Database system and method with assigned locks

US 7,558,794 B2
Filed: 03/24/2004
Issued: 07/07/2009
Est. Priority Date: 03/24/2004
Status: Active Grant

First Claim

Patent Images

1. A method for authorizing access to a human resources database implemented on a computer-readable medium, comprising:

acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;

detecting, by a computer, whether a second query for a second set of database records is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organization;

examining, after detecting the second query for the second set of database records which is submitted by the second user, an employee number associated with the second set of database records submitted in the second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;

denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;

determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user;

denying the lock to the second user if the lock is acquired by the first user;

granting the lock to the second user if the lock is not acquired by the first user; and

informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for handling database locks includes detecting a new query from an administrator for a set of database records. Next, it is determined whether the administrator has any chance of being authorized to acquire a new lock. If so, an attempt is made to acquire the new lock and, on the failure to acquire, the administrator is informed that the lock has already been acquired by a prior administrator. Optionally, the new administrator is also provided with identifying information of the prior administrator and contact information for the prior administrator. The new administrator is therefore pre-screened to determine whether there is any chance to acquire a new lock to reduce the chance that an unauthorized new administrator could lock the set of database records. Also, should the new administrator be authorized but not able to access the set of database records due to a prior lock, the new administrator can be informed of the identity and contact information concerning the holder of the prior lock.

15 Citations

View as Search Results

28 Claims

1. A method for authorizing access to a human resources database implemented on a computer-readable medium, comprising:
- acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;
  
  detecting, by a computer, whether a second query for a second set of database records is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organization;
  
  examining, after detecting the second query for the second set of database records which is submitted by the second user, an employee number associated with the second set of database records submitted in the second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;
  
  denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;
  
  determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user;
  
  denying the lock to the second user if the lock is acquired by the first user;
  
  granting the lock to the second user if the lock is not acquired by the first user; and
  
  informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as recited in claim 1 further comprising permitting access to the second set of database records if the second user is authorized.
  - 3. The method as recited in claim 1 further comprising releasing the lock after the first user has checked out from the first set of database records.
  - 4. The method as recited in claim 1 wherein determining whether the second user is authorized further includes determining whether the second user has write authorization for the set of database records.
  - 5. The method as recited in claim 1 wherein determining whether the second user is authorized further includes determining whether the second user has a maximum database access authorization.
  - 6. The method as recited in claim 1 wherein determining whether the second user is authorized includes determining whether the second user is organizationally authorized.
  - 7. The method as recited in claim 1 wherein determining whether the second user is authorized includes determining includes whether the second user is currently authorized.

8. A computer-readable medium storing program instructions for performing a method of authorizing access to a human resources database, the method comprising:
- acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;
  
  detecting, by a computer, whether a second query for a second set of database records which is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organization;
  
  examining, after detecting the second query for the second set of database records is submitted by the second user, an employee number associated with the second set of database records submitted in the second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;
  
  denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;
  
  determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user;
  
  denying the new lock to the second user if the lock is acquired by the first user;
  
  granting the lock to the second user if the lock is not acquired by the first user; and
  
  informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The computer-readable medium as recited in claim 8 further comprising permitting access to the second set of database records if the second user is authorized.
  - 10. The computer-readable medium as recited in claim 9 further comprising releasing the lock after the first user has checked out from the first set of database records.
  - 11. The computer-readable medium as recited in claim 8 wherein determining whether the second user is authorized includes determining whether the second user has write authorization for the second set of database records.
  - 12. The computer-readable medium as recited in claim 8 wherein determining whether the second user is authorized includes determining whether the second user has a maximum database access authorization.
  - 13. The computer-readable medium as recited in claim 8 wherein the second user has a conflict of interest when the second set of database records personally pertain to the second user.
  - 14. The computer-readable medium as recited in claim 8 wherein determining whether the second user is authorized includes determining whether the second user is organizationally authorized.
  - 15. The computer-readable medium as recited in claim 8 wherein determining whether the second user is authorized includes determining whether the second user is currently authorized.

16. A database system implemented on a computer-readable medium authorizing access to a human resources database, comprising:
- a processor;
  
  a memory storing instructions executable by the processor, the instructions comprising;
  
  means for acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;
  
  means for detecting, by a computer, whether a second query for a second set of database records is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organizationmeans for examining, after detecting the second query for the second set of database records which is submitted by the second user, an employee number associated with the second set of database records submitted in the second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;
  
  means for denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;
  
  means for determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user;
  
  means for denying the lock to the second user if the lock is acquired by the first user;
  
  means for granting the lock to the second user if the lock is not acquired by the first user; and
  
  means for informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.
- View Dependent Claims (17)
- - 17. The database system as recited in claim 16 further comprising means for permitting access to the second set of database records if the second user is authorized.

