ENABLING RELATIONAL DATABASES TO INCORPORATE CUSTOMIZED INTRUSION PREVENTION POLICIES

US 20080046964A1
Filed: 10/25/2007
Published: 02/21/2008
Est. Priority Date: 12/22/2004
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method for processing commands in a database system, the method comprising:

receiving a request to execute a database command;

within the database system, parsing the database command to generate parsed information;

prior to executing the database command, determining whether the parsed information satisfies one or more conditions;

wherein the one or more conditions include at least one condition for detecting attempts to intrude in the database system; and

in response to determining that the parsed information satisfies the one or more conditions, (a) determining that no database command should be executed in response to the request to execute the database command, and (b) storing in volatile memory data indicating that no database command should be executed in response to the request.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for preventing intrusions in a database system is provided. When the database system receives a request to execute a database command, the database command is parsed to generate parsed information. Before executing the database command, the parsed information is evaluated against a set of rules. If the parsed information satisfies the conditions associated with a rule, the database system performs an action associated with the rule. The action may be an action designed to prevent intrusions, and may be performed instead of or in addition to executing the database command.

40 Citations

View as Search Results

20 Claims

1. A computer-implemented method for processing commands in a database system, the method comprising:
- receiving a request to execute a database command;
  
  within the database system, parsing the database command to generate parsed information;
  
  prior to executing the database command, determining whether the parsed information satisfies one or more conditions;
  
  wherein the one or more conditions include at least one condition for detecting attempts to intrude in the database system; and
  
  in response to determining that the parsed information satisfies the one or more conditions, (a) determining that no database command should be executed in response to the request to execute the database command, and (b) storing in volatile memory data indicating that no database command should be executed in response to the request.
- View Dependent Claims (2)
- - 2. The method of claim 1, further comprising:
    - receiving, from a user of the database system, first information that specifies the one or more conditions; and
      
      receiving second information from the user;
      
      wherein determining that no database command should be executed includes determining, based on the second information, that no database command should be executed when the parsed information satisfies the one or more conditions.

3. A computer-implemented method for processing commands in a database system, the method comprising:
- receiving a request to execute a database command;
  
  within the database system, parsing the database command to generate parsed information;
  
  prior to executing the database command, performing within the database system the steps of;
  
  based on the parsed information, performing an evaluation of a set of rules;
  
  wherein the set of rules includes at least one rule for detecting attempts to intrude in the database system; and
  
  determining, based on the evaluation, whether to perform an action other than executing the database command; and
  
  in response to determining that the evaluation indicates that the action is to be performed, (a) storing in volatile memory data indicating that the action is to be performed, and (b) performing the action without modifying the database command.
- View Dependent Claims (4, 5, 6, 7, 8, 9, 10)
- - 4. The method of claim 3, wherein:
    - each rule of the set of rules includes a conditional predicate that evaluates to a Boolean value; and
      
      performing the evaluation of the set of rules comprises evaluating a particular conditional predicate based on a parameter value included in the parsed information.
  - 5. The method of claim 4, wherein the parameter value identifies a user that issued the request to execute the database command.
  - 6. The method of claim 4, wherein the parameter value identifies a computer host from which the request to execute the database command was issued.
  - 7. The method of claim 4, wherein the parameter value is a timestamp indicating when the request to execute the database command was issued.
  - 8. The method of claim 4, wherein the parameter value identifies the type of the database command.
  - 9. The method of claim 4, wherein the parameter value identifies a database object on which the database command is to operate.
  - 10. The method of claim 4, wherein the parameter value identifies a database schema on which the database command is to operate, wherein the database schema includes one or more database objects.

11. A computer-readable storage medium storing one or more sequences of instructions for processing commands in a database system which instructions, when executed by one or more processors, cause the one or more processors to perform:
- receiving a request to execute a database command;
  
  within the database system, parsing the database command to generate parsed information;
  
  prior to executing the database command, determining whether the parsed information satisfies one or more conditions;
  
  wherein the one or more conditions include at least one condition for detecting attempts to intrude in the database system; and
  
  in response to determining that the parsed information satisfies the one or more conditions, (a) determining that no database command should be executed in response to the request to execute the database command, and (b) storing in volatile memory data indicating that no database command should be executed in response to the request.
- View Dependent Claims (12)
- - 12. The computer-readable storage medium of claim 11, wherein the one or more sequences of instructions further comprise instructions which, when executed by the one or more processors, cause the one or more processors to perform:
    - receiving, from a user of the database system, first information that specifies the one or more conditions; and
      
      receiving second information from the user;
      
      wherein the instructions that cause determining that no database command should be executed include instructions which, when executed by the one or more processors, cause the one or more processors to perform determining, based on the second information, that no database command should be executed when the parsed information satisfies the one or more conditions.

13. A computer-readable storage medium storing one or more sequences of instructions for processing commands in a database system which instructions, when executed by one or more processors, cause the one or more processors to perform:
- receiving a request to execute a database command;
  
  within the database system, parsing the database command to generate parsed information;
  
  prior to executing the database command, performing within the database system the steps of;
  
  based on the parsed information, performing an evaluation of a set of rules;
  
  wherein the set of rules includes at least one rule for detecting attempts to intrude in the database system; and
  
  determining, based on the evaluation, whether to perform an action other than executing the database command; and
  
  in response to determining that the evaluation indicates that the action is to be performed, (a) storing in volatile memory data indicating that the action is to be performed, and (b) performing the action without modifying the database command.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The computer-readable storage medium of claim 13, wherein:
    - each rule of the set of rules includes a conditional predicate that evaluates to a Boolean value; and
      
      the instructions that cause performing the evaluation of the set of rules comprise instructions which, when executed by the one or more processors, cause the one or more processors to perform evaluating a particular conditional predicate based on a parameter value included in the parsed information.
  - 15. The computer-readable storage medium of claim 14, wherein the parameter value identifies a user that issued the request to execute the database command.
  - 16. The computer-readable storage medium of claim 14, wherein the parameter value identifies a computer host from which the request to execute the database command was issued.
  - 17. The computer-readable storage medium of claim 14, wherein the parameter value is a timestamp indicating when the request to execute the database command was issued.
  - 18. The computer-readable storage medium of claim 14, wherein the parameter value identifies the type of the database command.
  - 19. The computer-readable storage medium of claim 14, wherein the parameter value identifies a database object on which the database command is to operate.
  - 20. The computer-readable storage medium of claim 14, wherein the parameter value identifies a database schema on which the database command is to operate, wherein the database schema includes one or more database objects.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Daniel Wong, Nithya Muralidharan
Original Assignee
Daniel Wong, Nithya Muralidharan
Inventors
Muralidharan, Nithya, Wong, Daniel

Application Number

US11/923,964
Publication Number

US 20080046964A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/6227 where protection concerns t...

ENABLING RELATIONAL DATABASES TO INCORPORATE CUSTOMIZED INTRUSION PREVENTION POLICIES

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ENABLING RELATIONAL DATABASES TO INCORPORATE CUSTOMIZED INTRUSION PREVENTION POLICIES

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links