Systems and methods for secure access of data
First Claim
1. A computer-implemented method comprising:
- receiving a query at a first computer system;
using a portion of the received query to access non-sensitive data stored at a second computer system, remotely separated from the first computer system, which relates to a response to the received query;
generating the response to the received query using the non-sensitive data accessed from the second computer system and using another portion of the received query to access sensitive data that is stored locally at the first computer system; and
sending the response as a reply to the received query,wherein data stored in the first computer system and data stored in the second computer system collectively define a star schema, wherein one or more dimension tables of the star schema comprise data stored in the first computer system and a fact table of the star schema comprise data stored in the second computer system; and
wherein the fact table includes a first column of surrogate values, wherein the first column of the fact table is associated with a first column in a first dimension table, wherein the first column in the first dimension table includes said surrogate values, the first dimension table comprising a second column comprising actual values corresponding to the surrogate values;
wherein the received query is an SQL query specifying at least a first column in a first table stored in the first computer system and at least a second column in a second table stored on the second computer system, wherein accessing the non-sensitive data includes generating a derived SQL query specifying the one or more columns in the second table and one or more third columns in the first table.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment the present invention includes a computer-implemented method comprising receiving a first query in a local computer system to access data stored on a remote computer system the local computer system. Data elements of the remote data are associated with data elements of the local data. The query is transformed into multiple queries. A second query is sent to the remote computer system to retrieve remote data. A first data result is received and stored on the local computer system and incorporated into a third query. The third query is executed against the local data and the first data result to produce a result. Sensitive data may be stored locally in a dimension table of a star schema and non-sensitive data may be stored remotely in a fact table and another dimension table of the star schema, for example.
-
Citations
11 Claims
-
1. A computer-implemented method comprising:
-
receiving a query at a first computer system; using a portion of the received query to access non-sensitive data stored at a second computer system, remotely separated from the first computer system, which relates to a response to the received query; generating the response to the received query using the non-sensitive data accessed from the second computer system and using another portion of the received query to access sensitive data that is stored locally at the first computer system; and sending the response as a reply to the received query, wherein data stored in the first computer system and data stored in the second computer system collectively define a star schema, wherein one or more dimension tables of the star schema comprise data stored in the first computer system and a fact table of the star schema comprise data stored in the second computer system; and wherein the fact table includes a first column of surrogate values, wherein the first column of the fact table is associated with a first column in a first dimension table, wherein the first column in the first dimension table includes said surrogate values, the first dimension table comprising a second column comprising actual values corresponding to the surrogate values; wherein the received query is an SQL query specifying at least a first column in a first table stored in the first computer system and at least a second column in a second table stored on the second computer system, wherein accessing the non-sensitive data includes generating a derived SQL query specifying the one or more columns in the second table and one or more third columns in the first table. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer readable storage medium having stored thereon a computer executable program, which, when executed by a processor at a first computer system, causes the processor to perform a method comprising:
-
receiving a query at the first computer system; using a portion of the received query to access non-sensitive data stored at a second computer system, remotely separated from the first computer system, which relates to a response to the received query; generating the response to the received query using the non-sensitive data accessed from the second computer system and using another portion of the received query to access sensitive data that is stored locally at the first computer system; and sending the response as a reply to the received query, wherein data stored in the first computer system and data stored in the second computer system collectively define a star schema, wherein one or more dimension tables of the star schema comprise data stored in the first computer system and a fact table of the star schema comprise data stored in the second computer system, and wherein the fact table includes a first column of surrogate values, wherein the first column of the fact table is associated with a first column in a first dimension table, wherein the first column in the first dimension table includes said surrogate values, the first dimension table comprising a second column comprising actual values corresponding to the surrogate values; wherein the received query is an SQL query specifying at least a first column in a first table stored in the first computer system and at least a second column in a second table stored on the second computer system, wherein accessing the non-sensitive data includes generating a derived SQL query specifying the one or more columns in the second table and one or more third columns in the first table. - View Dependent Claims (6, 7, 8)
-
-
9. A computer system comprising:
-
one or more local computers, each local computer including a processor and a memory, the one or more local computers configured to; receive a query at the first computer system; use a portion of the received query to access non-sensitive data stored at a second computer system, remotely separated from the first computer system, which relates to a response to the received query; generate the response to the received query using the non-sensitive data accessed from the second computer system and using another portion of the received query to access sensitive data that is stored locally at the first computer system; and send the response as a reply to the received query, wherein data stored in the first computer system and data stored in the second computer system collectively define a star schema, wherein one or more dimension tables of the star schema comprise data stored in the first computer system and a fact table of the star schema comprise data stored in the second computer system, and wherein the fact table includes a first column of surrogate values, wherein the first column of the fact table is associated with a first column in a first dimension table, wherein the first column in the first dimension table includes said surrogate values, the first dimension table comprising a second column comprising actual values corresponding to the surrogate values; wherein the received query is an SQL query specifying at least a first column in a first table stored in the first computer system and at least a second column in a second table stored on the second computer system, wherein accessing the non-sensitive data includes generating a derived SQL query specifying the one or more columns in the second table and one or more third columns in the first table. - View Dependent Claims (10, 11)
-
Specification