Centralized mapping of security credentials for database access operations

US 6,934,706 B1
Filed: 03/22/2002
Issued: 08/23/2005
Est. Priority Date: 03/22/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method of facilitating access to one or more external databases from a database application, comprising:

pre-populating a credential database which relationally maps a user'"'"'s security credentials relative to said application with said user'"'"'s security credentials relative to each said external database;

determining when said user operates said application so as to require access to a given one of said external databases;

retrieving said user'"'"'s security credentials for said given external database from said credential database based on said user'"'"'s security credentials for said application; and

establishing a connection to said given external database using said retrieved security credentials in order to perform the requested database access.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An enterprise data integration product which facilitates access to one or more external or remote databases so as to provide integration from a central application. The product enables a user to pre-populate a credential database which stores the user'"'"'s security credentials for each of the remote databases to which access is desired. When the user requests access to a remote database, the product automatically retrieves the user'"'"'s security credentials for that database and establishes a connection thereto based on the retrieval credentials. In this manner, the product provides seamless access to the remote database while maintaining the user'"'"'s pre-ordained access restriction thereto.

Citations

12 Claims

1. A method of facilitating access to one or more external databases from a database application, comprising:
- pre-populating a credential database which relationally maps a user'"'"'s security credentials relative to said application with said user'"'"'s security credentials relative to each said external database;
  
  determining when said user operates said application so as to require access to a given one of said external databases;
  
  retrieving said user'"'"'s security credentials for said given external database from said credential database based on said user'"'"'s security credentials for said application; and
  
  establishing a connection to said given external database using said retrieved security credentials in order to perform the requested database access.
- View Dependent Claims (2, 3)
- - 2. The method according to claim 1, wherein said security credentials include one or more of a user name and password.
  - 3. The method according to claim 2, wherein said retrieval is based on a best match strategy.

4. A database access method, comprising:
- establishing one or more data links from an application to one or more external databases;
  
  providing a pre-populated database which relationally associates at least one credential employed in said application to identify a user with security credentials employed in each said external database to identify said user and said user'"'"'s scope of access; and
  
  in the event said user activates one of said data links, retrieving said user'"'"'s security credentials for the corresponding external database and executing an external database access call using said retrieved security credentials.
- View Dependent Claims (5, 6)
- - 5. The method according to claim 4, wherein said security credentials include a user name and password.
  - 6. The method according to claim 5, wherein said retrieval is based on a best match strategy.

7. A remote database access system comprising:
- a server engine for processing an application;
  
  an extension manager, interfacing with the server engine, for registering and monitoring events which require access to a remote database;
  
  an enterprise connection service, interfacing with the extension manager, for mapping data fields from the remote database to data fields employed in the application;
  
  said enterprise connection service also enabling a user to pre-populate a credentials database which stores the user'"'"'s security credentials relative to the remote database;
  
  a credential manager, initiated by the enterprise connection service, for looking up the user'"'"'s security credentials in the remote database;
  
  a connection broker for establishing a connection to the remote database using the security credentials received from the enterprise connection service; and
  
  a connector for translating database access requests between the application and the external database.
- View Dependent Claims (8, 9, 10)
- - 8. The system according to claim 7, wherein the fields are mapped using a forms-based interface.
  - 9. The system according to claim 8, wherein the security credential include a username and password.
  - 10. The system according to claim 8, wherein the credential manager employs a best match strategy for looking up the user'"'"'s security credentials.

11. A computer readable medium carrying software for facilitating access to one or more external databases from a database application, wherein said software:
- enables the pre-population of a credential database which relationally maps a user'"'"'s security credentials relative to said application with said user'"'"'s security credentials relative to each said external database;
  
  determines when said user operates said application so as to require access to a given one of said external databases;
  
  retrieves said user'"'"'s security credentials for said given external database from said credential database based on said user'"'"'s security credentials for said application; and
  
  establishes a connection to said given external database using said retrieved security credentials in order to perform the requested database access.

12. A computer-readable medium carrying software for:
- processing an application;
  
  registering and monitoring events which require access to a remote database;
  
  mapping data fields from the remote database to data fields employed in the application;
  
  enabling a user to pre-populate a credentials database which relationally maps the user'"'"'s security credentials relative to the remote database;
  
  looking up the user'"'"'s security credentials in the credentials database;
  
  establishing a connection to the remote database using the security credentials received from the credentials database; and
  
  translating database access requests between the application and the external database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Mancuso, Patrick Charles, Prager, Scott Howard
Primary Examiner(s)
Pardo, Thuy N.

Application Number

US10/104,999
Time in Patent Office

1,250 Days
Field of Search

707/3, 707/10, 707/9, 707/101, 707/102, 707/103, 707/104, 709/225, 709/227, 455/414.2, 713/165, 713/193, 705/50, 705/402
US Class Current

1/1
CPC Class Codes

G06F 16/972   Access to data in other rep...

G06F 21/41   where a single sign-on prov...

G06F 21/6218   to a system of files or obj...

Y10S 707/99939   Privileged access

Y10S 707/99942   Manipulating data structure...

Y10S 707/99943   Generating database or data...

Y10S 707/99945   Object-oriented database st...

Centralized mapping of security credentials for database access operations

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Centralized mapping of security credentials for database access operations

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links