System and method for restricting access to a data table within a database
First Claim
1. A system for preventing unauthorized access of database systems, comprising:
- a client computer configured to transmit a request for data;
a server computer configured to receive said request for data, to retrieve data from a column within a table of a database in response to said request for data, to transmit a portion of said retrieved data associated with information stored within a row of said column in response to a determination that a user of said client computer is authorized to access said row, and to discard a portion of said retrieved data associated with information stored within another row of said column in response to a determination that said user is unauthorized to access said other row.
11 Assignments
0 Petitions
Accused Products
Abstract
The system and associated method utilizes a client computer (client), a server computer (server), and a database system. The client establishes communication with the server and submits a request for data to the server. The server receives the request and retrieves data from a column within a table of the database system in response to the request. The server then determines which rows within the column can be accessed by a user of the client. In this regard, the server includes a security information table having predefined values that indicate which rows of information within the database system are accessible to the user. The server analyzes these values in order to determine whether the user is authorized to access a particular row. The server then discards data associated with rows that the user is not authorized to access and transmits the remaining data to the client.
273 Citations
18 Claims
-
1. A system for preventing unauthorized access of database systems, comprising:
-
a client computer configured to transmit a request for data;
a server computer configured to receive said request for data, to retrieve data from a column within a table of a database in response to said request for data, to transmit a portion of said retrieved data associated with information stored within a row of said column in response to a determination that a user of said client computer is authorized to access said row, and to discard a portion of said retrieved data associated with information stored within another row of said column in response to a determination that said user is unauthorized to access said other row. - View Dependent Claims (2, 3, 4)
-
-
5. A system for preventing unauthorized access of databases, comprising:
-
a client computer associated with a user;
a database configured to receive a query, to retrieve data stored in a column of a data table in said database based on said query, and to transmit said data; and
a server computer configured to receive said data, to determine whether said data is accessible to said user based on predefined security information stored in said server, to discard a portion of said data inaccessible to said user, and to transmit a remaining portion of said data to said client computer. - View Dependent Claims (6, 7, 8)
-
-
9. A system for preventing unauthorized access of databases, comprising:
-
a client computer associated with a user;
a database configured to receive a query, to retrieve data stored in a column of a data table in said database based on said query, and to transmit said data; and
a server computer configured to receive a request for data from said client computer and to receive said data, to determine whether said user is authorized to retrieve information within a first row and a second row within said column of said data table, to transmit said query to said database, and to restrict said query so that said server receives said information with said first row but does not receive said information within said second row in response to said query. - View Dependent Claims (10)
-
-
11. A system for preventing unauthorized access of database systems, comprising:
-
means for receiving a request for data from a client computer associated with a user;
means for retrieving data from a column within a table of a database in response to said request for data;
means for determining that said user is authorized to access information stored within a first row of said column and that said user is unauthorized to access information stored within a second row of said column;
means for transmitting a first portion of said retrieved data to said client computer in response to a determination by said determining means that said user is authorized to access information stored within said first row of said column, said first portion retrieved from said first row; and
means for discarding a second portion of said retrieved data in response to a determination by said determining means that said user is unauthorized to access information stored within said second row of said column, said second portion retrieved from said second row. - View Dependent Claims (12, 13, 14)
-
-
15. A method for preventing unauthorized access of database systems, comprising the
steps of: -
receiving a request for data from a client computer associated with a user;
retrieving data from a column within a table of a database in response to said request for data;
determining that said user is authorized to access information stored within a first row of said column;
determining that said user is unauthorized to access information stored within a second row of said column;
transmitting a first portion of said retrieved data to said client computer in response to a determination that said user is authorized to access information stored within said first row of said column, said first portion retrieved from said first row; and
discarding a second portion of said retrieved data in response to a determination that said user is unauthorized to access information stored within said second row of said column, said second portion retrieved from said second row. - View Dependent Claims (16, 17, 18)
-
Specification