Securing database content

US 9,798,771 B2
Filed: 10/05/2015
Issued: 10/24/2017
Est. Priority Date: 08/06/2010
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, by a server, an update query via a network from a client device, the update query associated with an electronic database, the update query specifying a column in the electronic database and an electronic record in the electronic database;

querying, by the server, a database specification for the column specified by the update query, the database specification electronically associating challenge columns in challenge tables to columns in the electronic database;

identifying, by the server, a first challenge column of the challenge columns in the database specification that is electronically associated to the column specified by the update query;

identifying, by the server, a second challenge column of the challenge columns in the database specification that is electronically associated to the column specified by the update query;

identifying, by the server, two challenge values from the challenge columns, a first challenge value of the two challenge values retrieved from the first challenge column in the database specification and a second challenge value of the two challenge values retrieved from the second challenge column in the database specification;

receiving, by the server, values sent from the client device to validate the update query to the electronic database;

determining, by the server, matches between the two challenge values identified from the challenge columns in the database specification and the values received from the client device; and

validating, by the server, the update query for execution in response to the matches between the two challenge values and the values received from the client device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Content is secured in a database. One or more columns in challenge tables are identified, and values from the challenge tables are retrieved. A database query may execute in response to a match between the values from the challenge tables and query data. However, if the query data fails to match the values from the challenge tables, execution of the database query may be disallowed.

Citations

20 Claims

1. A method, comprising:
- receiving, by a server, an update query via a network from a client device, the update query associated with an electronic database, the update query specifying a column in the electronic database and an electronic record in the electronic database;
  
  querying, by the server, a database specification for the column specified by the update query, the database specification electronically associating challenge columns in challenge tables to columns in the electronic database;
  
  identifying, by the server, a first challenge column of the challenge columns in the database specification that is electronically associated to the column specified by the update query;
  
  identifying, by the server, a second challenge column of the challenge columns in the database specification that is electronically associated to the column specified by the update query;
  
  identifying, by the server, two challenge values from the challenge columns, a first challenge value of the two challenge values retrieved from the first challenge column in the database specification and a second challenge value of the two challenge values retrieved from the second challenge column in the database specification;
  
  receiving, by the server, values sent from the client device to validate the update query to the electronic database;
  
  determining, by the server, matches between the two challenge values identified from the challenge columns in the database specification and the values received from the client device; and
  
  validating, by the server, the update query for execution in response to the matches between the two challenge values and the values received from the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising querying the database specification for an identifier associated with the column.
  - 3. The method of claim 1, further comprising requesting the values from the client device to validate the update query to the electronic database.
  - 4. The method of claim 1, further comprising comparing the two challenge values identified from the challenge columns in the database specification to the values received from the client device.
  - 5. The method of claim 1, further comprising determining the two challenge values fail to match the values received from the client device.
  - 6. The method of claim 1, further comprising disallowing the execution of the update query in response to the two challenge values failing the match to the electronic data retrieved from the fields values received from the client device.
  - 7. The method of claim 1, further comprising sending identifiers associated with the first challenge column and the second challenge column to an address associated with the electronic query.

8. A system, comprising:
- a processor; and
  
  a memory device, the memory device storing instructions, the instructions when executed causing the processor to perform operations, the operations comprising;
  
  receiving an update query associated with an electronic database, the update query sent from a client device requesting an update to the electronic database, the update query specifying a column of the electronic database and an electronic record in the electronic database;
  
  querying a database specification for the column specified by the update query, the database specification electronically associating challenge columns in challenge tables to columns in the electronic database;
  
  identifying the challenge columns in the database specification that are electronically associated to the column specified by the update query;
  
  randomly selecting a first challenge column of the challenge columns identified in the database specification that is electronically associated to the column specified by the update query;
  
  randomly selecting a first challenge value from the first challenge column randomly selected from the challenge columns;
  
  randomly selecting a second challenge column of the challenge columns identified in the database specification that is electronically associated to the column specified by the update query;
  
  randomly selecting a second challenge value from the second challenge column randomly selected from the challenge columns;
  
  receiving values from the client device to validate the update requested to the electronic database;
  
  comparing the first challenge value randomly selected from the first challenge column and the second challenge value randomly selected from the second challenge column to the values received from the client device;
  
  determining matches between the first challenge value and the second challenge value and the values received from the client device; and
  
  executing the update query to the electronic database in response to the matches between the first challenge value and the second challenge value and the values received from the client device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the operations further comprise querying the database specification for an identifier associated with the column.
  - 10. The system of claim 8, wherein the operations further comprise retrieving the first challenge value from the first challenge column.
  - 11. The system of claim 8, wherein the operations further comprise retrieving the second challenge value from the second challenge column.
  - 12. The system of claim 8, wherein the operations further comprise determining the first challenge value and the second challenge value fail to match the values received from the client device.
  - 13. The system of claim 8, wherein the operations further comprise disallowing the executing of the update query in response to the first challenge value and the second challenge value failing the match to the values received from the client device.
  - 14. The system of claim 8, wherein the operations further comprise requesting the values from the client device to validate the update query to the electronic database.

15. A memory device storing instructions that when executed cause a processor to perform operations, the operations comprising:
- receiving an update query associated with an electronic database, the update query sent from a client device requesting an update to the electronic database, the update query specifying a column of the electronic database and an electronic record in the electronic database;
  
  querying a database specification for the column specified by the update query, the database specification electronically associating challenge columns in challenge tables to columns in the electronic database;
  
  identifying the challenge columns in the database specification that are electronically associated to the column specified by the update query;
  
  randomly selecting a first challenge column of the challenge columns identified in the database specification that is electronically associated to the column specified by the update query;
  
  randomly selecting a first challenge value from the first challenge column randomly selected from the challenge columns;
  
  randomly selecting a second challenge column of the challenge columns identified in the database specification that is electronically associated to the column specified by the update query;
  
  randomly selecting a second challenge value from the second challenge column randomly selected from the challenge columns;
  
  receiving values from the client device to validate the update requested to the electronic database;
  
  comparing the first challenge value randomly selected from the first challenge column and the second challenge value randomly selected from the second challenge column to the values received from the client device;
  
  determining matches between the first challenge value and the second challenge value and the values received from the client device; and
  
  executing the update query to the electronic database in response to the matches between the first challenge value and the second challenge value and the values received from the client device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The memory device of claim 15, wherein the operations further comprise querying the database specification for an identifier associated with the column.
  - 17. The memory device of claim 15, wherein the operations further comprise retrieving the first challenge value from the first challenge column.
  - 18. The memory device of claim 15, wherein the operations further comprise retrieving the second challenge value from the second challenge column.
  - 19. The memory device of claim 15, wherein the operations further comprise determining the first challenge value and the second challenge value fail to match the values received from the client device.
  - 20. The memory device of claim 15, wherein the operations further comprise disallowing the executing of the update query in response to the first challenge value and the second challenge value failing the match to the values received from the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Srivastava, Divesh, Viravanallur, Lakshmanan Sundaram, Chen, Su, Dong, Xin
Primary Examiner(s)
Wu, Yicun

Application Number

US14/874,497
Publication Number

US 20160026682A1
Time in Patent Office

750 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/21   Design, administration or m...

G06F 16/213   with details for schema evo...

G06F 16/215   Improving data quality; Dat...

G06F 16/245   Query processing

Securing database content

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Securing database content

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links