Abstract: A method, apparatus and computer program product for policy-based access control in association with a sorted, distributed key-value data store in which keys comprise n-tuple structure that includes a cell-level access control. In this approach, an information security policy is used to create a set of pluggable policies. A pluggable policy may be used during data ingest time, when data is being ingested into the data store, and a pluggable policy may be used during query time, when a query to the data store is received for processing against data stored therein. Generally, a pluggable policy associates one or more user-centric attributes (or some function thereof), to a particular data-centric label. By using pluggable policies, preferably at both ingest time and query time, the data store is enhanced to provide a seamless and secure policy-based access control mechanism in association with the cell-level access control enabled by the data store.

Abstract: A method of data analysis is enabled by receiving raw data records extracted from one or more data sources, and then generating from the data records an entity-relationship model. The entity-relationship model comprises more entity instances, and one or more relationships between those entity instances. Data analysis of the model is facilitated using one or more provenance links. A provenance link associates raw data records and one or more entity instances. Using a visual explorer that displays a set of entity instances and relationships from a selected entity-relationship model, a user can display details for an entity instance, and see relationships between and among entity instances. By virtue of the underlying linkage provided by the provenance links, the user can also display source records for an entity instance, and display entity instances for a source record. The technique facilitates Big Data analytics.

Abstract: A method, apparatus and computer program product for policy-based access control in association with a sorted, distributed key-value data store in which keys comprise n-tuple structure that includes a cell-level access control. In this approach, an information security policy is used to create a set of pluggable policies. A pluggable policy may be used during data ingest time, when data is being ingested into the data store, and a pluggable policy may be used during query time, when a query to the data store is received for processing against data stored therein. Generally, a pluggable policy associates one or more user-centric attributes (or some function thereof), to a particular data-centric label. By using pluggable policies, preferably at both ingest time and query time, the data store is enhanced to provide a seamless and secure policy-based access control mechanism in association with the cell-level access control enabled by the data store.

Abstract: A method, apparatus and computer program product for policy-based access control in association with a sorted, distributed key-value data store in which keys comprise a cell-level access control. In this approach, an information security policy is used to create a set of pluggable policies. A pluggable policy may be used during data ingest time, when data is being ingested into the data store, and a pluggable policy may be used during query time, when a query to the data store is received for processing against data stored therein. Generally, a pluggable policy associates one or more user-centric attributes (or some function thereof), to a particular set of data-centric attributes. By using pluggable policies, preferably at both ingest time and query time, the data store is enhanced to provide a seamless and secure policy-based access control mechanism in association with the cell-level access control enabled by the data store.