Method and a system for preventing impersonation of a database user
First Claim
Patent Images
1. A method of controlling access to information, the method comprising:
- receiving a request to decrypt information stored in a database;
retrieving, from a first storage location, a first hash value representative of a user password;
retrieving, from a second storage location, a second hash value representative of the user password; and
in response to detecting that the first hash value differs from the second hash value, denying a request to decrypt the information.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for preventing an administrator impersonating a user of a relational database, which database at least comprises a table with at least a user password, wherein said password is stored as a hash value. The method comprises the steps of: adding a trigger to said table, said trigger at least triggering an action when an administrator alters said table through the database management system (DBMS) of said database; calculating a new password hash value differing from said stored password hash value when said trigger is triggered; and replacing said stored password hash value with said new password hash value.
105 Citations
14 Claims
-
1. A method of controlling access to information, the method comprising:
-
receiving a request to decrypt information stored in a database;
retrieving, from a first storage location, a first hash value representative of a user password;
retrieving, from a second storage location, a second hash value representative of the user password; and
in response to detecting that the first hash value differs from the second hash value, denying a request to decrypt the information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification