FAST Security
Security guidelines apply to an enterprise search system in three areas. First, such guidelines must recognize permission levels on documents stored in the search engine as well as recognize the user’s identity at query time. Second, an enterprise search engine must validate that all query requests are issued by authorized clients and that content connectors respect every content repository’s access model. Third, when executing a query, an enterprise search system must always align the user’s permission rights with the permission levels of the content they can see in the results list.
FAST ESP can be integrated into the security fabric of the organization to provide an end-to-end secure enterprise search solution that addresses security in all critical areas: content, the search application and the server environment:
- Content-level security uses folder and document level access control within applications to ensure appropriate privacy. This access control logic is then respected by FAST ESP and other applications that connect to the content.
- FAST ESP maps the authorization attributes of the original content to the search index in an efficient way, so end users are allowed to see only those search results to which they are entitled
Source: FAST ESP Brochure 2007