Real life information retrieval (panel): commercial search engines
Proceedings of the 20th annual international ACM SIGIR conference on Research and development in information retrieval
Navigating large-scale semi-structured data in business portals
Proceedings of the 27th International Conference on Very Large Data Bases
WWW '03 Proceedings of the 12th international conference on World Wide Web
Enterprise Search: Tough Stuff
Queue - Search Engines
Challenges in enterprise search
ADC '04 Proceedings of the 15th Australasian database conference - Volume 27
Towards the next generation of enterprise search technology
IBM Systems Journal
Leveraging semantic technologies for enterprise search
Proceedings of the ACM first Ph.D. workshop in CIKM
Search in social networks with access control
Proceedings of the 2nd International Workshop on Keyword Search on Structured Data
Finding relevant information of certain types from enterprise data
Proceedings of the 20th ACM international conference on Information and knowledge management
Hi-index | 0.01 |
Document level security (DLS) -- enforcing permissions prevailing at the time of search -- is specified as a mandatory requirement in many enterprise search applications. Unfortunately, depending upon implementation details and values of key parameters, DLS may come at a high price in increased query processing time, leading to an unacceptably slow search experience. In this paper we present a model and a method for carrying out secure search in the presence of DLS within enterprise webs. We report on two alternative commercial DLS search implementations. Using a 10,000 document experimental DLS environment, we graph the dependence of query processing time on result set size and visibility density for different classes of user. Scaled up to collections of tens of thousands of documents, our results suggest that query times will be unacceptable if exact counts of matching documents are required and also for users who can view only a small proportion of documents. We show that the time to conduct access checks is dramatically increased if requests must be sent off-server, even on a local network, and discuss methods for reducing the cost of security checks. We conclude that enterprises can effectively reduce DLS overheads by organizing documents in such a way that most access checking can be at collection rather than document level, by forgoing accurate match counts, by using caching, batching or hierarchical methods to cut costs of DLS checking and, if applicable, by using a single portal both to access and search documents.