Method and system for safeguarding database relations against unauthorized access

US 10,380,354 B2
Filed: 08/12/2016
Issued: 08/13/2019
Est. Priority Date: 02/12/2014
Status: Active Grant

First Claim

Patent Images

1. A method for protecting the values of attributes of a dataset (DS), that are stored in a first relation (T1) of a database, against unauthorized access, wherein a foreign key attribute value (FK) of the dataset refers to a key (K) of the first relation (T1) or a second relation (T2), whereinthe foreign key attribute value (FK) is stored in a mapping relation (TM),the values of a number of attributes (F) of a dataset, that are not foreign key attributes, are stored in the first relation (T1),the first relation (T1) is stored in a permanent memory (PM),the mapping relation (TM) being stored in a volatile (CUA) memory only in a secured, hermetically sealed infrastructure, so that mapping relation (TM) is deleted fully, the instant the power supply is interrupted,cryptographic keys enabling the encryption and decryption of dataset (DS) are stored in the volatile (CUA) memory only, so that the cryptographic keys are deleted fully, the instant the power supply is interrupted, andcomputer resources of the sealed infrastructure are connected to a sealing control unit that monitors electromechanical components of the computer resources and the sealed infrastructure, wherein the sealing control unit deactivates the power supply to the volatile memory (CUA) if the sealing control unit detects unauthorized access to the computer resource.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided for safeguarding values of attributes of a data record that can be stored in a first relational database against unauthorized access, wherein a value of a foreign key attribute of the data record refers to a key for the first relation or for a second relation, and wherein the value of the foreign key attribute is stored in a mapping relation, the values of attributes of the data record that are not foreign key attributes are stored in the first relation, and the mapping relation is stored in a volatile data memory.

Citations

11 Claims

1. A method for protecting the values of attributes of a dataset (DS), that are stored in a first relation (T1) of a database, against unauthorized access, wherein a foreign key attribute value (FK) of the dataset refers to a key (K) of the first relation (T1) or a second relation (T2), whereinthe foreign key attribute value (FK) is stored in a mapping relation (TM),the values of a number of attributes (F) of a dataset, that are not foreign key attributes, are stored in the first relation (T1),the first relation (T1) is stored in a permanent memory (PM),the mapping relation (TM) being stored in a volatile (CUA) memory only in a secured, hermetically sealed infrastructure, so that mapping relation (TM) is deleted fully, the instant the power supply is interrupted,cryptographic keys enabling the encryption and decryption of dataset (DS) are stored in the volatile (CUA) memory only, so that the cryptographic keys are deleted fully, the instant the power supply is interrupted, andcomputer resources of the sealed infrastructure are connected to a sealing control unit that monitors electromechanical components of the computer resources and the sealed infrastructure, wherein the sealing control unit deactivates the power supply to the volatile memory (CUA) if the sealing control unit detects unauthorized access to the computer resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the value of a primary key attribute (PK) of the dataset (DS) is stored, in addition to the value of the foreign key attribute (FK), in the mapping relation (TM), wherein the foreign key attribute value (FK) and the primary key attribute value (PK) of the dataset (DS) create a mapping dataset (MDS) in the mapping relation (TM).
  - 3. The method of claim 1, wherein a primary key attribute (PK) of the dataset (DS) is derived from a number of key attributes of the dataset (DS).
  - 4. The method of claim 1, wherein the following is stored, in addition, for each respective mapping dataset (MDS) in the mapping relation (TM), given multiple first relations (T1), in which datasets (DS) comprising foreign key attribute values may be stored:
    - a first relation ID (RK1), which comprises information referring to which first relation (T1) of the multiple first relations the respective mapping dataset (MDS) is attributed, anda first column ID (SK1), which comprises information referring to which of the dataset'"'"'s (DS) foreign key attributes (FK) the foreign key attribute value stored in the mapping dataset (DS) is attributed.
  - 5. The method of claim 1, wherein, given multiple relations in the volatile (CUA) memory, in which datasets (DS) comprising foreign key attribute values may be stored, a mapping relation (TM) is created for each of the first relations (T1), wherein the foreign key attribute values (FK) of the respective datasets (DS) and the value of the primary key attribute (PK) are stored in named mapping relation (TM), in addition to the dataset'"'"'s (DS) foreign key attribute value (FK).
  - 6. The method of claim 5, wherein the mapping relation (TM) stores, in addition, a first column ID (SK1) for each mapping dataset (MDS), which comprises information referring to which of the dataset'"'"'s (DS) foreign key attributes (FK) the foreign key attribute value stored in the respective mapping dataset (MDS) is attributed.
  - 7. The method of claim 4, wherein the following is stored, in addition, in the mapping relation (TM) for each respective mapping dataset (MDS):
    - a second relation ID (RK2), which comprises information as to which second relation (T2) is referenced by multiple second relations of the mapping dataset'"'"'s (MDS) foreign key attribute value, anda second column ID (SK2), which comprises information as to which key (K) is referenced by the mapping dataset'"'"'s (MDS) foreign key attribute value in the second relation (T2).
  - 8. The method of claim 1, wherein the first relation (T1) stores, in addition, the dataset'"'"'s (DS) value of the foreign key attribute (FK), wherein the dataset'"'"'s (DS) value of the foreign key attribute (FK) is encrypted cryptographically, preferably via a cryptographic key attributed to the dataset owner.
  - 9. The method of claim 8, wherein a value of at least one of the dataset'"'"'s (DS) further attributes (F), that is not a foreign key attribute, is encrypted cryptographically, in addition to the value of the foreign key attribute (FK).
  - 10. The method of claim 9, wherein the value of the new dataset'"'"'s (DS) foreign key attribute values (FK) and primary key attribute values (PK) are stored in the mapping relations (TM), and wherein, in any event, the values of the foreign key attributes (FK) in the first relation (T1) are encrypted cryptographically, when a dataset (DS) is created.
  - 11. The method of claim 10, wherein the mapping relations (TM) are stored, in addition, in a redundant volatile CUA memory (CUA2).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Uniscon Universal Identity Control Gmbh (T?V S?d AG)
Original Assignee
Uniscon Universal Identity Control Gmbh (T?V S?d AG)
Inventors
Jager, Hubert, Nguyen, Dau Khiem, Karatzas, Christos
Primary Examiner(s)
Getachew, Abiy

Application Number

US15/235,398
Publication Number

US 20160350540A1
Time in Patent Office

1,096 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/2272   Management thereof

G06F 21/602   Providing cryptographic fac...

G06F 21/6227   where protection concerns t...

G06F 21/6254   by anonymising data, e.g. d...

Method and system for safeguarding database relations against unauthorized access

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for safeguarding database relations against unauthorized access

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links