Abstract: The present disclosure relates to utilizing a distributed data management system to provide improved data management, redundancy, and reliability in distributed directory systems. To illustrate, a distributed data management system improves existing distributed directory systems by relocating and distributing the management of data records from a centralized cache device to the backend storage partition devices. In this manner, the backend storage partition devices become responsible for automatically pushing data record metadata and changes to the centralized cache device, which only passively redirects the incoming requests to the proper backend storage partition devices. Additionally, the backend storage partition devices automatically resolve conflicts and restore lost data if the centralized cache device or a backend storage partition device suffers from faults or device failures.

Abstract: A data processing system for controlling data access to a secured resource of a distributed system implements receiving, from a first user device of a first user, a first request to access a secured resource and a first security token, the first security token including group information for one or more first access control groups associated with the secured resource of which the first user is a member; accessing group access policy information for groups associated with the secured resource; determining, based on the group information included in the first security token and the group access policy information, that the first user is a member of at least one group that is permitted to access the secured resource; and permitting the first user device of the user to access the secured resource responsive to determining that the first user is a member of at least one group that is permitted to access the secured resource.