DATABASE ACCESS CONTROL
First Claim
Patent Images
1. A method for database access control, comprising:
- receiving an access request from a requesting user, the access request comprising user credentials identifying the requesting user and identifying requested data;
querying an authorization table with the user credentials, wherein the authorization table stores one or more data categories, each data category associated with one or more users that have access to data associated with the data category;
retrieving, from the authorization table, a security table that identifies a subset of the one or more data categories to which the requesting user has access;
querying a base table that comprises a plurality of data entries, each data entry mapped to at least one data category of the one or more data categories stored in the authorization table and the security table to access the identified requested data associated with at least one category identified by the security table;
generating a result set comprising the identified requested data associated with at least one category identified by the security table; and
providing the generated result set to the requesting user.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for database access control includes receiving an access request from a requesting user, the access request identifying one or more data entries stored in a base table storing a plurality a data entries each associated with a data category. The identified one or more data entries from the base table are retrieved and a security table including one or more data categories to which the requesting user is authorized to access is generated based on an identity of the requesting user. The data entries associated with a data category included in the security table are outputted as a result table.
-
Citations
18 Claims
-
1. A method for database access control, comprising:
-
receiving an access request from a requesting user, the access request comprising user credentials identifying the requesting user and identifying requested data; querying an authorization table with the user credentials, wherein the authorization table stores one or more data categories, each data category associated with one or more users that have access to data associated with the data category; retrieving, from the authorization table, a security table that identifies a subset of the one or more data categories to which the requesting user has access; querying a base table that comprises a plurality of data entries, each data entry mapped to at least one data category of the one or more data categories stored in the authorization table and the security table to access the identified requested data associated with at least one category identified by the security table; generating a result set comprising the identified requested data associated with at least one category identified by the security table; and providing the generated result set to the requesting user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for database access control, comprising:
-
receiving an access request from a requesting user, the access request identifying one or more data entries stored in a base table, the base table comprising a plurality a data entries each associated with a data category; retrieving the identified data entries from the base table; generating a security table including one or more data categories to which the requesting user is authorized to access based on an identity of the requesting user; for each retrieved data entry, determining if the data entry is associated with a data category included in the security table; and outputting a result table comprising each retrieved data entry determined to be associated with a data category identified in the security table.
-
-
12. A database access control system, comprising:
-
a non-transitory computer-readable memory storing executable computer instructions, the instructions comprising instructions for; receiving an access request from a requesting user, the access request comprising user credentials identifying the requesting user and identifying requested data; querying an authorization table with the user credentials, wherein the authorization table stores one or more data categories, each data category associated with one or more users that have access to data associated with the data category; retrieving, from the authorization table, a security table that identifies a subset of the one or more data categories to which the requesting user has access; querying a base table that comprises a plurality of data entries, each data entry mapped to at least one data category of the one or more data categories stored in the authorization table and the security table to access the identified requested data associated with at least one category identified by the security table; generating a result set comprising the identified requested data associated with at least one category identified by the security table; and providing the generated result set to the requesting user; and a processor configured to execute the computer instructions. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification