Board Meeting - Security Models

Steve:As you know I am very keen about the security of my documents crawled. What are the security models supported in this XML connector framework?

Timothy: SES supports all the three security models:

1. Public - With this, you can access all the documents.
2. Attribute-Based - This is one of the security models used by SES to determine user authorization. In this model, a user is authorized to view search hits corresponding to his/her identity as well as the groups to which the user belongs. For example, if a document is accessible to users ‘u1’ and ‘u2’ groups ‘g1’ and ‘g2’, users ‘u1’, ‘u2’ and members of groups ‘g1’ and ‘g2’ are authorized to view the document in the search hit list.
3. Identity-Based - This is another security model used by SES in which the source being crawled can define certain attributes as security attributes. The values of these attributes for the documents in the source will be used to determine the documents authorized for a given user. For example, consider a source that defines attributes ‘a1’ and ‘a2’ as security attributes. Let a document ‘d’ belonging to the source contains values ‘v11’ and ‘v21’ as values of attributes ‘a1’ and ‘a2’ respectively. When a user ‘u’ logs-in into SES, sets of values ‘s1’ and ‘s2’ of attributes ‘a1’ and ‘a2’ respectively that are authorized for the given user are determined. The user ‘u’ can view the document ‘d’ if the sets ‘s1’ and ‘s2’ contain values ‘v11’ and ‘v21’ respectively.