Data security system for a database
First Claim
1. A method for processing of data that is to be protected, comprising the measure of storing the data as encrypted data element values (DV) in records (P) in a first database (O-DB), each data element value being linked to a corresponding data element type (DT), characterised by the steps of storing in a second database (IAM-DB) a data element protection catalogue (DC), which for each individual data element type (DT) contains one or more protection attributes stating processing rules for data element values (DV), which in the first database (O-DB) are linked to the individual data element type (DT), for each user-initiated measure aiming at processing of a given data element value (DV) in the first database (O-DB), initially producing a compelling calling to the data element protection catalogue for collecting the protection attribute/attributes associated with the corresponding data element type, and compellingly controlling the user'"'"'s processing of the given data element value in conformity with the collected protection attribute/attributes.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and an apparatus for processing data provides protection for the data. The data is stored as encrypted data element values (DV) in records (P) in a first database (O-DB), each data element value being linked to a corresponding data element type (DT). In a second database (IAM-DB), a data element protection catalogue (DC) is stored, which for each individual data element type (DT) contains one or more protection attributes stating processing rules for data element values (DV), which in the first database (O-DB) are linked to the individual data element type (DT). In each user-initiated measure which aims at processing a given data element value (DV) in the first database (O-DB), a calling is initially sent to the data element protection catalogue for collecting the protection attribute/attributes associated with the corresponding data element types. The user'"'"'s processing of the given data element value is controlled in conformity with the collected protection attribute/attributes.
60 Citations
8 Claims
-
1. A method for processing of data that is to be protected, comprising the measure of storing the data as encrypted data element values (DV) in records (P) in a first database (O-DB), each data element value being linked to a corresponding data element type (DT), characterised by the steps of
storing in a second database (IAM-DB) a data element protection catalogue (DC), which for each individual data element type (DT) contains one or more protection attributes stating processing rules for data element values (DV), which in the first database (O-DB) are linked to the individual data element type (DT), for each user-initiated measure aiming at processing of a given data element value (DV) in the first database (O-DB), initially producing a compelling calling to the data element protection catalogue for collecting the protection attribute/attributes associated with the corresponding data element type, and compellingly controlling the user'"'"'s processing of the given data element value in conformity with the collected protection attribute/attributes.
-
8. An apparatus for processing data that is to be protected, comprising a first database (O-DB) for storing said data as encrypted data element values (DV) in records (P), each data element value being linked to a corresponding data element type (DT), characterised by
a second database (IAM-DB) for storing a data element protection catalogue (DC), which for each individual data element type (DT) contains one or more protection attributes stating processing rules for data element values (DV), which in the first database (O-DB) are linked to the individual data element type (DT), means which are adapted, in each user-initiated measure aiming at processing a given data element value (DV) in the first database (O-DB), to initially produce a compelling calling to the data element protection catalogue for collecting the protection attribute/attributes associated with the corresponding data element types, and means which are adapted to compellingly control the user'"'"'s processing of the given data element value in conformity with the collected protection attribute/attributes.
Specification