WO2004023375A8 - Row level based access control to a relational database - Google Patents

Row level based access control to a relational database

Info

Publication number
WO2004023375A8
WO2004023375A8 PCT/GB2003/003795 GB0303795W WO2004023375A8 WO 2004023375 A8 WO2004023375 A8 WO 2004023375A8 GB 0303795 W GB0303795 W GB 0303795W WO 2004023375 A8 WO2004023375 A8 WO 2004023375A8
Authority
WO
WIPO (PCT)
Prior art keywords
security
access control
user
row
relational database
Prior art date
Application number
PCT/GB2003/003795
Other languages
French (fr)
Other versions
WO2004023375A1 (en
Inventor
Curt Cotner
Roger Lee Miller
Original Assignee
Ibm
Ibm Uk
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm, Ibm Uk filed Critical Ibm
Priority to AU2003260770A priority Critical patent/AU2003260770A1/en
Priority to JP2004533614A priority patent/JP4398371B2/en
Publication of WO2004023375A1 publication Critical patent/WO2004023375A1/en
Publication of WO2004023375A8 publication Critical patent/WO2004023375A8/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/28Databases characterised by their database models, e.g. relational or object models
    • G06F16/284Relational databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/953Organization of data
    • Y10S707/954Relational
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/953Organization of data
    • Y10S707/956Hierarchical
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99933Query processing, i.e. searching
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99933Query processing, i.e. searching
    • Y10S707/99934Query formulation, input preparation, or translation
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99933Query processing, i.e. searching
    • Y10S707/99935Query augmenting and refining, e.g. inexact access
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99939Privileged access

Abstract

Access control system and access control methods provide multilevel and mandatory access control for a database management system. The access control techniques provide access control at the row level in a relational database table. The database table contains a security label column within which is recorded a security label that is defined within a hierarchical security scheme. A user's security label is encoded with security information concerning the user. When a user requests access to a row, a security mechanism compares the user's security information with the security information in the row. If the user's security dominates the row's security, the user is given access to the row.
PCT/GB2003/003795 2002-09-04 2003-09-02 Row level based access control to a relational database WO2004023375A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2003260770A AU2003260770A1 (en) 2002-09-04 2003-09-02 Row level based access control to a relational database
JP2004533614A JP4398371B2 (en) 2002-09-04 2003-09-02 How to control access to a relational database

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/233,397 2002-09-04
US10/233,397 US7240046B2 (en) 2002-09-04 2002-09-04 Row-level security in a relational database management system

Publications (2)

Publication Number Publication Date
WO2004023375A1 WO2004023375A1 (en) 2004-03-18
WO2004023375A8 true WO2004023375A8 (en) 2004-06-03

Family

ID=31977232

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2003/003795 WO2004023375A1 (en) 2002-09-04 2003-09-02 Row level based access control to a relational database

Country Status (6)

Country Link
US (5) US7240046B2 (en)
JP (1) JP4398371B2 (en)
CN (1) CN100444180C (en)
AU (1) AU2003260770A1 (en)
TW (1) TWI249111B (en)
WO (1) WO2004023375A1 (en)

