System and method for verifying database security across multiple platforms
First Claim
Patent Images
1. A method for analyzing database security, said method comprising:
- connecting to one or more servers, wherein each server includes an instance, the instance including one or more databases, wherein at least one of the databases is selected from the group consisting of a database, a backup database, and a directory of databases;
selecting one of the databases;
identifying a user id, wherein the user id has access to the selected databases;
retrieving a permitted user id list corresponding to the selected database;
determining whether the user id is included in the permitted user id list, the determining further comprising;
identifying a violation message type wherein the violation message type is selected from the group consisting of a removed users check, a DB files and logs access check, and a DB backup files and logs access check; and
reporting the user id in response to the determining.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for verifying database security across multiple platforms is presented. Servers are queried to obtain a user id access list of a particular database, directory, or file. The user id access list is compared with a validated access list. A report file is generated that includes user id'"'"'s that have access to a database, directory, or file but do not have proper permission. The report file includes a submission of how to correct each security violation.
-
Citations
14 Claims
-
1. A method for analyzing database security, said method comprising:
-
connecting to one or more servers, wherein each server includes an instance, the instance including one or more databases, wherein at least one of the databases is selected from the group consisting of a database, a backup database, and a directory of databases;
selecting one of the databases;
identifying a user id, wherein the user id has access to the selected databases;
retrieving a permitted user id list corresponding to the selected database;
determining whether the user id is included in the permitted user id list, the determining further comprising;
identifying a violation message type wherein the violation message type is selected from the group consisting of a removed users check, a DB files and logs access check, and a DB backup files and logs access check; and
reporting the user id in response to the determining. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An information handling system comprising:
-
one or more processors;
a memory accessible by the processors;
one or more nonvolatile storage devices accessible by the processors; and
a database analysis tool to analyze database security, the database analysis tool including;
means for connecting to one or more servers, wherein each server includes an instance, the instance including one or more databases, wherein at least one of the databases is selected from the group consisting of a database, a backup database, and a directory of databases;
means for selecting one of the databases;
means for identifying a user id, wherein the user id has access to the selected databases;
means for retrieving a permitted user id list corresponding to the selected database;
means for determining whether the user id is included in the permitted user id list, the determining further comprising;
identifying a violation message type wherein the violation message type is selected from the group consisting of a removed users check, a DB files and logs access check, and a DB backup files and logs access chock; and
means for reporting the user id in response to the determining. - View Dependent Claims (7, 8, 9)
-
-
10. A computer program product stored in a computer operable media for analyzing database security, said computer program product comprising:
-
means for connecting to one or more servers, wherein each server includes an instance, the instance including one or more databases, wherein at least one of the databases is selected from the group consisting of a database, a backup database, and a directory of databases;
means for selecting one of the databases;
means for identifying a user id, wherein the user id has access to the selected databases;
means for retrieving a permitted user id list corresponding to the selected database;
means for determining whether the user id is included in the permitted user id list, the determining further comprising;
identifying a violation message type wherein the violation message type is selected from the group consisting of a removed users check, a DB files and logs access check, and a DB backup files and logs access check; and
means for reporting the user id in response to the determining. - View Dependent Claims (11, 12, 13, 14)
-
Specification