Reactive audit protection in the database (RAPID)
First Claim
1. A method for proactively enforcing security in a computer system, the method comprising the computer-implemented steps of:
- storing a plurality of security modification rules for a system, wherein each security modification rule of the plurality of security modification rules is associated with a set of conditions;
receiving a command at the computer system;
analyzing the command to determine whether one or more audit rules are satisfied;
when the one or more audit rules are satisfied, determining whether one or more audit records need to be generated;
in response to determining that the one or more audit records need to be generated, generating the one or more audit records;
based on the one or more audit records, determining whether the set of conditions associated with any security modification rule has been satisfied; and
in response to determining that the set of conditions associated with a security modification rule of the plurality of security modification rules has been satisfied, performing an action, associated with the security modification rule, that modifies one or more security parameters associated with the system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for proactively enforcing security in a computer system is provided. A plurality of security modification rules is stored for a system. A set of conditions is associated with each security modification rule. Based on one or more audit records generated for the system, the system determines whether the set of conditions associated with any security modification rule has been satisfied. If the system determines that the set of conditions associated with a particular security modification rule has been satisfied, then the system performs an action that modifies one or more security parameters associated with the system, where the action is associated with the violated security modification rule.
39 Citations
64 Claims
-
1. A method for proactively enforcing security in a computer system, the method comprising the computer-implemented steps of:
-
storing a plurality of security modification rules for a system, wherein each security modification rule of the plurality of security modification rules is associated with a set of conditions; receiving a command at the computer system; analyzing the command to determine whether one or more audit rules are satisfied; when the one or more audit rules are satisfied, determining whether one or more audit records need to be generated; in response to determining that the one or more audit records need to be generated, generating the one or more audit records; based on the one or more audit records, determining whether the set of conditions associated with any security modification rule has been satisfied; and in response to determining that the set of conditions associated with a security modification rule of the plurality of security modification rules has been satisfied, performing an action, associated with the security modification rule, that modifies one or more security parameters associated with the system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. A method for integrating security rules and audit rules, the method comprising:
-
during operation of a system, detecting an attempt to execute an operation that is governed by a particular security rule; determining whether the particular security rule has been identified as a security rule for which audit records are automatically generated; and if the particular security rule has been identified as a security rule for which audit records are automatically generated, then generating an audit record in response to the attempt to execute the operation. - View Dependent Claims (53, 54, 55, 56, 57, 58)
-
-
59. A method for combining security rules and audit rules, the method comprising:
-
exposing an Application Programming Interface (API) through which users can specify security rules for a system; and receiving a call from the API, wherein the call indicates a security rule for the system and includes a parameter that indicates whether audit records should be generated by the system automatically in response to operations that are governed by the security rule. - View Dependent Claims (60, 61, 62, 63, 64)
-
Specification