摘要 |
Managing access to a database within a distributed system comprising a client device, a server, and the database. Allocating authorities for access to entities within the database to a plurality of principals; generating an authority map and transmitting the authority map to the client device, so that operational access to an entity can be determined using precedence of the authorities allocated to the principal and relevant to the entity. The key for the access map may use an identifier for the database entity and the type(s) of operation which can be performed, such as deletion. The key maps to a list of authorities ordered by precedent, so that access may be granted or denied when allocated to a principal user. This allows client side determination of access privileges in a distributed database, which may reduce latency by shifting processing overhead to the client whilst maintaining data security. |