Security and password mechanisms in a database system
First Claim
Patent Images
1. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
storing said routine;
receiving a proposed password;
in response to receiving the proposed password, performing the steps of;
passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable;
receiving a user class;
storing an association between said routine and said user class;
receiving a user ID;
storing an association between said user class and said user ID; and
wherein in response to receiving said proposed password, performing the further steps of;
determining said user class based on said stored association between said user ID and said user class; and
determining said routine to execute based on said stored association between said user class and said routine.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for providing security and password mechanisms in a data base system. The method limits access to the database to clients who transmit a valid password and user ID combination. Furthermore, the method requires that passwords are changed periodically. The method ensures that passwords meet certain criteria. Finally, the method provides a script which can be used to extend the security and password mechanisms.
-
Citations
12 Claims
-
1. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; receiving a user class; storing an association between said routine and said user class; receiving a user ID; storing an association between said user class and said user ID; and wherein in response to receiving said proposed password, performing the further steps of; determining said user class based on said stored association between said user ID and said user class; and determining said routine to execute based on said stored association between said user class and said routine. - View Dependent Claims (2)
-
-
3. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and wherein said second set of criteria further includes; said proposed password differs from a threshold number of passwords previously associated with the user ID.
-
-
4. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and wherein said second set of criteria further includes; said proposed password does not contain a common string of characters.
-
-
5. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; wherein said second set of criteria further includes; said proposed password differs from passwords previously associated with the user ID within a threshold period of time.
-
-
6. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and wherein said second set of criteria further includes; said proposed password contains a minimum mix of alpha, numeric, and punctuation characters.
-
-
7. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
-
receiving user input that defines a routine wherein said routine, accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; receiving a user class; storing an association between said routine and said user class; receiving a user ID; storing an association between said user class and said user ID; and wherein in response to receiving said proposed password, performing the further steps of; determining said user class based on said stored association between said user ID and said user class; and determining said routine to execute based on said stored association between said user class and said routine. - View Dependent Claims (8)
-
-
9. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; wherein said second set of criteria further includes; said proposed password differs from a threshold number of passwords previously associated with the user ID.
-
-
10. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and wherein said second set of criteria further includes; said proposed password does not contain a common string of characters.
-
-
11. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and wherein said second set of criteria further includes; said proposed password differs from passwords previously associated with the user ID within a threshold period of time.
-
-
12. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
-
receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria; storing said routine; receiving a proposed password; in response to receiving the proposed password, performing the steps of; passing said proposed password to said routine, and executing said routine to determine whether said proposed password satisfies a first set of criteria; if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password; if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and wherein said second set of criteria further includes; said proposed password contains a minimum mix of alpha, numeric, and punctuation characters.
-
Specification