Information security – Prevention of unauthorized use of data including prevention...
Reexamination Certificate
2004-07-07
2010-02-09
Zand, Kambiz (Department: 2439)
Information security
Prevention of unauthorized use of data including prevention...
C726S004000, C707S793000, C707S793000, C707S793000, C707S793000, C707S793000, C707S793000, C707S793000, C707S793000
Reexamination Certificate
active
07661141
ABSTRACT:
The systems and methods of the present invention facilitate database row-level security by utilizing SQL extensions to create and associate named security expressions with a query initiator(s). Such expressions include Boolean expressions, which must be satisfied by a row of data in order for that data to be made accessible to the query initiator. In general, a query is augmented with security expressions, which are aggregated and utilized during querying rows of data. The systems and methods variously place security expressions within a query in order to optimize query performance while mitigating information leaks. This is achieved by tagging security expressions as special and utilizing rules of predicate to pull or push non-security expressions above or below security expressions, depending on the likelihood of a non-security being safe, as determined via a static and/or dynamic analysis.
REFERENCES:
patent: 5261102 (1993-11-01), Hoffman
patent: 5414834 (1995-05-01), Alexander et al.
patent: 5734887 (1998-03-01), Kingberg et al.
patent: 5787428 (1998-07-01), Hart
patent: 5911143 (1999-06-01), Deinhart et al.
patent: 5941947 (1999-08-01), Brown et al.
patent: 5943671 (1999-08-01), Kleewein et al.
patent: 5956715 (1999-09-01), Glasser et al.
patent: 6308173 (2001-10-01), Glasser et al.
patent: 6397206 (2002-05-01), Hill et al.
patent: 6405212 (2002-06-01), Samu et al.
patent: 6412070 (2002-06-01), Van Dyke et al.
patent: 6658407 (2003-12-01), Bailey
patent: 6715081 (2004-03-01), Attwood et al.
patent: 6820082 (2004-11-01), Cook et al.
patent: 6836770 (2004-12-01), Gonnet
patent: 7346617 (2008-03-01), Wong
patent: 2002/0147714 (2002-10-01), Koo et al.
patent: 2003/0014394 (2003-01-01), Fujiwara et al.
patent: 2004/0044655 (2004-03-01), Cotner et al.
patent: 2004/0068661 (2004-04-01), Dettinger et al.
patent: 2004/0073565 (2004-04-01), Kaufman et al.
patent: 2004/0139043 (2004-07-01), Lei et al.
patent: 2004/0158551 (2004-08-01), Santosuosso
patent: 2005/0071143 (2005-03-01), Tran et al.
patent: 2005/0273854 (2005-12-01), Chess et al.
Vorwerk, et al. “On Implicate Discovery and Query Optimization”. IEEE: Proceedings of International Database Engineering and Application Symposium: 2002. http://ieeexplore.org/iel5/7997/22119/01029651.pdf?arnumber=1029651.
Narayana Vyas Kondreddi. Implementing row level security in SQL Server databases. Dec. 15, 2001. http://vyaskn.tripod.com/row—level—security—in—sql—server—databases.htm.
C. Anticoli European Search Report, Munich, Germany. Jun. 3, 2005. 2 pages.
Ueli Maurer, The Role of Cryptography in Database Security, SIGMOD 2004, Jun. 13-18, 2004, 6 pages, ACM.
Marianne Winslett, et al., Formal Query Languages for Secure Relational Databases, ACM Transactions on Database Systems, 1994, pp. 626-662, vol. 19 No. 4.
Sushil Jajodia, Database Security and Privacy, ACM Computing Surveys, Mar. 1996, pp. 129-131, vol. 28 No. 1, CRC Press.
Gottfried Vossen, et al., An Extension of the Database Language SQL to Capture More Relational Concepts, SIGMOD Record, Dec. 1988, pp. 70-78, vol. 17 No. 4.
Ramzi A. Haraty, C2 Secure Database Management Systems—A Comparative Study, SAC '99, 1998, pp. 216-220, ACM, San Antonio, Texas.
Shariq Rizvi, et al., Extending Query Rewriting Techniques for Fine-Grained Access Control, SIGMOD 2004, Jun. 13-18, 2004, 12 pages, ACM.
Tor Didriksen, Rule Based Database Access Control—A Practical Approach, RBAC '97, 1997, pp. 143-151, ACM.
Torsten Priebe, et al., Towards OLAP Security Design—Survey and Research Issues, DOLAP '00, 2000, pp. 33-41, ACM, McLean, VA, USA.
Andrew Eisenberg, et al., SQL:1999, Formerly Known as SQL3, SIGMOD Record, Mar. 1999, pp. 131-138, vol. 28 No. 1.
G. Widerhold, et al., Web Implementation of a Security Mediator for Medical Databases, Database Security XI: Status and Prospects, pp. 60-72, 1998.
W.Eβmayr, et al., The Security Architecture of IRO-DB, In Proc. of the 12th IFIP International Conference on Information Security, IFIP/SEC 1996, 12 pages.
T. Marius Truta, et al., Privacy and Confidentiality Management for the Microaggregation Disclosure Control Method: Disclosure Risk and Information Loss Measures, ACM Workshop on Privacy in the Electronic Society, pp. 21-30, 2003.
OA dated Jan. 6, 2009 for U.S. Appl. No. 10/903,338, pp. 16.
Chander Girish
Cristofor Laurentiu Bogdan
Dutta Tanmoy
Hamilton James R.
Kline Rodger N.
Microsoft Corporation
Schmidt Kari L
Workman Nydegger
Zand Kambiz
LandOfFree
Systems and methods that optimize row level database security does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Systems and methods that optimize row level database security, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Systems and methods that optimize row level database security will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4203434