Row-level security in a relational database management system
First Claim
1. A method of controlling access to a relational database, comprising:
- receiving a user request for data from the database, the request including a request to perform a database operation and a user security label;
determining user security information from the user security label;
retrieving, in response to the user request, rows of data from a table in the database satisfying the database operation, the rows each having a security label;
determining row security information for each of the retrieved rows based on the row'"'"'s security label;
determining, for each retrieved row, whether the user is authorized to access the row based on the user security information and the row security information; and
returning only the rows for which the user is determined to have authorization to access.
1 Assignment
0 Petitions
Accused Products
Abstract
An access control system and access control methods provide multilevel and mandatory access control for a database management system. The access control techniques provide access control at the row level in a relational database table. The database table contains a security label column within which is recorded a security label that is defined within a hierarchical security scheme. A user'"'"'s security label is encoded with security information concerning the user. When a user requests access to a row, a security mechanism compares the user'"'"'s security information with the security information in the row. If the user'"'"'s security dominates the row'"'"'s security, the user is given access to the row.
-
Citations
33 Claims
-
1. A method of controlling access to a relational database, comprising:
-
receiving a user request for data from the database, the request including a request to perform a database operation and a user security label;
determining user security information from the user security label;
retrieving, in response to the user request, rows of data from a table in the database satisfying the database operation, the rows each having a security label;
determining row security information for each of the retrieved rows based on the row'"'"'s security label;
determining, for each retrieved row, whether the user is authorized to access the row based on the user security information and the row security information; and
returning only the rows for which the user is determined to have authorization to access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus for use within a database management system having a data manager and a database, for determining whether a user is authorized to perform a requested operation on a row of data held within the database, the user being associated with a user security label and the row having a row security label, the apparatus comprising:
-
a user security unit having recorded therein a hierarchy of security labels;
a read security unit connected to the user security unit and between the data manager and the database, and configured to return the row from the database to the data manager only if the user security label is located in the hierarchy at a level with privileges that are greater than or equal to privileges for a level in the hierarchy at which the row security label is located. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A program product embodied on a computer readable medium, for controlling access to a relational database, comprising:
-
program instructions for receiving a user request for data from the database, the request including a request to perform a database operation and a user security label;
program instructions for determining user security information from the user security label;
program instructions for retrieving, in response to the user request, rows of data from a table in the database satisfying the database operation, the rows each having a security label;
program instructions for determining row security information for each of the retrieved rows based on the row'"'"'s security label;
program instructions for determining, for each retrieved row, whether the user is authorized to access the row based on the user security information and the row security information; and
program instructions for returning only the rows for which the user is determined to have authorization to access. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method of controlling access to data in at least one row of a database, wherein said at least one row is associated with row-level access control information, the method comprising:
-
receiving a request from a user to operate on the database;
applying mandatory access control rules to rows of the database satisfying the request by comparing, for each row of the database satisfying the request, a security level associated with the user with a security level associated with the row; and
returning data from the row if the security level associated with the row is at least a subset of the security level of the user. - View Dependent Claims (27, 28, 29, 30)
-
-
31. A method of controlling a user'"'"'s access to data in rows of a database, wherein each row is associated with a first access level within an access level hierarchy, and the user is associated with a second access level within the access level hierarchy, wherein each access level is associated with one or more privileges and the access levels are related in a hierarchical manner, the method comprising:
-
receiving a request from the user to operate on the database;
determining whether the user is authorized to operate on a row of the database that satisfies the request by determining whether privileges associated with the first access level are included in the privileges associated with the second access level; and
returning data from the row only if the user is determined to be authorized to operate on the row. - View Dependent Claims (32, 33)
-
Specification