Five Advantages of Unified Information Access (UIA)

By Sid Probstein, CIO |  IT Management, enterprise search

The key to database security is the notion of "tables" and relationships between them. (The "relational" in "relational database" refers to this exact capability.) Enterprise search engines are not databases, however; they are document-centric, not table-centric. They typically store permissions for a document as fields in the document -- along with common fields like "Title" and "Body" and "Author." As with the database, the users' credentials are added to the query and thus the user matches only documents they are authorized to see -- and it works, so long as the security environment isn't changing. However, a simple act like changing permissions on a folder with a few thousand documents on it can create a massive security breach as the documents are fetched, reprocessed with updated ACLs and then indexed. A single large PDF can take 10 seconds to process; if you have a few thousand of those, you are looking at minutes of time before the search index matches up with the permissions.

Search vendors have tried to fix this in several ways, most notably using a separate relational database to store the user and group permissions, running the query against the search index without security, then using the database to filter each result as it goes back to the user. There are many unfortunate side-effects of this model, including poor performance, and potential security leaks through spelling suggestions or facets or navigators. (Such useful capabilities are calculated by the search engine, but can't easily be filtered by the database.)

In the absence of a clear solution, companies often opt to leave secure unstructured information out of internal solutions, never mind trying to provide access to several secure silos at once. Putting unstructured information in a database is equally unappealing. Fortunately, UIA offers the best answer: it models the security data as a database would, keeping documents separate. At query time the users' credentials are used to identify the information they are authorized to see, and this is joined up with the information that matches the query -- including facets and spelling suggestions. There is no need to use a database, accept long security "synchronization issues" or leave secured information out of the index.

In summary, by adopting the UIA approach, companies can rapidly combine and leverage information across the enterprise -- secured, unsecured, internal, external, structure and unstructured -- and all points in between.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness