Database application security

US 8,566,908 B2
Filed: 09/14/2012
Issued: 10/22/2013
Est. Priority Date: 12/28/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

authenticating, by a server, a user using a first authentication application;

granting, by the server, the user access to a second authentication application in response to successfully authenticating the user using the first authentication application and based on a first setting associated with the user, the second authentication application being associated with a secure database;

granting, by the server, using the second authentication application the user access to a database application associated with the secure database, the access of the user to the database application being based on a second setting associated with the user, the user being restricted from accessing the second setting, wherein the second authentication application filters database access commands for manipulating the secure database entered by the user based on a list of accepted database access commands included in the second setting associated with the user, wherein the second setting is an access right given to a group of users with a similar database need, wherein the access of the user to the database application is restricted to a specific function within the database application based on the second setting associated with the user; and

granting, by the server, the user access to the secure database using the second authentication application, the access of the user to the secure database being based on the second setting associated with the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method allows access to a set of secure databases and database applications over an untrusted network without replicating the secure database. The method involves authenticating a user using a first authentication application. When the user is verified, then the user'"'"'s credentials are directed to a second authentication application associated with a secure database based on a first set of user settings retrieved for the user. The second authentication application, based on a second set of user settings, grants the user access to the secure database and database applications associated with the secure database.

Citations

11 Claims

1. A method, comprising:
- authenticating, by a server, a user using a first authentication application;
  
  granting, by the server, the user access to a second authentication application in response to successfully authenticating the user using the first authentication application and based on a first setting associated with the user, the second authentication application being associated with a secure database;
  
  granting, by the server, using the second authentication application the user access to a database application associated with the secure database, the access of the user to the database application being based on a second setting associated with the user, the user being restricted from accessing the second setting, wherein the second authentication application filters database access commands for manipulating the secure database entered by the user based on a list of accepted database access commands included in the second setting associated with the user, wherein the second setting is an access right given to a group of users with a similar database need, wherein the access of the user to the database application is restricted to a specific function within the database application based on the second setting associated with the user; and
  
  granting, by the server, the user access to the secure database using the second authentication application, the access of the user to the secure database being based on the second setting associated with the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the access of the user is restricted to a portion of the secure database based on the second setting associated with the user.
  - 3. The method of claim 1, wherein the database application and authentication application are configured to operate on the server.
  - 4. The method of claim 1, wherein authenticating includes verifying the user using an identification and a password.
  - 5. The method of claim 1, further comprising exposing data accessed from the secure database to the user over an untrusted network.
  - 6. The method of claim 1, wherein the user is denied access to a second database application based on the second setting associated with the user.
  - 7. The method of claim 1, wherein the first setting is a setting associated with a group of users.
  - 8. The method of claim 1, wherein the allowing the user to access the secure database includes allowing the user to write directly to the secure database.
  - 9. The method of claim 1, wherein the allowing the user to access the secure database includes allowing the user to access the secure database using an application not associated with the secure database.

10. An apparatus, comprising:
- a hardware server, comprising;
  
  a first authentication application authenticating a user and for granting the user access to a second authentication application in response to successfully authenticating the user using the first authentication application and based on a first setting associated with the user, the second authentication application being associated with a secure database; and
  
  a second authentication application for granting the user access to a database application associated with the secure database, the access of the user to the database application being based on a second setting associated with the user, the user being restricted from accessing the second setting, for filtering database access commands for manipulating the secure database entered by the user based on a list of accepted database access commands included in the second user setting, wherein the second setting is an access right given to a group of users with a similar database need, wherein an access of the user to a selected database application is restricted to a specific function within the selected database application based on the second setting associated with the user, and for granting the user access to the secure database, the access of the user to the secure database being based on the second setting associated with the user.
- View Dependent Claims (11)
- - 11. The apparatus of claim 10, wherein the hardware server is disposed between the user and the secure database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Eslambolchi, Hossein, McCanuel, John, Morris, Michael, Shariati, Saeid, Aboujaoude, Roger
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
Jeudy, Josnel

Application Number

US13/619,895
Publication Number

US 20130014283A1
Time in Patent Office

403 Days
Field of Search

726 27- 30, 713168-174
US Class Current

726/2
CPC Class Codes

G06F 21/40 by quorum, i.e. whereby two...

Database application security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Database application security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links