18. A method for making a preliminary determination of whether a second user has authorization to access a second set of database records implemented on a computer-readable medium, comprising:
- acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;
  
  detecting, by a computer, whether a second query for the second set of database records is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organization;
  
  examining, after detecting the second query for the second set of database records which is submitted by the second user, an employee number associated with the second set of database records submitted in the second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;
  
  denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;
  
  determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user, and whether the user is authorized to access the second set of database records based on at least one of (a) write authorization and (b) a lack of conflict of interest;
  
  denying the lock to the second user if the lock is acquired by the first user;
  
  granting the lock to the second user if the lock is not acquired by the first user; and
  
  informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The method of claim 18, further comprising:
    - setting the lock or making an attempt to set the lock if the second user is authorized.
  - 20. The method of claim 18, wherein determining whether the user is authorized to access the second set of database records further includes determining whether the second user has a maximum database access authorization.
  - 21. The method of claim 18, wherein determining whether the second user has a conflict of interest includes determining whether the second set of database records personally pertain to the second user.
  - 22. The method of claim 18, further comprising:
    - determining, when the employee number associated with the set of database records matches the employee number of the second user, whether the second set of database records comprise critical or non-critical information; and
      
      wherein the second user is not authorized when the second set of database records comprise critical information.
  - 23. The method of claim 22, wherein the critical information comprises pay records of the second user.

24. A method for determining whether a user has authorization to access a set of database records, comprising:
- acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;
  
  detecting, by a computer, whether a second query for a second set of database records which is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organization;
  
  examining, after detecting the second query for the second set of database records is submitted by the second user, an employee number associated with the second set of database records submitted in the second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;
  
  denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;
  
  determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user, and whether the second user is authorized to acquire the lock for the second set of database records based on the employee number of the second user and, when the employee number associated with the second set of database records matches an identifier of the second user, whether the second set of database records comprise critical or non-critical information;
  
  denying the lock to the second user if the lock is acquired by the first user;
  
  granting the lock to the second user if the lock is not acquired by the first user; and
  
  informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.
- View Dependent Claims (25, 26)
- - 25. The method of claim 24, wherein the second user is not authorized when the second set of database records comprise critical information.
  - 26. The method of claim 25, wherein the critical information comprises pay records of the second user.

27. A method for authorizing access to a human resources database, comprising:
- acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;
  
  detecting, by a computer, whether a second query for a second set of database records is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organization;
  
  examining, after detecting the second query for the second set of database records which is submitted by the second user, an employee number associated with the second set of database records submitted in the second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;
  
  denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;
  
  determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user, and whether the second user is authorized to access the second set of database records on the second set of database records, the second user being authorized if the second user does not have a conflict of interest with respect to the second set of database records, wherein the second user does not have a conflict of interest when the employee number associated with the second set of database records does not match the employee number associated with the second user;
  
  denying the lock to the second user if the lock is acquired by the first user;
  
  granting the lock to the second user if the lock is not acquired by the first user; and
  
  informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.

28. A method for authorizing access to a human resources database, comprising:
- acquiring a lock after a first query is submitted by a first user, the first query relating to a first set of database records;
  
  detecting, by a computer, whether a second query for a second set of database records is submitted by a second user, the second set of database records associating with the first set of database records, wherein the second user is associated with a level of an organization;
  
  examining, after detecting the second query for the second set of database records is submitted by the second user, an employee number associated with the second set of database records submitted in the new second query and an employee number associated with the second user to determine if the second user is authorized to access the second set of database records;
  
  denying the second user from accessing the second set of database records if the employee number associating with the second set of database records submitted in the second query matches the employee number associated with the second user;
  
  determining, if the employee number associating with the second set of database records submitted in the second query differs from the employee number associated with the second user, whether the lock is acquired by the first user, whether the second user that submitted the query is authorized to access the second set of database records, wherein the second user is authorized if the second user does not have a conflict of interest when the second set of database records do not personally pertain to the second user;
  
  denying the lock if the second user is not authorized;
  
  granting the lock to the second user if the lock is not acquired by the first user; and
  
  informing, after denying to grant the lock to the second user, the second user with information relating to the identification of the first user, in accordance with the level of the second user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP AG (SAP SE)
Inventors
Volker, Paul, Klein, Udo
Primary Examiner(s)
PANNALA, SATHYANARAYA R

Application Number

US10/808,671
Publication Number

US 20050216463A1
Time in Patent Office

1,931 Days
Field of Search

707/2, 707 8- 9, 707/201, 707/203, 707100-102, 707/103.R, 709/224
US Class Current

1/1
CPC Class Codes

G06F 16/2343   Locking methods, e.g. distr...

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99939   Privileged access

Database system and method with assigned locks

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Database system and method with assigned locks

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others