What technology area does this patent fall under?

Primary CPC classification G06F21/6227. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Dec 22 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Role-based security policy for an object-oriented database system

US10872162B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10872162-B2
Application number	US-201514633391-A
Country	US
Kind code	B2
Filing date	Feb 27, 2015
Priority date	Jun 7, 2011
Publication date	Dec 22, 2020
Grant date	Dec 22, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A system for adding security data to a search index comprises a processor and a memory. The processor is configured to select an object in a search index, wherein an entry associated with the object is stored in the search index and add security entity data to an entry of the search index corresponding to the selected object. A memory is coupled to the processor and is configured to provide the processor with instructions.

First claim

Opening claim text (preview).

What is claimed is: 1. A system for adding security data to a search index, comprising: a processor configured to: add an entry for a data object of an object-oriented database to the search index, wherein the data object is one of a plurality of data objects; add field data to a search index entry for the data object, wherein the field data comprises attribute data and relation data associated with the data object; add security entity data to the search index entry for the data object, wherein the security entity data comprises a reference to a first security entity, wherein the first security entity is one of a plurality of security entities related in a security entity hierarchy, wherein the first security entity has a relation with second security entities, wherein the security entity hierarchy includes the first security entity and the second security entities, wherein the security entity hierarchy corresponds to a security object tree, wherein the first security entity and the second security entities each comprises a permissible operation, wherein the second security entities are subordinate to the first security entity, wherein the data object is associated with the first security entity and is associated with a second security entity, wherein the first security entity is associated with a first set of attributes, wherein the second security entity is associated with a second set of attributes, wherein the first set of attributes is different from the second set of attributes, wherein the second security entities are included in the plurality of security entities, wherein the object-oriented database comprises the plurality of data objects and the plurality of security entities, and wherein the adding of the security entity data to the search index entry for the data object comprises to: in response to a determination that the permissible operation for the security entity data comprises a read operation, an access operation, a view operation, or any combination thereof: traverse the security entity hierarchy downwards from the first security entity to all of the second security entities, the second security entities being children of the first security entity; and add all of the second security entities to the search index entry for the data object, wherein the first security entity inherits the access of all of the second security entities; determine whether a user has access to the data object, comprising to: determine whether the user is associated with more than one security entity; and in response to a determination that the user is associated with the more than one security entity, create another search index for another attribute, another relation, or both, wherein the user has access to a first set of data associated with the data object, and wherein the user does not have access to a second set of data associated with the data object; and in response to a determination that the user has access to the data object, allowing access to field values associated with the data object based on accessible fields of the data object; and a memory coupled to the processor and configured to provide the processor with instructions. 2. A system as in claim 1 , wherein the entry is one of a plurality of entries. 3. A method for adding security data to a search index, comprising: adding, using a processor, an entry for a data object of an object-oriented database to the search index, wherein the data object is one of a plurality of data objects; adding field data to a search index entry for the data object, wherein the field data comprises attribute data and relation data associated with the data object; adding security entity data to the search index entry for the data object, wherein the security entity data comprises a reference to a first security entity, wherein the first security entity is one of a plurality of security entities related in a security entity hierarchy, wherein the first security entity has a relation with second security entities, wherein the security entity hierarchy includes the first security entity and the second security entities, wherein the security entity hierarchy corresponds to a security object tree, wherein the first security entity and the second security entities each comprises a permissible operation, wherein the second security entities are subordinate to the first security entity, wherein the data object is associated with the first security entity and is associated with a second security entity, wherein the first security entity is associated with a first set of attributes, wherein the second security entity is associated with a second set of attributes, wherein the first set of attributes is different from the second set of attributes, wherein the second security entities are included in the plurality of security entities, wherein the object-oriented database comprises the plurality of data objects and the plurality of security entities, and wherein the adding of the security entity data to the search index entry for the data object comprises: in response to a determination that the permissible operation for the security entity data comprises a read operation, an access operation, a view operation, or any combination thereof: traversing the security entity hierarchy downwards from the first security entity to all of the second security entities, the second security entities being children of the first security entity; and adding all of the second security entities to the search index entry for the data object, wherein the first security entity inherits the access of all of the second security entities; determining whether a user has access to the data object, comprising: determining whether the user is associated with more than one security entity; and in response to a determination that the user is associated with the more than one security entity, creating another search index for another attribute, another relation, or both, wherein the user has access to a first set of data associated with the data object, and wherein the user does not have access to a second set of data associated with the data object; and in response to a determination that the user has access to the data object, allowing access to field values associated with the data object based on accessible fields of the data object. 4. A non-transitory computer readable storage medium for adding security data to a search index and comprising computer instructions for: adding, using a processor, an entry for a data object of an object-oriented database to the search index, wherein the data object is one of a plurality of data objects; adding field data to a search index entry for the data object, wherein the field data comprises attribute data and relation data associated with the data object; adding security entity data to the search index entry for the data object, wherein the security entity data comprises a reference to a first security entity, wherein the first security entity is one of a plurality of security entities related in a security entity hierarchy, wherein the first security entity has a relation with second security entities, wherein the security entity hierarchy includes the first security entity and the second security entities, wherein the security entity hierarchy corresponds to a security object tree, wherein the first security entity and the second security entities each comprises a permissible operation, wherein the second security entities are subordinate to the first security entity, wherein the data object is associated with the first security entity and is associated with a second security entity, wherein the first security entity is associated with a first set of attributes, wherein the second security entity is associated with a second set of attributes, wherein the first set of attributes

Assignees

Workday Inc

Inventors

Classifications

G06F21/6227Primary
where protection concerns the structure of data, e.g. records, types, queries · CPC title
G06F16/24573
using data annotations, e.g. user-defined metadata · CPC title
G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title
G06F16/288
Entity relationship models · CPC title
G06F2221/2141
Access rights, e.g. capability lists, access control lists, access tables, access matrices · CPC title

Patent family

Related publications grouped by family.

View patent family 47294040

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10872162B2 cover?: A system for adding security data to a search index comprises a processor and a memory. The processor is configured to select an object in a search index, wherein an entry associated with the object is stored in the search index and add security entity data to an entry of the search index corresponding to the selected object. A memory is coupled to the processor and is configured to provide the…
Who is the assignee on this patent?: Workday Inc
What technology area does this patent fall under?: Primary CPC classification G06F21/6227. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Dec 22 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).