Document-Level Attribute-Based Access Control with X-Pack 6.1

2 news today, 367 news this week, 6098 news in total. 193 Projects.
Thanks to a new feature in Lucene 7.1, the CoveringQuery , and the exposure of that feature in the new terms_set query released with Elasticsearch 6.1, it is possible to setup an attribute-based access control (ABAC) scheme for documents stored in Elasticsearch. This works by leveraging the templated role query mechanism for document level security within the X-Pack security role-based access control (RBAC) feature. Background There is a long, gnarly, and branching history of trying to describe and implement a complete and coherent scheme to control access to things. Cryptography to protect ac...
Elastic Search
Reference terms