Hada Satoshi,Kudo Michiharu,Seki Naishin,Tozawa Akihiko,Van Der Linden Robbert C.
申请号:
US201414326360
公开号:
US9495553(B2)
申请日:
2014.07.08
申请国别(地区):
美国
年份:
2016
代理人:
McLane Christopher`Sawyer Joseph A.
摘要:
An improved method and system for providing path-level access control to a structured document in a collection stored in a database, where the structured document includes a plurality of nodes is disclosed. The method includes the steps of providing an access control policy for the collection, where the access control policy comprises a plurality of access control rules, generating a path for each node of the plurality of nodes in the document, and generating for each path associated with a node a corresponding value expression based on at least one access control rule of the plurality of access control rules. According to the method and system of the present invention, the corresponding value expression is utilized during access control evaluation to determine whether a user is allowed to access a node in the structured document.
