Security and password mechanisms in a database system

US 5,944,825 A
Filed: 05/30/1997
Issued: 08/31/1999
Est. Priority Date: 05/30/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:

receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;

storing said routine;

receiving a proposed password;

in response to receiving the proposed password, performing the steps of;

passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;

if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;

if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable;

receiving a user class;

storing an association between said routine and said user class;

receiving a user ID;

storing an association between said user class and said user ID; and

wherein in response to receiving said proposed password, performing the further steps of;

determining said user class based on said stored association between said user ID and said user class; and

determining said routine to execute based on said stored association between said user class and said routine.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for providing security and password mechanisms in a data base system. The method limits access to the database to clients who transmit a valid password and user ID combination. Furthermore, the method requires that passwords are changed periodically. The method ensures that passwords meet certain criteria. Finally, the method provides a script which can be used to extend the security and password mechanisms.

Citations

12 Claims

1. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable;
  
  receiving a user class;
  
  storing an association between said routine and said user class;
  
  receiving a user ID;
  
  storing an association between said user class and said user ID; and
  
  wherein in response to receiving said proposed password, performing the further steps of;
  
  determining said user class based on said stored association between said user ID and said user class; and
  
  determining said routine to execute based on said stored association between said user class and said routine.
- View Dependent Claims (2)
- - 2. The method of claim 1 wherein the method further comprises the steps of:
    - receiving user input that specifies a third set of criteria wherein the second set of criteria includes the third set of criteria;
      
      storing an association between the third set of criteria and said user class; and
      
      determining the third said of criteria based on said stored association of third set of criteria and said user class.

3. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and
  
  wherein said second set of criteria further includes;
  
  said proposed password differs from a threshold number of passwords previously associated with the user ID.

4. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and
  
  wherein said second set of criteria further includes;
  
  said proposed password does not contain a common string of characters.

5. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable;
  
  wherein said second set of criteria further includes;
  
  said proposed password differs from passwords previously associated with the user ID within a threshold period of time.

6. A method for determining whether a password may be used in a system that determines access privileges based on passwords, the method comprising the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteriaif said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and
  
  wherein said second set of criteria further includes;
  
  said proposed password contains a minimum mix of alpha, numeric, and punctuation characters.

7. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
- receiving user input that defines a routine wherein said routine, accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable;
  
  receiving a user class;
  
  storing an association between said routine and said user class;
  
  receiving a user ID;
  
  storing an association between said user class and said user ID; and
  
  wherein in response to receiving said proposed password, performing the further steps of;
  
  determining said user class based on said stored association between said user ID and said user class; and
  
  determining said routine to execute based on said stored association between said user class and said routine.
- View Dependent Claims (8)
- - 8. The computer readable media of claim 7 further comprising sequences of instructions for performing the steps of:
    - receiving user input that specifies a third set of criteria wherein the second set of criteria includes the third set of criteria;
      
      storing an association between the third set of criteria and said user class; and
      
      determining the third set of criteria based on said stored association of third set of criteria and said user class.

9. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable;
  
  wherein said second set of criteria further includes;
  
  said proposed password differs from a threshold number of passwords previously associated with the user ID.

10. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and
  
  wherein said second set of criteria further includes;
  
  said proposed password does not contain a common string of characters.

11. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and
  
  wherein said second set of criteria further includes;
  
  said proposed password differs from passwords previously associated with the user ID within a threshold period of time.

12. A computer readable medium having stored thereon a plurality of sequences of instructions for determining whether a password may be used in a system that determines access privileges based on passwords, said plurality of sequences of instructions which, when executed by a processor, cause said processor to perform the steps of:
- receiving user input that defines a routine, wherein said routine accepts as input a password value and generates output which indicates whether a password satisfies a first set of criteria;
  
  storing said routine;
  
  receiving a proposed password;
  
  in response to receiving the proposed password, performing the steps of;
  
  passing said proposed password to said routine, andexecuting said routine to determine whether said proposed password satisfies a first set of criteria;
  
  if said proposed password satisfies a second set of criteria that includes the first set of criteria, then storing said proposed password;
  
  if said proposed password does not satisfy the second set of criteria, then generating a message to indicate that said proposed password is not acceptable; and
  
  wherein said second set of criteria further includes;
  
  said proposed password contains a minimum mix of alpha, numeric, and punctuation characters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle Corporation
Inventors
Surpur, Ashwini, Bellemore, John
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Iqbal, Nadeem

Application Number

US08/866,038
Time in Patent Office

823 Days
Field of Search

395/188.01, 395/186, 395/187.01, 395/600, 395/700, 395/726, 395/427, 395/490, 395/491, 364/286.4, 364/286.5, 713/202, 713/200, 713/201, 714/39, 380/4, 380/25, 380/49, 380/23
US Class Current

726/18
CPC Class Codes

G06F 21/46 by designing passwords or c...

Security and password mechanisms in a database system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Security and password mechanisms in a database system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links