Information security – Prevention of unauthorized use of data including prevention... – Access control
Reexamination Certificate
2007-09-13
2011-11-08
El Hady, Nabil (Department: 2434)
Information security
Prevention of unauthorized use of data including prevention...
Access control
C707S769000, C707S783000
Reexamination Certificate
active
08056141
ABSTRACT:
A method for monitoring stored procedures is disclosed. The method performs on-line and inline monitoring of stored procedures for detecting table access operations performed by the procedures. This allows the enforcing of access control policies, correlation rules and audit rules on stored procedures. The monitoring is performed using mapping information gathered about each stored procedure that can be executed by a database server. The method comprises parsing an incoming transaction submitted by a client; determining whether the incoming transaction includes an invocation of a stored procedure; obtaining a query group corresponding to the stored procedure; applying an access control policy on the query group; and asserting an unauthorized event if the query group is not compliant with the access control policy.
REFERENCES:
patent: 5572673 (1996-11-01), Shurts
patent: 6038563 (2000-03-01), Bapat et al.
patent: 6507834 (2003-01-01), Kabra et al.
patent: 6769074 (2004-07-01), Vaitzblit
patent: 7082455 (2006-07-01), Hu et al.
patent: 7085780 (2006-08-01), Sakamoto et al.
patent: 7155641 (2006-12-01), Prang et al.
patent: 7640235 (2009-12-01), Shulman et al.
patent: 7685194 (2010-03-01), Kabra et al.
patent: 7743420 (2010-06-01), Shulman et al.
patent: 7752662 (2010-07-01), Shulman et al.
patent: 7797339 (2010-09-01), Chase
patent: 2004/0162822 (2004-08-01), Papanyan et al.
patent: 2004/0162825 (2004-08-01), Bhaghavan et al.
patent: 2005/0108188 (2005-05-01), Santosuosso
patent: 2006/0136493 (2006-06-01), Muralidharan et al.
patent: 2006/0271511 (2006-11-01), Harward et al.
patent: 2006/0272008 (2006-11-01), Shulman et al.
patent: 2007/0124806 (2007-05-01), Shulman et al.
patent: 2007/0282837 (2007-12-01), Klein
patent: 2007/0294539 (2007-12-01), Shulman et al.
patent: 2008/0065640 (2008-03-01), Shulman et al.
patent: 2008/0270455 (2008-10-01), Bendel et al.
patent: 2008/0320567 (2008-12-01), Shulman et al.
patent: 2010/0251377 (2010-09-01), Shulman et al.
Gartner IT Security Summit, Imperva Delivers First True Gigabit Application Firewall Solution, News & Events, Press Release, http://web.archive.org/web/20060312094936/www.imperva.com/company
ews/2005-jun-06.html, Imperva Inc., Jun. 6, 2005, pp. 3, Washington, DC, USA.
Imperva SecureSpehre™ Data Security Solutions, Products, SecureSpere, http://web.archive.org/web/20060312093140/www.imperva.com/products/securesphere/, Imperva Inc, 2006, p. 1.
Imperva Inc., SecureSpehre™ Web Application Firewall The Industry's Only Automated Web Application Firewall, Products, Resources, Database, SecureSphere Web Application Firewall Datasheet, http://web.archive.org/web/20060312092739/www.imperva.com/products/securesphere/resources.asp, 2006, pp. 4.
Imperva Inc., Imperva SecureSpehre™ Dynamic Profiling Firewall, Product, SecureSphere, http://web.archive.org/web/20050207181514/www.imperva.com/products/securesphere/, 2005, pp. 2.
Imperva Inc., Imperva Delivers Unique Security Insight into Applications in Production, News & Events, Press Releases, New Release of SecureSphere Extends the Reach of Innovative Dynamic Profiling Technology, http://web.archive.org/web/20050207165342/www.imperva.com/company
ews/2004-dec-13.html, Dec. 13, 2004, pp. 3, Foster City, California, USA.
Imperva Inc., Web and Database Firewalls, Products, SecureSpere™, Dynamic Profiling, http://web.archive.org/web/20041224083525/www.imperva.com/products/securesphere/web—database—firewalls.html, 2004, pp. 2.
Imperva Inc., Ready to take a test drive?, Products, SecureSpere™, Demo, http://web.archive.org/web/20041224085514/www.imperva.com/products/securesphere/demo.html, 2005, pp. 2.
Imperva Inc., Freeware IT security test tools, Application Defense Center, tools, http://web.archive.org/web/20041223174325/www.imperva.com/application—defense—center/tools.asp, 2005, p. 1.
Imperva Inc., Products, SecureSpehre™, White Papers, http://web.archive.org/web/20041224085413/www.imperva.com/products/securesphere/white—papers.asp, 2005, pp. 2.
Imperva Inc., Traditional Web Application Security vs. SecureSphere, A comparison of Hard Trigger Rules vs. Correlated Attack Validation, 2004, pp. 10.
Imperva Inc., Imperva™ SecureSphere™ Technical Description, 2004, pp. 20.
Imperva Inc., Imperva Unveils Next Generation Firewall Technology: Dynamic Profiling, SecureSphere 3.0 Delivers Total Application Security from Web, Worm and Database Threats, About Us, Press Releases, http://web.archive.org/web/20041015225044/www.imperva.com/company
ews/2004-aug-23.html, Aug. 23, 2004, pp. 2, Foster City, California, USA.
Imperva Inc., Management & Reporting, http://web.archive.org/web/20041023204255/www.imperva.com/products/securesphere/management—reporting.html, Sep. 26, 2004, p. 1, vol. 3.0.
Imperva Inc., Imperva™ SecureSphere™ Securing the Enterprise Application Sphere, Apr. 1, 2004, pp. 2, vol. 2.0.
Imperva Inc., SecureSphere™ Dynamic Profiling Firewall Total Application Security, Products, SecureSphere™, Database, SecureSphere Datasheet, http://web.archive.org/web/20041215173241/www.imperva.com/products/securesphere/datasheet.html, 2004, pp. 4.
Imperva Inc., SecureSphere™ Dynamic Profiling Firewall Total Application Security, 2004, pp. 4.
Imperva Inc., Total Application Security with the SecureSphere Dynamic Profiling Firewall, http://www.infotechits.com/IT—Solutions/SecureSphere/securesphere—white—paper.pdf, 2004, pp. 1-10.
Ryterski Tal
Shulman Amichai
El Hady Nabil
Imperva, Inc.
Sughrue & Mion, PLLC
LandOfFree
Method for monitoring stored procedures does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for monitoring stored procedures, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for monitoring stored procedures will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4310687