Controlling access to a database using database internal and external authorization information
First Claim
1. A method for controlling access to a database, comprising:
- receiving, by a database component, a request to access a database, wherein said database component can access said database;
determining, based on authentication information associated with said request, whether said request can be authenticated;
determining, by said database component, whether access to said database should be granted as a database internal account which has been defined for said database, or as a database external account which has also been defined for said database, when said determining determines that said request can be authenticated;
authorizing , by said database component, access to said database based on access privilege information defined for a database internal account when said determines that access to said database should be granted as a database internal account which has been defined for said database; and
authorizing, by said database component, access to said database based on access privilege information defined for a database external account when said determines that access to said database should be granted as a database external account.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for using both database internal and database external authorization information to control access to a database are disclosed. Corporate accounts which are generally used in many corporate environments (e.g., operating system accounts) can be defined as “external” database accounts with database external authorization information that define database external access privileges for a database. The database external access-privileges are used in conjunction with a set of complementary database “internal” access privileges defined for database internal accounts. An integrated access-privilege set is generated and used as a single source to authorize access to a database regardless of whether database internal or external accounts are used to access the database. As a result, databases can be integrated with various non-database entities (e.g., corporate computing systems).
15 Citations
20 Claims
-
1. A method for controlling access to a database, comprising:
-
receiving, by a database component, a request to access a database, wherein said database component can access said database;
determining, based on authentication information associated with said request, whether said request can be authenticated;
determining, by said database component, whether access to said database should be granted as a database internal account which has been defined for said database, or as a database external account which has also been defined for said database, when said determining determines that said request can be authenticated;
authorizing , by said database component, access to said database based on access privilege information defined for a database internal account when said determines that access to said database should be granted as a database internal account which has been defined for said database; and
authorizing, by said database component, access to said database based on access privilege information defined for a database external account when said determines that access to said database should be granted as a database external account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A database server component for controlling access to a database, wherein said database server component is capable of:
-
receiving a request, from a database client component, to access said database;
sending authentication information associated with said request to an external authenticator for authentication;
determining whether said external authenticator has authenticated said authentication information;
determining whether access to said database should be granted as a database internal account or as a database external account when said determining determines that said external authenticator has authenticated said authentication information;
authorizing access to said database based on access privilege information defined for a database internal account when said determines that access to said database should be granted as a database internal account which has been defined for said database; and
authorizing access to said database based on access privilege information defined for a database external account when said determines that access to said database should be granted as a database external account. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A computer readable medium including computer program code for controlling access to a database, comprising:
-
computer program code for receiving a request, from a database client component, to access said database;
computer program code for sending authentication information associated with said request to an external authenticator for authentication;
computer program code for determining whether said external authenticator has authenticated said authentication information;
computer program code for determining whether access to said database should be granted as a database internal account or as a database external account when said determining determines that said external authenticator has authenticated said authentication information;
computer program code for authorizing access to said database based on access privilege information defined for a database internal account when said determines that access to said database should be granted as a database internal account which has been defined for said database; and
computer program code for authorizing access to said database based on access privilege information defined for a database external account when said determines that access to said database should be granted as a database external account. - View Dependent Claims (18, 19, 20)
-
Specification