination of attributes to be satisfied before permitting certain access.
-
公开(公告)号:US11847239B2
公开(公告)日:2023-12-19
申请号:US17217589
申请日:2021-03-30
Applicant: Elasticsearch B.V.
Inventor: Adrien Grand
Abstract: Methods and systems for a document-level attribute-based access control service are provided. The document-level attribute-based access control service may be positioned between a directory service and a search engine service. The directory service can manage information and permissions for users. The document-level attribute-based access control service can map security attributes to the user based on the information and permissions. Based on the mapping, it can be determined whether to permit the user making a query to the search engine service to access documents based on the query. Information and permissions attributes can be injected into queries dynamically via a template. Attributes may be combined with role query templates to create document-level attribute-based access control on top of role-based access control. The present technology can enable enforcement of security policies requiring all of a combination of attributes to be satisfied before permitting certain access.
-
公开(公告)号:US20210248250A1
公开(公告)日:2021-08-12
申请号:US17244426
申请日:2021-04-29
Applicant: Elasticsearch B.V.
Inventor: Adrien Grand
Abstract: Methods and systems for a document-level attribute-based access control service are provided. The document-level attribute-based access control service may be positioned between a directory service and a search engine service. The directory service can manage information and permissions for users. The document-level attribute-based access control service can map security attributes to the user based on the information and permissions. Based on the mapping, it can be determined whether to permit the user making a query to the search engine service to access documents based on the query. Information and permissions attributes can be injected into queries dynamically via a template. Attributes may be combined with role query templates to create document-level attribute-based access control on top of role-based access control. The present technology can enable enforcement of security policies requiring all of a combination of attributes to be satisfied before permitting certain access.
-
公开(公告)号:US11023598B2
公开(公告)日:2021-06-01
申请号:US16212475
申请日:2018-12-06
Applicant: Elasticsearch B.V.
Inventor: Adrien Grand
Abstract: Methods and systems for a document-level attribute-based access control service are provided. The document-level attribute-based access control service may be positioned between a directory service and a search engine service. The directory service can manage information and permissions for users. The document-level attribute-based access control service can map security attributes to the user based on the information and permissions. Based on the mapping, it can be determined whether to permit the user making a query to the search engine service to access documents based on the query. Information and permissions attributes can be injected into queries dynamically via a template. Attributes may be combined with role query templates to create document-level attribute-based access control on top of role-based access control. The present technology can enable enforcement of security policies requiring all of a combination of attributes to be satisfied before permitting certain access.
-
公开(公告)号:US20200184090A1
公开(公告)日:2020-06-11
申请号:US16212475
申请日:2018-12-06
Applicant: Elasticsearch B.V.
Inventor: Adrien Grand
Abstract: Methods and systems for a document-level attribute-based access control service are provided. The document-level attribute-based access control service may be positioned between a directory service and a search engine service. The directory service can manage information and permissions for users. The document-level attribute-based access control service can map security attributes to the user based on the information and permissions. Based on the mapping, it can be determined whether to permit the user making a query to the search engine service to access documents based on the query. Information and permissions attributes can be injected into queries dynamically via a template. Attributes may be combined with role query templates to create document-level attribute-based access control on top of role-based access control. The present technology can enable enforcement of security policies requiring all of a combination of attributes to be satisfied before permitting certain access.
-
-
-
-
-
-
Search Results
7
records
(took 0.011 seconds)
