Context-sensitive authorization in an RDBMS
First Claim
Patent Images
1. A method of executing a statement in a computer, the statement being executed by the computer to manipulate data in a database stored on a data storage device connected to the computer, the method comprising the steps of:
- identifying an environment of the database from which the statement was invoked, wherein the environment comprises a trusted environment or an untrusted environment;
when the environment is the untrusted environments enabling a user to specify one or more authorization privileges;
identifying a security option associated with the statement or with the user; and
determining authorization privileges based on the identified environment and security option.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, apparatus, and article of manufacture for a computer implemented authorization system. A statement is to be executed by a computer to manipulate data in a database stored on a data storage device connected to the computer. Initially, an environment of the database from which the statement was invoked is identified. Additionally, a security option is identified. Then, authorization privileges for the statement are determined based on the identified environment and security option.
89 Citations
42 Claims
-
1. A method of executing a statement in a computer, the statement being executed by the computer to manipulate data in a database stored on a data storage device connected to the computer, the method comprising the steps of:
-
identifying an environment of the database from which the statement was invoked, wherein the environment comprises a trusted environment or an untrusted environment;
when the environment is the untrusted environments enabling a user to specify one or more authorization privileges;
identifying a security option associated with the statement or with the user; and
determining authorization privileges based on the identified environment and security option.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for executing a statement, comprising:
-
a computer having a data storage device connected thereto, wherein the data storage device stores a database and wherein the statement is executed by the computer to manipulate data in the database;
one or more computer programs, performed by the computer, for identifying an environment of the database from which the statement was invoked, wherein the environment comprises a trusted environment or an untrusted environment, when the environment is the untrusted environment enabling a user to specify one or more authorization privileges identifying a security option associated with the statement or with the user, and determining authorization privileges based on the identified environment and security option. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. An article of manufacture comprising a computer program carrier readable by a computer and embodying one or more instructions executable by the computer to perform method steps for executing a statement, the statement being performed by the computer to manipulate data in a database stored on a data storage device connected to the computer, the method comprising the steps of:
-
identifying an environment of the database from which the statement was invoked, wherein the environment comprises a trusted environment or an untrusted environment;
when the environment is the untrusted environment, enabling a user to specify one or more authorization privileges;
identifying a security option associated with the statement or with the user; and
determining authorization privileges based on the identified environment and security option.- View Dependent Claims (37, 38, 39, 40, 41, 42)
-
- 30. The article of manufacture of clai m 29, wherein the statement was invoked in a trusted environment.
Specification