Evaluating security of data access statements
First Claim
1. A method for evaluating data access statements with respect to database security, comprising:
- evaluating criticality of two or more Structured Query Language (SQL) statements, each statement from a different session of two or more sessions accessing, from a first computing system, a database implemented on a data server;
generating, on the data server, a critical item set from the two or more sessions, each element in the critical item set indicating one or more SQL statements in a session of the two or more sessions;
extracting at least one association rule from the critical item set, each of the at least one association rule indicating a sequence of SQL statements in a session of the two or more sessions;
calculating criticality of each of the at least one association rule;
evaluating a session based upon a criticality of the at least one association rule;
terminating, by the data server, the session based upon a result of the evaluating the session based upon the criticality;
ranking, by the data server, at least two association rules by the criticality of each of the at least two association rules; and
specifying, the data server, a security policy corresponding to each of the at least two association rules according to the ranking.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are provided for evaluating the security of data access statements. Specifically, in one embodiment of the claimed subject matter there is provided a technique for evaluating the security of data access statements, comprising: evaluating the criticality of multiple SQL statements contained in multiple sessions accessing a database; generating a critical item set from the multiple sessions, each element in the critical item set indicating one or more SQL statements contained in a session; extracting at least one association rule from the critical item set, each of the at least association rule indicating a sequence of SQL statements contained in a session; and calculating the criticality of each of the at least one association rule.
-
Citations
9 Claims
-
1. A method for evaluating data access statements with respect to database security, comprising:
-
evaluating criticality of two or more Structured Query Language (SQL) statements, each statement from a different session of two or more sessions accessing, from a first computing system, a database implemented on a data server; generating, on the data server, a critical item set from the two or more sessions, each element in the critical item set indicating one or more SQL statements in a session of the two or more sessions; extracting at least one association rule from the critical item set, each of the at least one association rule indicating a sequence of SQL statements in a session of the two or more sessions; calculating criticality of each of the at least one association rule; evaluating a session based upon a criticality of the at least one association rule; terminating, by the data server, the session based upon a result of the evaluating the session based upon the criticality; ranking, by the data server, at least two association rules by the criticality of each of the at least two association rules; and specifying, the data server, a security policy corresponding to each of the at least two association rules according to the ranking. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification