Secured database system with built-in antivirus protection

US 8,793,797 B2
Filed: 11/10/2010
Issued: 07/29/2014
Est. Priority Date: 01/18/2006
Status: Active Grant

First Claim

Patent Images

1. In a database system, a method for providing protection against storage of a computer virus by the database system, the method comprising:

specifying, within a schema of a database of the database system, one or more columns of the database that are to be tested using a virus definition for detecting the computer virus;

receiving an SQL statement specifying Storage of data in the database;

andduring execution of an execution plan for executing operations on the database resolve the SQL statement, testing, on a per column basis, at least a portion of the data to detect the computer virus using the virus definition, wherein, the data is selected for testing based on the SQL statement specifying storage of the data in the one or more columns of the database that are specified to be tested.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secured database system with built-in antivirus protection is described. In one embodiment, for example, a method of the present invention is described for securing a database system, the method comprises steps of: provisioning storage from a storage device, for storing database information; generating an encryption key so that the database information is stored on the storage device in an encrypted manner; generating a decryption key for decrypting the database information stored on the storage device, wherein access to the decryption key is controlled by the database system based on user privileges; receiving a request from a user for access to the database information; determining whether the user has been granted sufficient privileges to access the database information; if the user has been granted sufficient privileges, automatically decrypting the database information to provide the access; and otherwise denying the request if the user has not been granted sufficient privileges.

31 Citations

View as Search Results

15 Claims

1. In a database system, a method for providing protection against storage of a computer virus by the database system, the method comprising:
- specifying, within a schema of a database of the database system, one or more columns of the database that are to be tested using a virus definition for detecting the computer virus;
  
  receiving an SQL statement specifying Storage of data in the database;
  
  andduring execution of an execution plan for executing operations on the database resolve the SQL statement, testing, on a per column basis, at least a portion of the data to detect the computer virus using the virus definition, wherein, the data is selected for testing based on the SQL statement specifying storage of the data in the one or more columns of the database that are specified to be tested.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the data comprises binary data.
  - 3. The method of claim 1, wherein the data comprises at least one of image data, document data, and blob data.
  - 4. The method of claim 1, wherein the computer virus comprises any malicious program code.
  - 5. The method of claim 1, wherein the receiving comprises:
    - determining that the SQL statement specifies a database transaction; and
      
      aborting the database transaction upon a detection of the presence of the computer virus in the data based on the testing.
  - 6. The method of claim 1, further comprising:
    - providing a secured file system under control of the database system, so that database information is stored on a disk in an encrypted form; and
      
      providing access to the database information by automatically decrypting the database information only for authorized users.
  - 7. The method of claim 1, wherein during the execution of the execution plan, the testing comprises:
    - testing a first portion of the data that is specified for storage in one or more of the columns of the database specified to be tested, and not testing a second portion of the data specified for storage in one or more columns of the database not specified to be tested.
  - 8. The method of claim 1, wherein the specifying comprises:
    - specifying the one or more columns of the database to be tested, wherein the database includes one or more additional columns that are not specified to be tested.
  - 9. The method of claim 1, wherein the specifying comprises:
    - specifying, within the schema of the database, one or more columns of the database that are to be tested for detecting a plurality of viruses using a plurality of virus definitions, wherein each specified column is to be tested for at least one of the plurality of viruses.

10. A database system providing protection against storage of a computer virus, the system comprising:
- a database configured to store particular data in response to an SQL statement, wherein a schema of the database includes one or more columns specified to be tested using a virus definition for detecting the computer virus;
  
  an execution unit configured to carry out database operations for executing the SQL statement; and
  
  a module, operable in conjunction with the execution unit, configured to detect presence of the computer virus in the data based on testing a first portion of the data before being accepted for storage in the database, wherein the first portion of the data is designated for storage in one or more of the columns of the database specified to be tested, and wherein a second portion of the data is untested and designated for storage in one or more columns of the database not specified to be tested.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10, wherein the data comprises binary data.
  - 12. The system of claim 10, wherein the data comprises at least one of image data, document data, and blob data.
  - 13. The system of claim 10, wherein the computer virus comprises any malicious program code.
  - 14. The system of claim 10, wherein the SQL statement specifies a database transaction, and wherein the database system aborts the database transaction upon detecting a presence of the computer virus in the first portion of the data.
  - 15. The system of claim 10, further comprising:
    - a secured file system configured to operate under control of the database system, the secured file system configured toautomatically encrypt database information stored to the database, and automatically decrypt database information retrieved from the database by authorized users.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sybase Incorporated (SAP SE)
Original Assignee
Sybase Incorporated (SAP SE)
Inventors
Meenakshisundaram, Sethu
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Pan, Peiliang

Application Number

US12/926,340
Publication Number

US 20110225430A1
Time in Patent Office

1,357 Days
Field of Search

726 22- 24, 726 26- 27, 380/26, 713188-189, 707/803, 707/807, 707/809
US Class Current

726/24
CPC Class Codes

G06F 12/1483   using an access-table, e.g....

G06F 21/562   Static detection

G06F 21/62   Protecting access to data v...

G06F 21/78   to assure secure storage of...

Secured database system with built-in antivirus protection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Secured database system with built-in antivirus protection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links