ACCESS CONTROL FOR ELEMENTS IN A DATABASE OBJECT
First Claim
Patent Images
1. A system comprising:
- a database operable to store a database object, the database object comprising elements; and
a server coupled to the database, the server comprising a processor and a memory, the server being operable to;
receive a request from a user to access the database object;
determine whether an access restriction is imposed on the database object, the access restriction specifying a first user group to which the access restriction is applicable, defining a first dynamic condition the first user group must satisfy in order to access the database object, wherein the first dynamic condition is a function that compares a current time to a time of the day when access can be granted, and identifying a first element set in the database object accessible to the first user group when the first dynamic condition is satisfied; and
control access to the elements in the database object by the user based on the access restriction, wherein controlling access to the elements in the database object comprises;
confirming whether the user is in the first user group when the access restriction is imposed on the database object;
verifying whether the user satisfies the first dynamic condition when the user is in the first user group; and
allowing the user to access the first element set when the user satisfies the first dynamic condition, wherein allowing the user to access the first element set comprises;
generating a dynamic pseudo-view of the database object comprising only the first element set when the user satisfies the first dynamic condition, wherein the dynamic pseudo-view is a view-like entity with attributes similar to a predefined regular view, wherein the dynamic pseudo-view does not exist in a database, wherein the dynamic pseudo-view does not have dependencies; and
responding to the request from the user using the dynamic pseudo-view of the database object.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for controlling access to elements in a database object are provided. The system provides for receiving a request from a user to access the database object, determining whether an access restriction is imposed on the database object, and controlling access to the elements in the database object by the user based on the access restriction. The access restriction specifies one or more users to which the access restriction is applicable, defines a dynamic condition the one or more users must satisfy in order to access the database object, and identifies one or more of the elements in the database object accessible to the one or more users when the dynamic condition is satisfied.
26 Citations
20 Claims
-
1. A system comprising:
-
a database operable to store a database object, the database object comprising elements; and a server coupled to the database, the server comprising a processor and a memory, the server being operable to; receive a request from a user to access the database object; determine whether an access restriction is imposed on the database object, the access restriction specifying a first user group to which the access restriction is applicable, defining a first dynamic condition the first user group must satisfy in order to access the database object, wherein the first dynamic condition is a function that compares a current time to a time of the day when access can be granted, and identifying a first element set in the database object accessible to the first user group when the first dynamic condition is satisfied; and control access to the elements in the database object by the user based on the access restriction, wherein controlling access to the elements in the database object comprises; confirming whether the user is in the first user group when the access restriction is imposed on the database object; verifying whether the user satisfies the first dynamic condition when the user is in the first user group; and allowing the user to access the first element set when the user satisfies the first dynamic condition, wherein allowing the user to access the first element set comprises; generating a dynamic pseudo-view of the database object comprising only the first element set when the user satisfies the first dynamic condition, wherein the dynamic pseudo-view is a view-like entity with attributes similar to a predefined regular view, wherein the dynamic pseudo-view does not exist in a database, wherein the dynamic pseudo-view does not have dependencies; and responding to the request from the user using the dynamic pseudo-view of the database object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer program product comprising a computer-readable storage medium, the computer-readable storage medium including a computer-readable program for controlling access to elements in a database object, wherein the computer-readable program when executed on a computer causes the computer to:
-
receive a request from a user to access the database object; determine whether an access restriction is imposed on the database object, the access restriction specifying a first user group to which the access restriction is applicable, defining a first dynamic condition the first user group must satisfy in order to access the database object, wherein the first dynamic condition is a function that compares a current time to a time of the day when access can be granted, and identifying a first element set in the database object accessible to the first user group when the first dynamic condition is satisfied; and control access to the elements in the database object by the user based on the access restriction, wherein controlling access to the elements in the database object comprises; confirming whether the user is in the first user group when the access restriction is imposed on the database object; verifying whether the user satisfies the first dynamic condition when the user is in the first user group; and allowing the user to access the first element set when the user satisfies the first dynamic condition, wherein allowing the user to access the first element set comprises; generating a dynamic pseudo-view of the database object comprising only the first element set when the user satisfies the first dynamic condition, wherein the dynamic pseudo-view is a view-like entity with attributes similar to a predefined regular view, wherein the dynamic pseudo-view does not exist in a database, wherein the dynamic pseudo-view does not have dependencies; and responding to the request from the user using the dynamic pseudo-view of the database object. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification