Speculative database authentication

US 8,903,951 B2
Filed: 07/12/2011
Issued: 12/02/2014
Est. Priority Date: 07/12/2011
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable medium comprising instructions, the instructions operable when executed by a processor to:

receive a connection request from a database client;

establish a transport layer connection with the database client;

send, by the connection, a first group of messages to the database client, wherein the first group of messages comprises a handshake message, an authentication acknowledgement message, and a hash acknowledgement message;

receive, by the connection, a second group of messages from the database client, wherein the second group of messages comprises an authentication message and a hash message;

send, by the connection, a database connection acknowledgment message to the database client; and

before processing any database queries received from the database client, determine whether the database client is authorized to submit database queries and, if the database client is not authorized, send a database connection termination message to the database client.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Speculative processing of authentication messages may include transmitting a first series of simultaneous messages to a database client, the first series of simultaneous messages including a handshake message and a first authentication acknowledgement message, receiving a second series of simultaneous messages from the database client, the second series of simultaneous messages including an authentication message and a database message, and transmitting a database acknowledgment message to the database client. In some implementations, the second series of simultaneous messages is received from the database client substantially without delay after the transmission of the first series of simultaneous messages.

Citations

15 Claims

1. A non-transitory computer readable medium comprising instructions, the instructions operable when executed by a processor to:
- receive a connection request from a database client;
  
  establish a transport layer connection with the database client;
  
  send, by the connection, a first group of messages to the database client, wherein the first group of messages comprises a handshake message, an authentication acknowledgement message, and a hash acknowledgement message;
  
  receive, by the connection, a second group of messages from the database client, wherein the second group of messages comprises an authentication message and a hash message;
  
  send, by the connection, a database connection acknowledgment message to the database client; and
  
  before processing any database queries received from the database client, determine whether the database client is authorized to submit database queries and, if the database client is not authorized, send a database connection termination message to the database client.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The non-transitory computer readable medium of claim 1, the instructions further operable when executed by a processor to receive a database message from the database client, wherein the database message is a select database message and the database acknowledgement message is a select database acknowledgement message.
  - 3. The non-transitory computer readable medium of claim 1, wherein the second group of messages is received from the database client substantially without delay after the first group of messages are sent.
  - 4. The non-transitory computer readable medium of claim 1, wherein the database acknowledgement message to the database client is sent substantially without delay after receiving the second group of messages.
  - 5. The non-transitory computer readable medium of claim 1, wherein the instructions are further operable when executed by the processor to:
    - receive a database query from the database client;
      
      forward the database query to the database server;
      
      receive database results corresponding the database query from the database server; and
      
      forward the database results to the database client.

6. A apparatus, comprising:
- an interface operable to communicate authentication messages;
  
  a memory operable to store authentication messages;
  
  a processor communicatively coupled to the interface and the memory, the processor operable to;
  
  receive a connection request from a database client;
  
  establish a transport layer connection with the database client;
  
  send, by the connection, a first group of messages to the database client, wherein the first group of messages comprises a handshake message, an authentication acknowledgement message, and a hash acknowledgement message;
  
  receive, by the connection, a second group of messages from the database client, wherein the second group of messages comprises an authentication message and a hash message;
  
  send, by the connection, a database connection acknowledgement message to the database client; and
  
  before processing any database queries received from the database client, determine whether the database client is authorized to submit database queries and, if the database client is not authorized, send a database connection termination message to the database client.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The apparatus of claim 6, the processor further operable to receive a database message from the database client, wherein the database message is a select database message and the database acknowledgement message is a select database acknowledgement message.
  - 8. The apparatus of claim 6, wherein the second group of messages is received from the database client substantially without delay after the first group of messages are sent.
  - 9. The apparatus of claim 6, wherein the database acknowledgement message to the database client is sent substantially without delay after receiving the second group of messages.
  - 10. The apparatus of claim 6, wherein the instructions are further operable when executed by the processor to:
    - receive a database query from the database client;
      
      forward the database query to the database server;
      
      receive database results corresponding the database query from the database server; and
      
      forward the database results to the database client.

11. A method, comprising:
- receiving a connection request from a database client;
  
  establishing a transport layer connection with the database client;
  
  sending, by the connection, a first group of messages to the database client, wherein the first group of messages comprises a handshake message, an authentication acknowledgement message, and a hash acknowledgement message;
  
  receiving, by the connection, a second group of messages from the database client, wherein the second group of messages comprises an authentication message and a hash message;
  
  sending, by the connection, a database connection acknowledgement message to the database client; and
  
  before processing any database queries received from the database client, determine whether the database client is authorized to submit database queries and, if the database client is not authorized, send a database connection termination message to the database client.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11, further comprising receiving a database message from the database client, wherein the database message is a select database message and the database acknowledgement message is a select database acknowledgement message.
  - 13. The method of claim 11, wherein the second group of messages is received from the database client substantially without delay after the first group of messages are sent.
  - 14. The method of claim 11, wherein the database acknowledgement message to the database client is sent substantially without delay after receiving the second group of messages.
  - 15. The method of claim 11, wherein the instructions are further operable when executed by the processor to:
    - receive a database query from the database client;
      
      forward the database query to the database server;
      
      receive database results corresponding the database query from the database server; and
      
      forward the database results to the database client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Peek, Daniel Nota
Primary Examiner(s)
Mirza, Adnan

Application Number

US13/181,405
Publication Number

US 20130018989A1
Time in Patent Office

1,239 Days
Field of Search

709/219, 709/223, 709/224, 709/225
US Class Current

709/219
CPC Class Codes

H04L 63/0884 by delegation of authentica...

H04L 63/1441 Countermeasures against mal...

Speculative database authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Speculative database authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links