ENABLING RELATIONAL DATABASES TO INCORPORATE CUSTOMIZED INTRUSION PREVENTION POLICIES
First Claim
Patent Images
1. A computer-implemented method for processing commands in a database system, the method comprising:
- receiving a request to execute a database command;
within the database system, parsing the database command to generate parsed information;
prior to executing the database command, determining whether the parsed information satisfies one or more conditions;
wherein the one or more conditions include at least one condition for detecting attempts to intrude in the database system; and
in response to determining that the parsed information satisfies the one or more conditions, (a) determining that no database command should be executed in response to the request to execute the database command, and (b) storing in volatile memory data indicating that no database command should be executed in response to the request.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for preventing intrusions in a database system is provided. When the database system receives a request to execute a database command, the database command is parsed to generate parsed information. Before executing the database command, the parsed information is evaluated against a set of rules. If the parsed information satisfies the conditions associated with a rule, the database system performs an action associated with the rule. The action may be an action designed to prevent intrusions, and may be performed instead of or in addition to executing the database command.
40 Citations
20 Claims
-
1. A computer-implemented method for processing commands in a database system, the method comprising:
-
receiving a request to execute a database command;
within the database system, parsing the database command to generate parsed information;
prior to executing the database command, determining whether the parsed information satisfies one or more conditions;
wherein the one or more conditions include at least one condition for detecting attempts to intrude in the database system; and
in response to determining that the parsed information satisfies the one or more conditions, (a) determining that no database command should be executed in response to the request to execute the database command, and (b) storing in volatile memory data indicating that no database command should be executed in response to the request. - View Dependent Claims (2)
-
-
3. A computer-implemented method for processing commands in a database system, the method comprising:
-
receiving a request to execute a database command;
within the database system, parsing the database command to generate parsed information;
prior to executing the database command, performing within the database system the steps of;
based on the parsed information, performing an evaluation of a set of rules;
wherein the set of rules includes at least one rule for detecting attempts to intrude in the database system; and
determining, based on the evaluation, whether to perform an action other than executing the database command; and
in response to determining that the evaluation indicates that the action is to be performed, (a) storing in volatile memory data indicating that the action is to be performed, and (b) performing the action without modifying the database command. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-readable storage medium storing one or more sequences of instructions for processing commands in a database system which instructions, when executed by one or more processors, cause the one or more processors to perform:
-
receiving a request to execute a database command;
within the database system, parsing the database command to generate parsed information;
prior to executing the database command, determining whether the parsed information satisfies one or more conditions;
wherein the one or more conditions include at least one condition for detecting attempts to intrude in the database system; and
in response to determining that the parsed information satisfies the one or more conditions, (a) determining that no database command should be executed in response to the request to execute the database command, and (b) storing in volatile memory data indicating that no database command should be executed in response to the request. - View Dependent Claims (12)
-
-
13. A computer-readable storage medium storing one or more sequences of instructions for processing commands in a database system which instructions, when executed by one or more processors, cause the one or more processors to perform:
-
receiving a request to execute a database command;
within the database system, parsing the database command to generate parsed information;
prior to executing the database command, performing within the database system the steps of;
based on the parsed information, performing an evaluation of a set of rules;
wherein the set of rules includes at least one rule for detecting attempts to intrude in the database system; and
determining, based on the evaluation, whether to perform an action other than executing the database command; and
in response to determining that the evaluation indicates that the action is to be performed, (a) storing in volatile memory data indicating that the action is to be performed, and (b) performing the action without modifying the database command. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification