Internal security system for a relational database system

US 20030023868A1
Filed: 07/27/2001
Published: 01/30/2003
Est. Priority Date: 07/27/2001
Status: Active Grant

First Claim

Patent Images

1. A internal security method for a relational database system, comprising the steps of:

(a) determining which data information from the total amount of data information stored in system databases is restricted data information that shall not be accessible by each and every 1 to N system users, where N is an integer greater than 1;

(b) determining for each system user the restricted data information that such a system user shall have access;

(c) creating at least one relational access table with each system user having at least one record in the relational access table that is keyed to that system user'"'"'s access to the restricted data information that was determined at step (b); and

(d) each system user accessing restricted data information stored in the system databases according to the relational access table created at step (c).

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An internal security method for use with a relational database system is disclosed. The method is incorporated into a database system such that there is no need for security coding be layered on top of the system application software to prevent unauthorized access to restricted database information. The method of the present invention includes at least two embodiments and at least one of the embodiments has a “down the tree view” structure.

64 Citations

View as Search Results

27 Claims

1. A internal security method for a relational database system, comprising the steps of:
- (a) determining which data information from the total amount of data information stored in system databases is restricted data information that shall not be accessible by each and every 1 to N system users, where N is an integer greater than 1;
  
  (b) determining for each system user the restricted data information that such a system user shall have access;
  
  (c) creating at least one relational access table with each system user having at least one record in the relational access table that is keyed to that system user'"'"'s access to the restricted data information that was determined at step (b); and
  
  (d) each system user accessing restricted data information stored in the system databases according to the relational access table created at step (c).
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as recited in claim 1, wherein the relational database is a structured query language database.
  - 3. The method as recited in claim 1, wherein each relational access table has a foreign key that relates to a primary key of only one system user.
  - 4. The method as recited in claim 1, wherein each relational access table created at step (c) may have access to additional restricted data information added to it by updating the relational access table after it is created.
  - 5. The method as recited in claim 1, wherein each relational access table created at step (c) may have access to certain restricted data information deleted from it by updating the relational access table after it is created.
  - 6. The method as recite in claim 1, wherein the relational database system that incorporates the internal security method includes a star schema configuration.
  - 7. The method as recite in claim 6, wherein the relational database system that incorporates the internal security method includes a full star schema configuration.

8. A internal security method for a relational database system, comprising the steps of:
- (a) determining which data information from the total amount of data information stored in system databases is restricted data information that shall not be accessible by each and every 1 to N system users, where N is an integer greater than 1;
  
  (b) determining for each system user the restricted data information that such a system user shall have access;
  
  (c) determining the hierarchical level of access for each system user with regard to the restricted data information;
  
  (d) determining for at least two system users, based on the hierarchical level of access determination at step (c), that a second system user with a lower hierarchical level of access has access to the restricted data information that is a subset of the restricted data information to which a first system user with a higher hierarchical level of access has access;
  
  (e) creating at least one relational access table for controlling the first and second system users'"'"' access to restricted data information such that the first system user will have one or more records in the relational access table that is keyed to the first system user'"'"'s access to restricted data information that is determined at step (b) joined with the second system user'"'"'s access to restricted data infornmation that is determined at step (b), and the second system user will have one or more records in the relational access table that is keyed to the second system user'"'"'s access to restricted data information that is determined at step (b); and
  
  (f) the first and second system users accessing restricted data information stored in the system databases according to the relational access table created at step (e).
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method as recited in claim 8, wherein the relational database is a structured query language database.
  - 10. The method as recited in claim 8, wherein each relational access table has a foreign key that relates to a primary key of only one system user.
  - 11. The method as recited in claim 8, wherein each relational access table created at steps (e) and (f) may have access to additional restricted data information added to them by updating the relational access table after they are created.
  - 12. The method as recited in claim 8, wherein each relational access table created at steps (e) and (f) may have access to certain restricted data information deleted from them by updating the relational access table after they are created.
  - 13. The method as recite in claim 8, wherein the relational database system that incorporates the internal security method includes a star schema configuration.
  - 14. The method as recite in claim 13, wherein the relational database system that incorporates the internal security method includes a full star schema configuration.

