Database application security

US 8,307,406 B1
Filed: 12/28/2005
Issued: 11/06/2012
Est. Priority Date: 12/28/2005
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

authenticating a user using a first authentication application;

granting the user access to a second authentication application in response to successfully authenticating the user using the first authentication application and based on first settings associated with the user, the second authentication application being associated with a secure database;

granting using the second authentication application the user access to a database application associated with the secure database, the access of the user to the database application being based on second settings associated with the user, the user being restricted from accessing the second settings, wherein the second authentication application filters database access commands for manipulating the secure database entered by the user based on a list of accepted database access commands included in the second settings associated with the user, wherein the second settings are access rights given to a group of users with similar database needs, wherein the access of the user to the database application is restricted to specific functions within the database application based on the second settings associated with the user; and

granting the user access to the secure database using the second authentication application, the access of the user to the secure database being based on the second settings associated with the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method allows access to a set of secure databases and database applications over an untrusted network without replicating the secure database. The method involves authenticating a user using a first authentication application. When the user is verified, then the user'"'"'s credentials are directed to a second authentication application associated with a secure database based on a first set of user settings retrieved for the user. The second authentication application, based on a second set of user settings, grants the user access to the secure database and database applications associated with the secure database.

53 Citations

View as Search Results

11 Claims

1. A method, comprising:
- authenticating a user using a first authentication application;
  
  granting the user access to a second authentication application in response to successfully authenticating the user using the first authentication application and based on first settings associated with the user, the second authentication application being associated with a secure database;
  
  granting using the second authentication application the user access to a database application associated with the secure database, the access of the user to the database application being based on second settings associated with the user, the user being restricted from accessing the second settings, wherein the second authentication application filters database access commands for manipulating the secure database entered by the user based on a list of accepted database access commands included in the second settings associated with the user, wherein the second settings are access rights given to a group of users with similar database needs, wherein the access of the user to the database application is restricted to specific functions within the database application based on the second settings associated with the user; and
  
  granting the user access to the secure database using the second authentication application, the access of the user to the secure database being based on the second settings associated with the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the access of the user is restricted to a portion of the secure database based on the second settings associated with the user.
  - 3. The method of claim 1, wherein the database application and authentication application are configured to operate on a database server.
  - 4. The method of claim 1, wherein authenticating includes verifying the user using an identification and a password.
  - 5. The method of claim 1, further comprising exposing data accessed from the secure database to the user over an untrusted network.
  - 6. The method of claim 1, wherein the user is denied access to a second database application based on the second settings associated with the user.
  - 7. The method of claim 1, wherein the first settings are settings associated with a group of users.
  - 8. The method of claim 1, wherein the allowing the user to access the secure database includes allowing the user to write directly to the secure database.
  - 9. The method of claim 1, wherein the allowing the user to access the secure database includes allowing the user to access the secure database using an application not associated with the secure database.

10. An apparatus comprising:
- a database hardware server, comprising;
  
  a first authentication application for authenticating a user and for granting the user access to a second authentication application in response to successfully authenticating the user using the first authentication application and based on first settings associated with the user, the second authentication application being associated with a secure database; and
  
  a second authentication application for granting the user access to a database application associated with the secure database, the access of the user to the database application being based on second settings associated with the user, the user being restricted from accessing the second settings, for filtering database access commands for manipulating the secure database entered by the user based on a list of accepted database access commands included in the second set of user settings, wherein the second settings are access rights given to a group of users with similar database needs, wherein an access of the user to a selected database application is restricted to specific functions within the selected database application based on the second settings associated with the user, and for granting the user access to the secure database, the access of the user to the secure database being based on the second settings associated with the user.
- View Dependent Claims (11)
- - 11. The apparatus of claim 10, wherein the database hardware server is disposed between the user and the secure database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property II LP (AT&T, Inc.)
Inventors
Aboujaoude, Roger, Eslambolchi, Hossein, McCanuel, John, Morris, Michael, Shariati, Saeid
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
Jeudy, Josnel

Application Number

US11/319,182
Time in Patent Office

2,505 Days
Field of Search

713168-174, 713182-186, 713/202, 713155-159, 709/229, 709/225, 709/217, 709/219, 726 1- 8, 726 27- 30, 707 9- 10
US Class Current

726/2
CPC Class Codes

G06F 21/40 by quorum, i.e. whereby two...

Database application security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

53 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Database application security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links