Database fine-grained access control

US 6,487,552 B1
Filed: 10/05/1998
Issued: 11/26/2002
Est. Priority Date: 10/05/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for accessing data within a database system, the method comprising the steps of:

storing values for a set of context attributes within the database system;

providing, within said database system, an attribute setting mechanism that selectively restricts access to said set of context attributes based on a policy, accessing data managed by the database system by performing the steps of;

executing a query that contains a reference to one or more of said context attributes; and

processing said query based on current values of said one or more of said context attributes.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and mechanism are provided for accessing data. Values are stored for a set of context attributes associated with a session between a database user and a database server. The database system includes an attribute setting mechanism that selectively restricts access to the set of context attributes based on a policy. During the session, the database server executes a query that contains a reference to one or more of the context attributes. For example, the query may contain a predicate that requires a comparison between a context attribute value and a constant. The database server processes the query based on current values of the one or more of the context attributes referenced in the query. A mechanism is also provided for dynamically attaching predicates to queries, where the predicates are attached based on a policy. For example, the database system detects that a query is issued against a database object. Prior to executing the query, a policy function associated with the database object is invoked. The policy function creates a modified query by selectively adding zero or more predicates to the query based on a policy associated with the database object. The modified query is then executed.

297 Citations

45 Claims

1. A method for accessing data within a database system, the method comprising the steps of:
- storing values for a set of context attributes within the database system;
  
  providing, within said database system, an attribute setting mechanism that selectively restricts access to said set of context attributes based on a policy, accessing data managed by the database system by performing the steps of;
  
  executing a query that contains a reference to one or more of said context attributes; and
  
  processing said query based on current values of said one or more of said context attributes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1 wherein:
3. The method of claim 2 wherein the step of storing values for a set of context attributes is performed by storing said values in a portion of server-side memory that is associated with said session.
4. The method of claim 1 further comprising the step of said attribute setting mechanism selectively setting values of context attributes that belong to said set of context attributes in response to messages from a database client.
5. The method of claim 1 wherein the step of providing an attribute setting mechanism includes providing a server-side attribute setting mechanism.
6. The method of claim 4 wherein the step of selectively setting values of context attributes includes:
- executing a stored procedure in response to a message from said database client, wherein said message requests that a particular context attribute be set to a particular value;
  
  said stored procedure determining whether said policy allows said database client to set said particular context attribute to said particular value; and
  
  if said policy allows said database client to set said particular context attribute to said particular value, then said stored procedure causing said particular context attribute to be set to said particular value.
7. The method of claim 6 wherein said stored procedure causes said particular context attribute to be set to a particular value by making a call to a routine provided by a database server.
8. The method of claim 7 wherein said routine verifies that said call is from said stored procedure prior to servicing said call.
9. The method of claim 8 wherein said routine verifies that said call is from said stored procedure by inspecting one or more call stacks.
10. The method of claim 1 wherein the step of executing a query that contains a reference to one or more of said context attributes includes executing a query that contains a predicate that contains a reference to a context attribute.
11. The method of claim 10 wherein said predicate requires a comparison between said context attribute and a value specified by an expression.
12. The method of claim 4 wherein the attribute setting mechanism selectively restricts access to said set of context attributes by preventing the database client from changing values associated with a first subset of said set of context attributes.
13. The method of claim 12 wherein a database server automatically sets the values associated with the context attributes that belong to said first subset.
14. The method of claim 4 wherein the attribute setting mechanism performs a database lookup to determine whether the database client is allowed to set a particular context attribute in said set of context attributes.
15. The method of claim 2 wherein the query requires a portion of work to be performed by a foreign database server, the method further comprising the steps of:
- said database server sending values for at least one of said context attributes to said foreign database server; and
  
  said foreign database server using said values of at least one of said context attributes to execute said portion of work.

16. A method for executing a query sent to a database server by a database client, the method comprising the steps of:
- detecting, within the database server, that the query is issued against a database object;
  
  prior to the database server executing said query, invoking a policy function associated with said database object;
  
  said policy function creating a modified query by selectively adding zero or more predicates to said query based on a policy associated with said database object; and
  
  executing, within said database server, said modified query to access data managed by said database server.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
- - 17. The method of claim 16 wherein:
18. The method of claim 16 wherein:
- the database server maintains values for a plurality of context attributes; and
  
  the step of adding zero or more predicates includes adding at least one predicate that references one or more of said plurality of context attributes.
19. The method of claim 16 wherein the policy function determines which predicates to add to said query based at least in part on whether the query modifies data associated with the database object.
20. The method of claim 16 further comprising the step of the policy function setting a context attribute value.
21. The method of claim 20 wherein:
- said database object is a view that accesses a particular table; and
  
  the context attribute value set by the policy function is set to indicate that the particular table is being accessed through the view.
22. The method of claim 17 wherein:
- the database object is a table;
  
  the query accesses the table through a view;
  
  a second policy function associated with said view sets a particular context attribute value to indicate that the table is being accessed through the view; and
  
  the policy function determines which predicates to add to said query based at least in part on said particular context attribute value.
23. The method of claim 17 further comprising the steps of:
- providing a server-side attribute setting mechanism that selectively restricts access to said plurality of context attributes based on a policy;
  
  said server-side attribute setting mechanism selectively setting values of context attributes that belong to said plurality of context attributes in response to messages from said database client.
24. The method of claim 16 wherein:
- the database object is a view that accesses a table; and
  
  the modified query is executed by;
  
  a second policy function associated with said table creating a second modified query by selectively adding zero or more predicates to said modified query based on a second policy associated with said table; and
  
  executing said second modified query.