15. A internal security method for a relational database system, comprising the steps of:
- (a) determining which data information from the total amount of data information stored in system databases is restricted data information that shall not be accessible by each and every 1 to N system users, where N is an integer greater than 1;
  
  (b) determining for each system user the restricted data information that such a system user shall have access;
  
  (c) determining the hierarchical level of access for each system user with regard to the restricted data information;
  
  (d) determining for at least two system users, based on the hierarchical level of access determination at step (c), that a second system user with a lower hierarchical level of access has access to the restricted data information that includes other than a subset of the restricted data information to which a first system user with a higher hierarchical level of access has access;
  
  (e) creating at least one relational access table for controlling the first and second system users'"'"' access to restricted data information such that the first system user will have one or more records in the relational access table that is keyed to the first system user'"'"'s access to restricted data information that is determined at step (b) joined with the second system user'"'"'s access to restricted data infornmation that is determined at step (b), and the second system user will have one or more records in the relational access table that is keyed to the second system user'"'"'s access to restricted data information that is determined at step (b); and
  
  (f) the first and second system users accessing restricted data information stored in the system databases according to the relational access table created at steps (e).
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method as recited in claim 15, wherein the relational database is a structured query language database.
  - 17. The method as recited in claim 15, wherein each relational access table has a foreign key that relates to a primary key of only one system user.
  - 18. The method as recited in claim 15, wherein each relational access table created at steps (e) and (f) may have access to additional restricted data information added to them by updating the relational access table after they are created.
  - 19. The method as recited in claim 15, wherein each relational access table created at steps (e) and (f) may have access to certain restricted data information deleted from them by updating the relational access table after they are created.
  - 20. The method as recite in claim 15, wherein the relational database system that incorporates the internal security method includes a star schema configuration.
  - 21. The method as recite in claim 20, wherein the relational database system that incorporates the internal security method includes a full star schema configuration.

22. A internal security method for a relational database system, comprising the steps of:
- (a) determining which data information from the total amount of data information stored in system databases is restricted data information that shall not be accessible by each and every 1 to N system users, where N is an integer greater than 1;
  
  (b) determining for each system user the restricted data information that such a system user shall have access;
  
  (c) determining the hierarchical level of access for each system user with regard to the restricted data information;
  
  (d) determining for at least two system users, based on the hierarchical level of access determination at step (c), that a second system user with a lower hierarchical level of access has access to the restricted data information that is a subset and includes other than a subset of the restricted data information to which a first system user with a higher hierarchical level of access has access;
  
  (e) creating at least one relational access table for controlling the first and second system users'"'"' access to restricted data information such that the first system user will have one or more records in the relational access table that is keyed to the first system user'"'"'s access to restricted data information that is determined at step (b) joined with the second system user'"'"'s access to restricted data infornmation that is determined at step (b), and the second system user will have one or more records in the relational access table that is keyed to the second system user'"'"'s access to restricted data information that is determined at step (b); and
  
  (f) the first and second system users accessing restricted data information stored in the system databases according to the relational access table created at steps (e).
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The method as recited in claim 22, wherein the relational database is a structured query language database.
  - 24. The method as recited in claim 22, wherein each relational access table has a foreign key that relates to a primary key of only one system user.
  - 25. The method as recited in claim 22, wherein each relational access table created at steps (e) and (f) may have access to additional restricted data information added to them by updating the relational access table after they are created.
  - 26. The method as recited in claim 22, wherein each relational access table created at steps (e) and (f) may have access to certain restricted data information deleted from them by updating the relational access table after they are created.
  - 27. The method as recite in claim 22, wherein the relational database system that incorporates the internal security method includes a star schema configuration. 28. The method as recite in claim 27, wherein the relational database system that incorporates the internal security method includes a full star schema configuration.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Patrice P. Parent
Original Assignee
Patrice P. Parent
Inventors
Parent, Patrice P.

Granted Patent

US 7,130,852 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

G06F 16/284   Relational databases

G06F 21/6218   to a system of files or obj...

G06F 2221/2141   Access rights, e.g. capabil...

Y10S 707/954   Relational

Y10S 707/99932   Access augmentation or opti...

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99934   Query formulation, input pr...

Y10S 707/99939   Privileged access

Y10S 707/99942   Manipulating data structure...

Y10S 707/99945   Object-oriented database st...

Internal security system for a relational database system

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Internal security system for a relational database system

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links