Facilitating dynamic end-to-end integrity for data repositories in an on-demand services environment
First Claim
1. A method comprising:
- receiving, by a dynamic security verification device in a multi-tenant database system, a content file having at least one of data and metadata, wherein the content file includes embedded security data representing multiple integrity checks to ensure the content file is protected from tampering or unauthorized accesses, wherein the multiple integrity checks include at least two end-to-end checks of the content file, an author of the content file, and a consumer of the content file, wherein the dynamic security verification device is capable of tracing back the multiple integrity checks to origin of the embedded security data without having to shift from the dynamic security verification device to another security verification device, wherein the origin of the embedded security data refers to a development code including a source code;
prior to submission of the content file to a data repository, performing, by the security verification device, a first integrity check of the multiple integrity checks to authenticate the author of the content file by selectively confirming a first component of the embedded security data;
performing, by the dynamic security verification device, a second integrity check of the multiple integrity checks when submitting the content file to the data repository to authenticate the consumer of the content file by selectively confirming a second component of the embedded security data;
wherein the first and second components include a combination of at least two or more of one or more cryptographic signatures, one or more digital fingerprints, one or more public or private keys, one or more timestamps, and authorship data identifying at least one of the data, the metadata, the author, and the consumer; and
determining, by the security verification device, whether to allow submission of the content file to the data repository based on a result of the first integrity check or the second integrity check, wherein the first integrity check is extended to include verifying built artifacts including an original source code supported by the embedded security data, wherein the second integrity check is extended to include verifying a running code based on the original code.
2 Assignments
0 Petitions
Accused Products
Abstract
In accordance with embodiments, there are provided mechanisms and methods for facilitating dynamic end-to-end integrity for data repositories in an on-demand services environment, where a database system-implemented method includes receiving, by the database system, a content file and metadata to be submitted to a data repository of the database system. The content file may include content, where the metadata may include identifying data associated with at least one of the content and a user associated with the content. The method may include verifying, by the database system, the identifying data of the metadata. The verification of the identifying data represents authentication of at least one of the user and the content. The method may include submitting, by the database system, the content file and the metadata to the data repository, upon authentication of at least one of the user and the content via successful verification of the identifying data.
136 Citations
18 Claims
-
1. A method comprising:
-
receiving, by a dynamic security verification device in a multi-tenant database system, a content file having at least one of data and metadata, wherein the content file includes embedded security data representing multiple integrity checks to ensure the content file is protected from tampering or unauthorized accesses, wherein the multiple integrity checks include at least two end-to-end checks of the content file, an author of the content file, and a consumer of the content file, wherein the dynamic security verification device is capable of tracing back the multiple integrity checks to origin of the embedded security data without having to shift from the dynamic security verification device to another security verification device, wherein the origin of the embedded security data refers to a development code including a source code; prior to submission of the content file to a data repository, performing, by the security verification device, a first integrity check of the multiple integrity checks to authenticate the author of the content file by selectively confirming a first component of the embedded security data; performing, by the dynamic security verification device, a second integrity check of the multiple integrity checks when submitting the content file to the data repository to authenticate the consumer of the content file by selectively confirming a second component of the embedded security data; wherein the first and second components include a combination of at least two or more of one or more cryptographic signatures, one or more digital fingerprints, one or more public or private keys, one or more timestamps, and authorship data identifying at least one of the data, the metadata, the author, and the consumer; and determining, by the security verification device, whether to allow submission of the content file to the data repository based on a result of the first integrity check or the second integrity check, wherein the first integrity check is extended to include verifying built artifacts including an original source code supported by the embedded security data, wherein the second integrity check is extended to include verifying a running code based on the original code. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising a dynamic security verification device having one or more processors coupled to a memory, the one or more processors to perform operations comprising:
-
receiving a content file having at least one of data and metadata, wherein the content file includes embedded security data representing multiple integrity checks to ensure the content file is protected from tampering or unauthorized accesses, wherein the multiple integrity checks include at least two end-to-end checks of the content file, an author of the content file, and a consumer of the content file, wherein the dynamic security verification device in a multi-tenant database system is capable of tracing back the multiple integrity checks to origin of the embedded security data without having to shift from the dynamic security verification device to another security verification device, wherein the origin of the embedded security data refers to a development code including a source code; prior to submission of the content file to a data repository, performing a first integrity check of the multiple integrity checks to authenticate the author of the content file by selectively confirming a first component of the embedded security data; performing a second integrity check of the multiple integrity checks when submitting the content file to the data repository to authenticate the consumer of the content file by selectively confirming a second component of the embedded security data; wherein the first and second components include a combination of at least two or more of one or more cryptographic signatures, one or more digital fingerprints, one or more public or private keys, one or more timestamps, and authorship data identifying at least one of the data, the metadata, the author, and the consumer; and determining whether to allow submission of the content file to the data repository based on a result of the first integrity check or the second integrity check, wherein the first integrity check is extended to include verifying built artifacts including an original source code supported by the embedded security data, wherein the second integrity check is extended to include verifying a running code based on the original code. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory machine-readable medium comprising instructions which, when executed by a computing device, cause the computing device to perform operations comprising:
-
receiving a content file having at least one of data and metadata, wherein the content file includes embedded security data representing multiple integrity checks to ensure the content file is protected from tampering or unauthorized accesses, wherein the multiple integrity checks include at least two end-to-end checks of the content file, an author of the content file, and a consumer of the content file, wherein the computing device includes a dynamic security verification device in a multi-tenant database system, wherein the dynamic security verification device is capable of tracing back the multiple integrity checks to origin of the embedded security data without having to shift from the dynamic security verification device to another security verification device, wherein the origin of the embedded security data refers to a development code including a source code; prior to submission of the content file to a data repository, performing, by the single verification system, a first integrity check of the multiple integrity checks to authenticate the author of the content file by selectively confirming a first component of the embedded security data; performing a second integrity check of the multiple integrity checks when submitting the content file to the data repository to authenticate the consumer of the content file by selectively confirming a second component of the embedded security data; wherein the first and second components include a combination of at least two or more of one or more cryptographic signatures, one or more digital fingerprints, one or more public or private keys, one or more timestamps, and authorship data identifying at least one of the data, the metadata, the author, and the consumer; and determining, by the verification system, whether to allow submission of the content file to the data repository based on a result the first integrity check or the second integrity check, wherein the first integrity check is extended to include verifying built artifacts including an original source code supported by the embedded security data, wherein the second integrity check is extended to include verifying a running code based on the original code. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification