DATABASE ACCESS CONTROL FOR MULTI-TIER PROCESSING
First Claim
1. A method comprising:
- receiving an application request having an identification parameter to an application server at an application layer;
querying, at the application layer, a database objects map that maps the application request to a database object and a database operation in a database layer;
determining the database object and the database operation for the application request from the database objects map;
accessing one or more database access security rules for the identification parameter that specify a security action based on a security rule database object and a security rule database operation;
comparing the database object and database operation determined from the application request with the database object and database operation from the one or more security rules; and
performing the security action in response to the database object and database operation determined from the application request being substantially similar to the security rule database object and security rule database operation from the one or more security rules.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the disclosure can include a method, a system, and a computer program product for controlling access to a database server in a multi-tiered processing system. The method can include receiving an application request having an identification parameter to an application server at an application layer. The method can also include querying a database objects map that maps the application request to a database object and a database operation in a database layer. The method can also include accessing one or more database access security rules for the identification parameter that specify a security action based on the database object and the database operation. The method can also include comparing the database object and database operation determined from the application request with the database object and database operation from the one or more security rules.
-
Citations
8 Claims
-
1. A method comprising:
-
receiving an application request having an identification parameter to an application server at an application layer; querying, at the application layer, a database objects map that maps the application request to a database object and a database operation in a database layer; determining the database object and the database operation for the application request from the database objects map; accessing one or more database access security rules for the identification parameter that specify a security action based on a security rule database object and a security rule database operation; comparing the database object and database operation determined from the application request with the database object and database operation from the one or more security rules; and performing the security action in response to the database object and database operation determined from the application request being substantially similar to the security rule database object and security rule database operation from the one or more security rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification