Fine grained access control in a data lake using least privilege access

Fine grained access control in a data lake using least privilege access

An access graph is constructed based on access policy data from user accounts, data lake buckets, and/or access policy statements from any other location. Access logs are analyzed to determine actual access to the data tables. For a given user role, an initial set of data tables that are actually ac...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Thunuguntla, Saikiran Sri, SS, Anishkumar, Gupta, Raman, LS, Senthil Kumar
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An access graph is constructed based on access policy data from user accounts, data lake buckets, and/or access policy statements from any other location. Access logs are analyzed to determine actual access to the data tables. For a given user role, an initial set of data tables that are actually accessed is generated forming the baseline of data tables for which access privileges are to be maintained. User roles that are similar to the given user role are identified and additional data tables accessed by the similar user roles are added to the initial set of data tables to generate a final set of data tables. Access privileges to the final set of data tables are maintained for the given user role, while access privileges to the remaining data tables may be revoked.