Families Citing this family (145)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9311499B2 (en) * 2000-11-13 2016-04-12 Ron M. Redlich Data security system and with territorial, geographic and triggering event protocol
US7669051B2 (en) * 2000-11-13 2010-02-23 DigitalDoors, Inc. Data security system and method with multiple independent levels of security
US7640582B2 (en) 2003-04-16 2009-12-29 Silicon Graphics International Clustered filesystem for mix of trusted and untrusted nodes
US20030028514A1 (en) * 2001-06-05 2003-02-06 Lord Stephen Philip Extended attribute caching in clustered filesystem
JP4467257B2 (en) * 2002-06-28 2010-05-26 株式会社日立製作所 Database management method and apparatus, and processing program therefor
US7240046B2 (en) 2002-09-04 2007-07-03 International Business Machines Corporation Row-level security in a relational database management system
US7136856B2 (en) * 2002-12-04 2006-11-14 International Business Machines Corporation Multi-level security profile refresh
US7661141B2 (en) * 2004-02-11 2010-02-09 Microsoft Corporation Systems and methods that optimize row level database security
US7711750B1 (en) 2004-02-11 2010-05-04 Microsoft Corporation Systems and methods that specify row level database security
US20050188421A1 (en) * 2004-02-24 2005-08-25 Arbajian Pierre E. System and method for providing data security
US20050192939A1 (en) * 2004-02-27 2005-09-01 International Business Machines Corporation System and method for providing classification security in a database management system
US7302708B2 (en) * 2004-03-11 2007-11-27 Harris Corporation Enforcing computer security utilizing an adaptive lattice mechanism
US7200595B2 (en) * 2004-03-29 2007-04-03 Microsoft Corporation Systems and methods for fine grained access control of data stored in relational databases
US7490347B1 (en) * 2004-04-30 2009-02-10 Sap Ag Hierarchical security domain model
GB2414089A (en) * 2004-05-07 2005-11-16 Paul Pickering Adding temporal characteristics to an existing database
US7860875B2 (en) * 2004-05-26 2010-12-28 International Business Machines Corporation Method for modifying a query by use of an external system for managing assignment of user and data classifications
US20050289342A1 (en) * 2004-06-28 2005-12-29 Oracle International Corporation Column relevant data security label
US7783308B2 (en) * 2004-07-06 2010-08-24 Sony Ericsson Mobile Communications Ab Method of and apparatus for zone dependent content in a mobile device
US7720858B2 (en) * 2004-07-22 2010-05-18 International Business Machines Corporation Query conditions-based security
WO2007001328A2 (en) * 2004-07-29 2007-01-04 Infoassure, Inc. Information-centric security
US20060031184A1 (en) * 2004-08-04 2006-02-09 Periyaswamy Senthil K Service request module
US7657925B2 (en) * 2004-10-14 2010-02-02 Oracle International Corporation Method and system for managing security policies for databases in a distributed system
US7562092B2 (en) 2004-12-22 2009-07-14 Microsoft Corporation Secured views for a CRM database
US20060136361A1 (en) * 2004-12-22 2006-06-22 Microsoft Corporation Extensible, customizable database-driven row-level database security
US8095962B2 (en) * 2005-02-17 2012-01-10 At&T Intellectual Property I, L.P. Method and system of auditing databases for security compliance
US7370050B2 (en) * 2005-02-28 2008-05-06 Microsoft Corporation Discoverability and enumeration mechanisms in a hierarchically secure storage system
US7832003B2 (en) * 2005-04-28 2010-11-09 Microsoft Corporation Walled gardens
US8326877B2 (en) 2005-05-04 2012-12-04 Microsoft Corporation Region-based security
US7676470B2 (en) * 2005-07-26 2010-03-09 International Business Machines Corporation Self discovering adaptive security system and method
US20070038662A1 (en) * 2005-08-04 2007-02-15 Peter Bendel Method and system for managing external routines in a database management system
US7752205B2 (en) * 2005-09-26 2010-07-06 Bea Systems, Inc. Method and system for interacting with a virtual content repository
US20070073673A1 (en) * 2005-09-26 2007-03-29 Bea Systems, Inc. System and method for content management security
US7953734B2 (en) * 2005-09-26 2011-05-31 Oracle International Corporation System and method for providing SPI extensions for content management system
US20070083554A1 (en) * 2005-10-12 2007-04-12 International Business Machines Corporation Visual role definition for identity management
US20070118527A1 (en) * 2005-11-22 2007-05-24 Microsoft Corporation Security and data filtering
US9135304B2 (en) * 2005-12-02 2015-09-15 Salesforce.Com, Inc. Methods and systems for optimizing text searches over structured data in a multi-tenant environment
US7774355B2 (en) * 2006-01-05 2010-08-10 International Business Machines Corporation Dynamic authorization based on focus data
JP4396643B2 (en) * 2006-01-23 2010-01-13 コニカミノルタビジネステクノロジーズ株式会社 Image processing apparatus, interface information disclosure program, and interface information disclosure method
US8938473B2 (en) * 2006-02-23 2015-01-20 Oracle America, Inc. Secure windowing for labeled containers
US7720863B2 (en) * 2006-03-17 2010-05-18 Microsoft Corporation Security view-based, external enforcement of business application security rules
