Browse Prior Art Database

Security Profiles Disclosure Number: IPCOM000237164D
Publication Date: 2014-Jun-06
Document File: 2 page(s) / 35K

Publishing Venue

The Prior Art Database


Disclosed is a security system that grants permissions and levels of security based on a user’s Security Profile.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 2

Security Profiles

Time series charts and reports are using aggregated accumulated data created by an accumulator . A user may see only aggregated data filtered using user security permissions.

A system is needed that allows the creation of accumulated data using a user's network, log source, asset groups, and other permissions.

The novel contribution is a security system that grants permissions and levels of security based on a user's Security Profile. The Security Profile defines the user's access, such as:

• Network level permissions
• Device level permissions
• Event categories
• Future permissions (asset groups, etc.)

The Security Profile must have a unique numeric identifier (ID). Each user can belong to only one Security Profile, but multiple users may belong to the same profile. The Security Profile is versioned; each change to the profile can optionally increase the version number, allowing the system to discard previous data if the system administrator does not want the user(s) to access it. This version must be accompanied by a time stamp indicating when it was modified. After a version change, user(s) are forced to log out of the system. In addition, Security Profile changes have to be deployed using a staging process to avoid the deployment/reload of small configuration changes for system components.

This approach also provides backward compatibility. After deployment of the new version, the user must be able to see old accumulated data in the same manner as it was seen before an upgrade .

To determine user access to stored data in the searches, fast predicat...