System and method for restricting unauthorized access to a database
First Claim
Patent Images
1. A system for preventing unauthorized access of database systems, comprising:
- a client configured to transmit a user password;
a first server configured to establish a data session with said client and to receive said user password during said data session, said first server further configured to translate said user password into a different password during said data session by retrieving said different password from a password table based on said user password; and
a database configured to receive said different password from said first server during said data session and to connect to said first server based on said different password.
11 Assignments
0 Petitions
Accused Products
Abstract
A secure client/server system provides remote access to a database system without allowing unauthorized users to access data stored within the database system. A client computer (client) establishes communication with server computer (server) and transmits a user password to the server. The server receives the user password and translates the user password into an alias or different password. When the client submits a request for data contained in the database system, the server accesses a database system associated with the server using the alias password. The database system allows the server to access information within the database system based on the alias password. Since the database system recognizes the alias password instead of the user password, only attempts to access the database via the server (after passing the security measures in place at the server) should be successful.
-
Citations
23 Claims
-
1. A system for preventing unauthorized access of database systems, comprising:
-
a client configured to transmit a user password;
a first server configured to establish a data session with said client and to receive said user password during said data session, said first server further configured to translate said user password into a different password during said data session by retrieving said different password from a password table based on said user password; and
a database configured to receive said different password from said first server during said data session and to connect to said first server based on said different password. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
a remote server configured to receive said user password from said first server and to translate said user password into another password; and
a remote database configured to receive said other password from said remote server and to connect to said remote server based on said other password.
-
-
9. The system of claim 6, wherein said database requires a valid password to allow access to said information within said database.
-
10. The system of claim 7, wherein said server is configured to determine whether said request for data is authorized based on said user password and to transmit said request for data to said database in response to another determination that said request for data is authorized.
-
11. The system of claim 8, wherein said remote database allows said remote server to access information within said remote database based on said other password.
-
12. A system for preventing unauthorized access of database systems, comprising:
-
means for transmitting a user password and a request for data from a client computer to a server computer in a data session between said server computer and said client computer;
means for translating at said server computer said user password into a different password during said data session;
means for utilizing said different password to access a database associated with said server computer during said data session;
means for retrieving data from said database based on said request for data; and
means for transmitting said data to said client computer during said data session. - View Dependent Claims (13, 14, 15, 16, 17)
means for identifying a user of said client computer based on said user password; and
means for identifying said user of said client computer based on said different password.
-
-
14. The system of claim 12, further comprising:
-
means for transmitting said user password from said server computer to a remote server computer;
means for translating said user password into another password; and
means for utilizing said other password to access said remote database.
-
-
15. The system of claim 12, further comprising a means for determining whether a current user of said client computer is authorized to retrieve said data based on said different password, wherein said retrieving means retrieves said data in response to a determination that said current user of said client is authorized to retrieve said data.
-
16. The system of claim 15, further comprising:
-
means for deciding whether said user is authorized to access information within said database based on said user password; and
means for accessing said database in response to a determination that said user is authorized to access said information within said database.
-
-
17. The system of claim 16, wherein said client computer is remotely located from said server computer.
-
18. A method for preventing unauthorized access of database systems, comprising the steps of:
-
transmitting a user password from a client computer to a server computer in a data session between said client computer and said server computer;
translating, via said server computer, said user password into a different password during said data session;
utilizing said different password to authorize said server computer to access a database associated with said server computer during said data session;
retrieving data from said database; and
transmitting said data from said server computer to said client computer during said data session. - View Dependent Claims (19, 20, 21, 22, 23)
identifying a user of said client computer based on said user password; and
identifying said user of said client computer based on said different password.
-
-
20. The method of claim 18, further comprising the steps of:
-
transmitting said user password from said server computer to a remote server computer;
translating said user password into another password; and
utilizing said other password to access said remote database.
-
-
21. The method of claim 18, further comprising the step of determining whether a current user of said client computer is authorized to retrieve said data based on said different password, wherein said retrieving step is in response to a determination that said current user of said client is authorized to retrieve said data.
-
22. The method of claim 21, further comprising the step of:
-
deciding whether said user is authorized to access information within said database based on said user password; and
accessing said database in response to a determination that said user is authorized to access said information within said database.
-
-
23. The method of claim 22, wherein said client computer is remotely located from said server computer.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeLiberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
-
Original AssigneeFiware Incorporated (American Express Company)
-
InventorsGarrison, Greg B.
-
Primary Examiner(s)Wright, Norman M.
-
Assistant Examiner(s)REVAK, CHRISTOPHER A
-
Application NumberUS09/146,411Publication NumberTime in Patent Office1,342 DaysField of Search713/202, 713/201, 713/200, 707/9, 711/164, 709/217, 709/218, 709/219US Class Current726/6CPC Class CodesG06F 21/6218 to a system of files or obj...G06F 2211/007 Encryption, En-/decode, En-...
