DBFS permissions using user, role, and permissions flags
First Claim
1. A method comprising:
- an operating system running on a client machine, receiving a request for a file operation on a specific file within a database file system that stores files in database objects of a database system;
in response to receiving said request;
said operating system determining whether a user associated with said request has a privilege required for said file operation for said specific file;
wherein said operating system determining whether said user has said privilege required for said file operation includes comparing an operating system user ID of said user to metadata associated with said specific file, wherein said operating system user ID is stored locally on said client machine, wherein said metadata contains privilege information, based on operating system user IDs, for file operations associated with said specific file;
when said operating system determines that said user has said privilege, said database system determining whether said user has said privilege required for said file operation on said specific file, based upon a database user ID associated with said user; and
in response to said database system determining that said user has said privilege required for said file operation for said specific file, said database system permitting said file operation on said specific file.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating file operations on files and folders stored in a database file system where the database file system can authenticate a client-user request based upon the client-user'"'"'s database credentials. The database file system has the capability of storing file permissions based on database credentials. Once a client requests a certain file operation, the client'"'"'s operating system first determines whether the client has sufficient privileges to perform the requested file operation. If the client has privileges, the client operating system forwards the file operation request to the database file system. The database file system then authenticates the client, based on his database credentials, to determine whether or not to perform the requested file operation.
-
Citations
11 Claims
-
1. A method comprising:
-
an operating system running on a client machine, receiving a request for a file operation on a specific file within a database file system that stores files in database objects of a database system; in response to receiving said request; said operating system determining whether a user associated with said request has a privilege required for said file operation for said specific file; wherein said operating system determining whether said user has said privilege required for said file operation includes comparing an operating system user ID of said user to metadata associated with said specific file, wherein said operating system user ID is stored locally on said client machine, wherein said metadata contains privilege information, based on operating system user IDs, for file operations associated with said specific file; when said operating system determines that said user has said privilege, said database system determining whether said user has said privilege required for said file operation on said specific file, based upon a database user ID associated with said user; and in response to said database system determining that said user has said privilege required for said file operation for said specific file, said database system permitting said file operation on said specific file. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for determining file operation permissions on a database system for a user, the system comprising:
-
a client computer system configured to receive a request for a file operation on a specific file within a database management system that stores files in database objects of the database system; a client operating system configured to determine whether said user associated with said request has a privilege required for said file operation for said specific file; wherein said client operating system determines whether said user has said privilege required for said file operation includes comparing an operating system user ID of said user to metadata associated with said specific file, wherein said operating system user ID is stored locally on said client computer system, wherein said metadata contains privilege information, based on operating system user IDs, for file operations associated with said specific file; said database management system configured to determine whether said user has said privilege required for said file operation on said specific file, based upon a database user ID associated with said user, when said client operating system determines that said user has said privilege; and said database management system configured to permit said file operation on said specific file in response to said database system determining that said user has said privilege required for said file operation for said specific file.
-
-
7. One or more non-transitory storage media storing instructions which, when executed by one or more computing devices, causes:
-
an operating system running on a client machine, receiving a request for a file operation on a specific file within a database file system that stores files in database objects of a database system; in response to receiving said request; said operating system determining whether a user associated with said request has a privilege required for said file operation for said specific file; wherein said operating system determining whether said user has said privilege required for said file operation includes comparing an operating system user ID of said user to metadata associated with said specific file, wherein said operating system user ID is stored locally on said client machine, wherein said metadata contains privilege information, based on operating system user IDs, for file operations associated with said specific file; when said operating system determines that said user has said privilege, said database system determining whether said user has said privilege required for said file operation on said specific file, based upon a database user ID associated with said user; and in response to said database system determining that said user has said privilege required for said file operation for said specific file, said database system permitting said file operation on said specific file. - View Dependent Claims (8, 9, 10, 11)
-
Specification