Data processing: presentation processing of document – operator i – Presentation processing of document – Layout
Reexamination Certificate
1999-08-30
2003-07-01
Herndon, Heather R. (Department: 2176)
Data processing: presentation processing of document, operator i
Presentation processing of document
Layout
C715S252000, C715S252000
Reexamination Certificate
active
06585778
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a computer system, and deals more particularly with a method, system, and computer program product for enforcing data policy using style sheet processing.
2. Description of the Related Art
“Data policy”, as used herein, refers to the procedures and rules used to control access to stored data. Prior to the advent of distributed network computing, data policy was something left to the data source to enforce, and often was limited to a simple access control check based on the identity of the requester. (As used herein, “data source” refers to an application program executing at an application server from which the data is available, servicing user requests for the stored data.) With the move toward highly distributed networks of applications, devices, and users, this simplistic model for access control is no longer acceptable. This is due to the fact that as applications have become more decentralized, it often becomes unclear what exactly may be the source of particular data. For example, it may be possible that the data was originally obtained by gathering portions thereof from a variety of disparate sources. In this case, what appears to be the data source may be simply the data gatherer instead of the data creator. Furthermore, this data may go through some form of transformation, and because of this, the perceived source of the transformed data may be the data transformer instead of the true data source. In a similar fashion, the true target for the data may be unclear as the data flows through intermediate points (such as gateways) in the network. Because of these factors and the complexity they add, the need to enforce usage policies using more sophisticated techniques than simple access control has become critical.
To illustrate this problem, suppose a target user “Sam” requests some data such as “contact information for Smith” from a data source such as an employee directory. In this scenario, Sam's request is sent from his client machine to a server executing an application program which responds to requests for information from the data source (i.e. this employee directory). This application program enforces data policy to decide what, if any, contact information Sam should see about Smith. In the existing art, pertinent factors might be whether Sam has provided a valid password; whether Sam works within the company for which the employee directory is maintained; whether Sam works in a particular department of this company (such as the human resources department) that gives Sam broader access to Smith's information; etc. In this example, if Sam provides a valid password and is an employee not working in human resources, then one type of filtering process may be applied to Smith's information (filtering out all personal and salary data, for example) before the result is delivered to Sam; if Sam works in the human resources department, then a different filter (or perhaps no filter) is applied to Smith's information. Techniques for controlling access in this manner are well known. Sam has provided a valid password; whether Sam works within the company for which the employee directory is maintained; whether Sam works in a particular department of this company (such as the human resources department) that gives Sam broader access to Smith's information; etc. In this example, if Sam provides a valid password and is an employee not working in human resources, then one type of filtering process may be applied to Smith's information (filtering out all personal and salary data, for example) before the result is delivered to Sam; if Sam does works in the human resources department, then a different filter (or perhaps no filter) is applied to Smith's information. Techniques for controlling access in this manner are well known.
A distributed networking computing environment, however, introduces the need for having more sophisticated access policies in place. For example, it becomes necessary to view Sam in light of additional factors such as the device he is using and the location of that device. That is, while the access policy in place may permit Sam to see one set of information regarding Smith on his office computer attached to a secure local area network (LAN), it may be inappropriate for him to see some of the details of this same set of information on his cellular phone screen in a public airport. In this case, the target context (e.g. Sam is using a cell phone, and is connected using a cellular network) may be needed for correct policy enforcement. Pertinent factors in a target context include the user's identification, device type, network connection type, and any application-specific limitations of the application being executed. This target context may not be available to the server application handling requests for information from the employee directory (the true source of the data), and thus the server application is unable to enforce data policy correctly based on the requester's target context. For example, if the data for Smith is voluminous and the server application is unable to detect (as is highly likely) that Sam is using a cell phone with a relatively expensive wireless network connection, then this large amount of data will be transmitted to Sam in an expensive, time-consuming transmission—even though he will likely give up trying to view it because of the inherent display limitations of his end-user device.
While sufficient target context information for enforcing data policy is typically not available to a server application, in today's distributed environments this target context is often known to at least some portion of the distributed network such as the gateway into a wireless or wired network and other intermediaries (such as transcoding proxies or transcoding Web servers) in a complex delivery chain between the client and the server. Modifying these intermediaries to forward the target context to the server applications so that the server applications can enforce the data policy is not a viable solution in a distributed networking environment, however, as will now be discussed.
To further illustrate the problems of enforcing data policy in a distributed environment, suppose Sam is not an employee of the company to which the employee directory pertains, but is merely an Internet Web user accessing this directory through the company's Web site. Data policy based upon classifications of users, such as employee vs. non-employee, are common. While it may be appropriate to provide Sam with an external telephone number or e-mail address of an employee to facilitate communications, other information stored in the directory (such as the employee's department title or office location) may be inappropriate for providing to non-employees. Or, it may be desirable to restrict the volume of data provided to non-employees, for example to prevent advertisers from sending electronic mass mailings to the employees (by obtaining large numbers of e-mail addresses) or to prevent employment agencies from extracting a large portion of the company's stored phone book information. The true data source of this company's employee directory information is likely to be multiple data sources—that is, a collection of geographically dispersed directory servers in various divisions of the company, each having only a subset of the complete company-wide employee directory. For requests from users such as Sam who are interacting with the company's Web site, the Web application servicing these requests is then merely an information gatherer. Moreover, it is possible that these distributed directory servers may have different implementations whereby different information is stored for employees; they may use different formats for the data that is stored; and they may have different restrictions regarding the use of the data they contain (i.e. different data policies). For example, the sales division might allow external users s
Hind John Raithel
Lindquist David B.
Topol Brad B.
Wesley Ajamu A.
Bieneman Charles A.
Doubet Marcia L.
Herndon Heather R.
Ray-Yarletts Jeanine S.
LandOfFree
Enforcing data policy using style sheet processing does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Enforcing data policy using style sheet processing, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Enforcing data policy using style sheet processing will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3076197