The present invention relates generally to information security systems and methods, and more particularly, to a search mechanism for content based information security repositories.
Content based information security (CBIS) supports multiple levels of security by storing each information object as an encrypted object. These encrypted objects can only be decrypted by users that possess an appropriate key.
The problem with conventional implementations relates to the search process. Typically search engines have a set of metadata (such as keywords) that is searched and then a short description of the searched information (encrypted information object) is passed back to a user for each “hit” found in the search.
Since this search process serves multiple levels of security, a problem exists wherein, if the metadata is multilevel, then there is a danger that higher level information might be inadvertently disclosed. Even if the metadata and descriptions are unclassified, the existence of a higher level information object associated with the request keywords might be disclosed.
It would be desirable to overcome these problems to provide for a secure mechanism for searching for information.