25. A computer-readable medium carting one or more sequences of instructions for accessing data managed by a database system, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
- storing values for a set of context attributes within the database system;
  
  providing, within said database system, an attribute setting mechanism that selectively restricts access to said set of context attributes based on a policy, accessing data managed byte database system by performing the steps of;
  
  executing a query that contains a reference to one or more of said context attributes; and
  
  processing said query based on current values of said one or more of said context attributes.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 26. The computer-readable medium of claim 25 wherein:
27. The computer-readable medium of claim 26 wherein the step of selectively setting values of context attributes includes:
- executing a stored procedure in response to a message from said database client, wherein said message requests that a particular context attribute be set to a particular value;
  
  said stored procedure determining whether said policy allows said database client to set said particular context attribute to said particular value; and
  
  if said policy allows said database client to set said particular context attribute to said particular value, then said stored procedure causing said particular context attribute to be set to said particular value.
28. The computer-readable medium of claim 27 wherein said stored procedure causes said particular context attribute to be set to a particular value by making a call to a routine provided by the database server.
29. The computer-readable medium of claim 28 wherein said routine verifies that said call is from said stored procedure prior to servicing said call.
30. The computer-readable medium of claim 29 wherein said routine verifies that said call is from said stored procedure by inspecting one or more call stacks.
31. The computer-readable medium of claim 25 wherein the step of executing a query that contains a reference to one or more of said context attributes includes executing a query that contains a predicate that contains a reference to a context attribute.
32. The computer-readable medium of claim 31 wherein said predicate requires a comparison between said context attribute and a value specified by an expression.
33. The computer-readable medium of claim 26 wherein the server-side attribute setting mechanism selectively restricts access to said set of context attributes by preventing the database client from changing values associated with a first subset of said set of context attributes.
34. The computer-readable medium of claim 33 wherein the database server automatically sets the values associated with the context attributes that belong to said first subset.
35. The computer-readable medium of claim 26 wherein the server-side attribute setting mechanism performs a database lookup to determine whether the database client is allowed to set a particular context attribute in said set of context attributes.
36. The computer-readable medium of claim 25 wherein the query requires a portion of work to be performed by a foreign database server, the computer-readable medium further comprising instructions for performing the steps of:
- said database server sending values for at least one of said context attributes to said foreign database server; and
  
  said foreign database server using said values for at least one of said context attributes to execute said portion of work.

37. A computer-readable medium carrying one or more sequences of instructions for executing a query sent to a date server by a database client, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
- detecting, within the database server, that the query is issued against a database object;
  
  prior to the database server executing said query, invoking a policy function associated with said database object;
  
  said policy function creating a modified query by selectively adding zero or more predicates to said query based on a policy associated with said database object; and
  
  executing, within said database server, said modified query to access data managed by said database server.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45)
- - 38. The computer-readable medium of claim 37 wherein:
39. The computer-readable medium of claim 37 wherein:
- the database server maintains values for a plurality of context attributes; and
  
  the step of adding zero or more predicates includes adding at least one predicate that references one or more of said plurality of context attributes.
40. The computer-readable medium of claim 37 wherein the policy function determines which predicates to add to said query based at least in part on whether the query modifies data associated with the database object.
41. The computer-readable medium of claim 37 further comprising instructions for performing the step of the policy function setting a context attribute value.
42. The computer-readable medium of claim 41 wherein:
- said database object is a view that accesses a particular table; and
  
  the context attribute value set by the policy function is set to indicate that the particular table is being accessed through the view.
43. The computer-readable medium of claim 38 wherein:
- the database object is a table;
  
  the query accesses the table through a view;
  
  a second policy function associated with said view sets a particular context attribute value to indicate that the table is being accessed through the view; and
  
  the policy function determines which predicates to add to said query based at least in part on said particular context attribute value.
44. The computer-readable medium of claim 38 further comprising instructions for performing the steps of:
- providing a server-side attribute setting mechanism that selectively restricts access to said plurality of context attributes based on a policy;
  
  said server-side attribute setting mechanism selectively setting values of context attributes that belong to said plurality of context attributes in response to messages from said database client.
45. The computer-readable medium of claim 37 wherein:
- the database object is a view that accesses a table; and
  
  the modified query is executed by;
  
  a second policy function associated with said table creating a second modified query by selectively adding zero or more predicates to said modified query based on a second policy associated with said table; and
  
  executing said second modified query.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle Corporation
Inventors
Lei, Chon Hei, McMahon, Douglas James
Primary Examiner(s)
Kindred, Alford W.

Application Number

US09/167,092
Time in Patent Office

1,513 Days
Field of Search

707/1-10, 707/100-104, 707/200-206, 707/500, 707/526, 707/529, 707/530
US Class Current

1/1
CPC Class Codes

G06F 16/24575   using context

G06F 21/6227   where protection concerns t...

Y10S 707/955   Object-oriented

Y10S 707/966   Distributed

Y10S 707/99932   Access augmentation or opti...

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99934   Query formulation, input pr...

Y10S 707/99935   Query augmenting and refini...

Y10S 707/99939   Privileged access

Database fine-grained access control

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

297 Citations

45 Claims

Specification

Use Cases

Quick Links

Others

Database fine-grained access control

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

297 Citations

45 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others