DYNAMICALLY DIFFERENTIATING SERVICE IN A DATABASE BASED ON A SECURITY PROFILE OF A USER

US 20160253494A1
Filed: 04/07/2016
Published: 09/01/2016
Est. Priority Date: 01/06/2005
Status: Active Grant

First Claim

Patent Images

1. A method for differentiating service based on a security profile of a user, the method comprising:

receiving a sequence of database commands from a user at a database server in the database system;

determining command information from the database commands, wherein the extracted command information includes at least a table or a column accessed by the database commands;

applying pre-specified rules to the command information to determine a security profile, which involves determining whether the access to the table or column matches criteria for suspicious behavior, wherein the security profile indicates a level of suspicious activity for the user;

based on at least the level of suspicious activity for the user, differentiating services provided to the user'"'"'s session by performing at least one of;

decreasing the amount of processor time that the user is allowed to utilize to be below a percentage of processor time determined by the security profile; and

migrating the user'"'"'s session to a database instance for suspicious sessions.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the present invention provides a system that differentiates service provided to a database user based on a security profile of the user. During operation, the system receives a sequence of commands from a user at a database system. The system then uses the sequence of commands to determine a security profile which indicates whether the user is behaving suspiciously. Next the system associates a resource consumer group with the user based on the security profile. Finally, the system differentiates service provided to the user based on the resource consumer group.

14 Citations

20 Claims

1. A method for differentiating service based on a security profile of a user, the method comprising:
- receiving a sequence of database commands from a user at a database server in the database system;
  
  determining command information from the database commands, wherein the extracted command information includes at least a table or a column accessed by the database commands;
  
  applying pre-specified rules to the command information to determine a security profile, which involves determining whether the access to the table or column matches criteria for suspicious behavior, wherein the security profile indicates a level of suspicious activity for the user;
  
  based on at least the level of suspicious activity for the user, differentiating services provided to the user'"'"'s session by performing at least one of;
  
  decreasing the amount of processor time that the user is allowed to utilize to be below a percentage of processor time determined by the security profile; and
  
  migrating the user'"'"'s session to a database instance for suspicious sessions.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein determining the security profile involves determining a set of database tables or a set of database columns that are accessed while executing the sequence of commands.
  - 3. The method of claim 1, wherein determining command information involves analyzing the sequence of database commands prior to execution of the sequence of database commands.
  - 4. The method of claim 1, wherein determining command information involves analyzing the sequence of database commands after executing a command in the sequence of database commands.
  - 5. The method of claim 1, wherein differentiating service provided to the user can involve changing the auditing level for the user.
  - 6. The method of claim 1, wherein differentiating service provided to the user can involve:
    - differentiating service for a current session associated with the user;
      
      ordifferentiating service for a future session associated with the user.
  - 7. The method of claim 1, wherein determining the security profile involves continually updating the security profile based on the user'"'"'s behavior.

8. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for differentiating service based on a security profile of a user, the method comprising:
- receiving a sequence of database commands from a user at a database server in the database system;
  
  determining command information from the database commands, wherein the extracted command information includes at least a table or a column accessed by the database commands;
  
  applying pre-specified rules to the command information to determine a security profile, which involves determining whether the access to the table or column matches criteria for suspicious behavior, wherein the security profile indicates a level of suspicious activity for the user;
  
  based on at least the level of suspicious activity for the user, differentiating services provided to the user'"'"'s session by performing at least one of;
  
  decreasing the amount of processor time that the user is allowed to utilize to be below a percentage of processor time determined by the security profile; and
  
  migrating the user'"'"'s session to a database instance for suspicious sessions.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-readable storage medium of claim 8, wherein determining the security profile involves determining a set of database tables or a set of database columns that are accessed while executing the sequence of commands.
  - 10. The computer-readable storage medium of claim 8, wherein determining command information involves analyzing the sequence of database commands prior to execution of the sequence of database commands.
  - 11. The computer-readable storage medium of claim 8, wherein determining command information involves analyzing the sequence of database commands after executing a command in the sequence of database commands.
  - 12. The computer-readable storage medium of claim 8, wherein differentiating service provided to the user can involve changing the auditing level for the user.
  - 13. The computer-readable storage medium of claim 8, wherein differentiating service provided to the user can involve:
    - differentiating service for a current session associated with the user;
      
      ordifferentiating service for future sessions associated with the user.
  - 14. The computer-readable storage medium of claim 8, wherein determining the security profile involves continually updating the security profile based on the user'"'"'s behavior.

15. An apparatus for differentiating service based on a security profile of a user, the apparatus comprising:
- a receiving mechanism embedded in a computer system configured to receive a sequence of database commands from a user at a database server in the database apparatus;
  
  a determining mechanism embedded in the computer system configured to;
  
  determine command information from the database commands, wherein the extracted command information includes at least a table or a column accessed by the database commands; and
  
  apply pre-specified rules to the command information to determine a security profile, which involves determining whether the access to the table or column matches criteria for suspicious behavior, wherein the security profile indicates a level of suspicious activity for the user;
  
  the determining mechanism further configured to determine whether the security profile for the user corresponds to a high level of suspicious activity; and
  
  a differentiation mechanism configured to differentiate services provided to the user'"'"'s session, based on at least the level of suspicious activity for the user, by performing at least one of;
  
  decreasing the amount of processor time that the user is allowed to utilize to be below a percentage of processor time determined by the security profile; and
  
  migrating the user'"'"'s session to a database instance for suspicious sessions.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus of claim 15, wherein the determining mechanism is configured to determine a set of database tables or a set of database columns that are accessed while executing the sequence of commands.
  - 17. The apparatus of claim 15, wherein the determining mechanism is configured to analyze the sequence of database commands prior to execution of the sequence of database commands.
  - 18. The apparatus of claim 15, wherein the determining mechanism is configured to analyze the sequence of database commands after executing a command in the sequence of database commands.
  - 19. The apparatus of claim 15, wherein the differentiating mechanism is configured to change the auditing level for the user.
  - 20. The apparatus of claim 15, wherein the differentiating mechanism is configured to:
    - differentiate service for a current session associated with the user;
      
      ordifferentiate service for future sessions associated with the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Muralidharan, Nithya, Wong, Daniel ManHung

Granted Patent

US 10,528,724 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/122   using management policies b...

G06F 16/335   Filtering based on addition...

G06F 21/55   Detecting local intrusion o...

G06F 2221/034   Test or assess a computer o...

DYNAMICALLY DIFFERENTIATING SERVICE IN A DATABASE BASED ON A SECURITY PROFILE OF A USER

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

DYNAMICALLY DIFFERENTIATING SERVICE IN A DATABASE BASED ON A SECURITY PROFILE OF A USER

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links