SG138498A1 (en) * 2006-06-29 2008-01-28 Nanyang Polytechnic Configurable multi-lingual advisory system and method thereof
US20080005115A1 (en) * 2006-06-30 2008-01-03 International Business Machines Corporation Methods and apparatus for scoped role-based access control
US20080010239A1 (en) * 2006-07-10 2008-01-10 Sap Ag Systems and methods of managing product tracking data
US7639629B2 (en) * 2006-07-28 2009-12-29 Microsoft Corporation Security model for application and trading partner integration
US8020213B2 (en) * 2006-08-01 2011-09-13 International Business Machines Corporation Access control method and a system for privacy protection
JP4977536B2 (en) * 2006-08-11 2012-07-18 株式会社リコー Information processing apparatus, information acquisition method, and information acquisition program
US8676845B2 (en) * 2006-08-22 2014-03-18 International Business Machines Corporation Database entitlement
US8402017B2 (en) * 2006-12-08 2013-03-19 International Business Machines Corporation Method for altering database views dependent on rules
US8027993B2 (en) * 2006-12-28 2011-09-27 Teradota Us, Inc. Techniques for establishing and enforcing row level database security
US8127133B2 (en) * 2007-01-25 2012-02-28 Microsoft Corporation Labeling of data objects to apply and enforce policies
JP2008234286A (en) * 2007-03-20 2008-10-02 Dainippon Printing Co Ltd Database system, database server, program, and recording medium
US8306999B2 (en) * 2007-03-23 2012-11-06 Sas Institute Inc. Computer-implemented systems, methods, and computer program product for providing row-level security in a database network
JP2008257478A (en) * 2007-04-04 2008-10-23 Internatl Business Mach Corp <Ibm> Device and method for outputting storage position of verification target character string and computer program
CN100498792C (en) * 2007-06-08 2009-06-10 北京神舟航天软件技术有限公司 Autonomous access control method for row-level data of database table
US8065329B2 (en) 2007-06-18 2011-11-22 Oracle International Corporation Query optimization on VPD protected columns
US20090024570A1 (en) * 2007-07-20 2009-01-22 Oracle Internatonal Corporation User defined query rewrite mechanism
US7809751B2 (en) * 2007-08-27 2010-10-05 Sap Ag Authorization controlled searching
US8078595B2 (en) * 2007-10-09 2011-12-13 Oracle International Corporation Secure normal forms
US8234299B2 (en) * 2008-01-11 2012-07-31 International Business Machines Corporation Method and system for using fine-grained access control (FGAC) to control access to data in a database
US8566909B2 (en) * 2008-02-01 2013-10-22 Oracle International Corporation Row-level security with expression data type
US7890530B2 (en) * 2008-02-05 2011-02-15 International Business Machines Corporation Method and system for controlling access to data via a data-centric security model
US20090265624A1 (en) * 2008-04-18 2009-10-22 Reiji Fukuda Electronic forms preparing and managing system, electronic forms preparing and managing program, and program storing memory media
TWI389536B (en) 2008-11-07 2013-03-11 Ind Tech Res Inst Access control system and method based on hierarchical key, and authentication key exchange thereof
WO2011030324A1 (en) * 2009-09-09 2011-03-17 Varonis Systems, Inc. Enterprise level data management
US10229191B2 (en) 2009-09-09 2019-03-12 Varonis Systems Ltd. Enterprise level data management
US8386448B2 (en) * 2009-11-30 2013-02-26 At&T Intellectual Property I, L.P. Methods, systems, and computer program products for providing a generic database security application using virtual private database functionality with a common security policy function
US20110153644A1 (en) * 2009-12-22 2011-06-23 Nokia Corporation Method and apparatus for utilizing a scalable data structure
CN101860526B (en) * 2009-12-22 2012-10-03 中国航空工业集团公司第六三一研究所 Method for controlling multilevel access to integrated avionics system
US9401893B2 (en) 2009-12-29 2016-07-26 International Business Machines Corporation System and method for providing data security in a hosted service system
US9965507B2 (en) * 2010-08-06 2018-05-08 At&T Intellectual Property I, L.P. Securing database content
EP2453368B1 (en) 2010-11-12 2017-05-31 Accenture Global Services Limited Custom web services data link layer
CN102480385B (en) * 2010-11-26 2014-10-22 北京启明星辰信息技术股份有限公司 database security protection method and device
US20120209856A1 (en) * 2010-12-21 2012-08-16 Daniel Mckee System and method for organizing, accessing and modifying data
US8983985B2 (en) * 2011-01-28 2015-03-17 International Business Machines Corporation Masking sensitive data of table columns retrieved from a database
US8510335B2 (en) * 2011-02-14 2013-08-13 Protegrity Corporation Database and method for controlling access to a database
US20120278334A1 (en) * 2011-04-29 2012-11-01 John Abjanic Database System
CN102236766B (en) * 2011-05-10 2014-04-09 桂林电子科技大学 Security data item level database encryption system
CN102413198A (en) * 2011-09-30 2012-04-11 山东中创软件工程股份有限公司 Security-marker-based access control method and related system
