Security in search engines is a wide subject.
The "small solution" is just to hand over authorization tokens, index them,
and later add filters to all queries automatically. This could be done by a
web front-end proxy placed before the Elasticsearch index/search REST API.
I think the most preferred way to have document-level security would be a
"big solution", i.e. writing an Elasticsearch security plugin with the
following features included
- transport layer security between client and server (TLS)
- server awareness of client identity (establish ACL/role based security)
- secure indexing: only allow authorized clients to write documents
(perform ACL/role-based checks) - secure query: index visibility, document visibility, filter query results
due to client authorization - enforce document / index data integrity (checksums, end-to-end security)
- constraint violation alerting
- and, really advanced stuff, adjust highlighting to filter out sensitive
(restricted) fields (privacy) - even more "paranoid" stuff
Most of the work could be taken over by front-end web processes, and the
Elasticsearch security plugin could offer some conventions for a security
model, i.e. rules for where index/document-level TLS/ACL/Role stuff is
stored and how it is used by clients via a REST API.
Best regards,
Jörg