Remote container
First Claim
1. A method comprising:
- receiving, by a computer, data to be inserted into a container data field of a relational database, the data including content being associated with a first access privilege;
encrypting, by the computer, the data using an encryption key that is specific to the container data field;
storing, by the computer, the encrypted data in a database file on a file system specified for the container data field, the database file being external to other database files storing data of other data fields of the relational database, the file system being associated with a second access privilege, wherein storing the encrypted data comprises;
identifying existing data that are stored in an existing database file, the existing database file referenced by an existing remote container;
determining that the existing data are identical to the received data; and
upon the determining, incrementing a reference count of the existing remote container;
storing, by the computer, a reference to the database file and the encryption key in a remote container; and
associating, by the computer, the existing remote container with the container data field, wherein a user'"'"'s access to content in the data is limited based on association of the existing remote container and the container data field.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, program products, and systems implementing remote container techniques are disclosed. A relational database can include a container data field, which can be a data field for storing multimedia data. In one aspect, when the multimedia data are inserted into the container field, the multimedia data can be stored in one or more remote database files. The remote database files can be located separately from other data of the relational database and remotely from a client computer accessing the relational database. Corresponding data structures, or remote containers, can be configured to store metadata of the database files. References to the remote containers can be stored as values of the container data field. Using various encryption techniques, the remote database files can be given same access restrictions as access restrictions of the container data field, even when the remote database files are stored as flat files.
17 Citations
29 Claims
-
1. A method comprising:
-
receiving, by a computer, data to be inserted into a container data field of a relational database, the data including content being associated with a first access privilege; encrypting, by the computer, the data using an encryption key that is specific to the container data field; storing, by the computer, the encrypted data in a database file on a file system specified for the container data field, the database file being external to other database files storing data of other data fields of the relational database, the file system being associated with a second access privilege, wherein storing the encrypted data comprises; identifying existing data that are stored in an existing database file, the existing database file referenced by an existing remote container; determining that the existing data are identical to the received data; and upon the determining, incrementing a reference count of the existing remote container; storing, by the computer, a reference to the database file and the encryption key in a remote container; and associating, by the computer, the existing remote container with the container data field, wherein a user'"'"'s access to content in the data is limited based on association of the existing remote container and the container data field. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
one or more processors; and a non-transitory storage device storing a computer program product, the computer program product being executed to cause the one or more processors to perform operations comprising; receiving data to be inserted into a container data field of a relational database, the data including content being associated with a first access privilege; encrypting the data using an encryption key that is specific to the container data field; storing the encrypted data in a database file on a file system specified for the container data field, the database file being external to other database files storing data of other data fields of the relational database, the file system being associated with a second access privilege; storing a reference to the database file and the encryption key in a remote container; associating the remote container with the container data field; storing the remote container in a container repository together with an embedded container; and storing an identifier of the remote container as a value of the container data field, wherein a user'"'"'s access to content in the data is limited based on association of the remote container and the container data field. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory storage device storing a computer program product stored on a storage device, the computer program product being executed operable to cause one or more processors that are in communication with the non-transitory storage device to perform operations comprising:
-
a. receiving data to be inserted into a container data field of a relational database, the data including content being associated with a first access privilege; b. encrypting the data using an encryption key that is specific to the container data field; c. storing the encrypted data in a database file on a file system specified for the container data field, the database file being external to other database files storing data of other data fields of the relational database, the file system being associated with a second access privilege, wherein storing the encrypted data comprises; i. creating a subdirectory on the file system specified for the container data field according to a random distribution calculated base at least in part on the data; and
storing the database file in the subdirectory;ii. storing a reference to the database file and the encryption key in a remote container; and iii. associating the remote container with the container data field, wherein a user'"'"'s access to content in the data is limited based on association of the existing remote container and the container data field. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
Specification