US8930410B2 (en) 2011-10-03 2015-01-06 International Business Machines Corporation Query transformation for masking data within database objects
CN102495989A (en) * 2011-12-21 2012-06-13 北京诺思恒信科技有限公司 Subject-label-based access control method and system
CN102810139B (en) * 2012-06-29 2016-04-06 宇龙计算机通信科技(深圳)有限公司 Secure data operation method and communication terminal
US8925105B2 (en) * 2012-08-27 2014-12-30 Dassault Systemes Americas Corp. Indexed security for use with databases
US9087209B2 (en) * 2012-09-26 2015-07-21 Protegrity Corporation Database access control
US9275112B2 (en) * 2012-11-09 2016-03-01 Microsoft Technology Licensing, Llc Filtering views with predefined query
CN103023986B (en) * 2012-11-27 2016-01-13 中国电信股份有限公司 A kind of system and method providing RDBMS to serve to multi-user
US9069817B2 (en) 2012-11-28 2015-06-30 International Business Machines Corporation Database row access control
JP5597692B2 (en) * 2012-12-27 2014-10-01 日本電信電話株式会社 Data request system and access control method thereof
US9460172B2 (en) 2013-03-13 2016-10-04 Sas Institute Inc. Method to reduce large OLAP cube size using cell selection rules
US9195841B2 (en) 2013-03-15 2015-11-24 Sap Se Automated and delegated model-based row level security
CN104077694B (en) * 2013-03-27 2018-04-06 阿里巴巴集团控股有限公司 User's right information processing method and system
US10038726B2 (en) 2013-06-12 2018-07-31 Visa International Service Association Data sensitivity based authentication and authorization
CN104601325B (en) * 2013-10-31 2018-03-16 华为技术有限公司 Data ciphering method, data decryption method, device, equipment and system
GB2522918A (en) 2014-02-11 2015-08-12 Ibm Adaptive access control in relational database system
EP3215976B1 (en) * 2014-11-05 2021-10-20 AB Initio Technology LLC Database security
US10223542B2 (en) 2014-12-10 2019-03-05 International Business Machines Corporation Intelligent database with secure tables
US9792454B2 (en) * 2015-01-16 2017-10-17 Protegrity Corporation Record level data security
WO2016183559A1 (en) 2015-05-14 2016-11-17 Walleye Software, LLC Persistent query dispatch and execution architecture
US10733162B2 (en) * 2015-07-30 2020-08-04 Workday, Inc. Indexing structured data with security information
CN106469282A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 data access authority control method and device
US9942237B2 (en) * 2015-08-28 2018-04-10 Bank Of America Corporation Determining access requirements for online accounts based on characteristics of user devices
US10205730B2 (en) 2015-09-29 2019-02-12 International Business Machines Corporation Access control for database
CN105208042A (en) * 2015-10-15 2015-12-30 黄云鸿 Resource safety access method and system
US9530023B1 (en) 2015-12-21 2016-12-27 Vinyl Development LLC Reach objects
KR101905771B1 (en) * 2016-01-29 2018-10-11 주식회사 엔오디비즈웨어 Self defense security server with behavior and environment analysis and operating method thereof
US10248805B2 (en) * 2016-05-13 2019-04-02 Bank Of America Corporation Database security tool
JP6705695B2 (en) * 2016-05-19 2020-06-03 株式会社日立製作所 File management system and method
US10621370B2 (en) 2016-05-27 2020-04-14 Intel Corporation Methods and apparatus to provide group-based row-level security for big data platforms
WO2017221049A1 (en) * 2016-06-21 2017-12-28 Fondation De L'institut De Recherche Idiap A data-network connected server, a device, a platform and a method for conducting computer-executable experiments
US10277561B2 (en) * 2016-07-22 2019-04-30 International Business Machines Corporation Database management system shared ledger support
EP3542554B1 (en) 2016-11-16 2021-01-06 Sonova AG Method of controlling access to hearing instrument services
JP2018109838A (en) * 2016-12-28 2018-07-12 富士通株式会社 Information processing device, information processing system, program and information processing method
US10546021B2 (en) 2017-01-30 2020-01-28 Sap Se Adjacency structures for executing graph algorithms in a relational database
US10394855B2 (en) * 2017-01-30 2019-08-27 Sap Se Graph-modeled data processing in a relational database
WO2018170276A2 (en) * 2017-03-15 2018-09-20 Fauna, Inc. Methods and systems for a database
US11106540B1 (en) 2017-04-03 2021-08-31 Amazon Technologies, Inc. Database command replay
US11182496B1 (en) 2017-04-03 2021-11-23 Amazon Technologies, Inc. Database proxy connection management
US11392603B1 (en) 2017-04-03 2022-07-19 Amazon Technologies, Inc. Database rest API
US11500824B1 (en) * 2017-04-03 2022-11-15 Amazon Technologies, Inc. Database proxy
US10885134B2 (en) 2017-05-12 2021-01-05 International Business Machines Corporation Controlling access to protected information
US9922204B1 (en) * 2017-07-19 2018-03-20 Vinyl Development LLC Reach objects with comparison techniques
CN107480556A (en) * 2017-08-07 2017-12-15 成都牵牛草信息技术有限公司 The method authorized respectively to statistics list operation authority based on train value
CN109409120B (en) * 2017-08-18 2021-12-10 中国科学院信息工程研究所 Spark-oriented access control method and system
US10866943B1 (en) 2017-08-24 2020-12-15 Deephaven Data Labs Llc Keyed row selection
WO2019088985A1 (en) * 2017-10-30 2019-05-09 Visa International Service Association Data security hub
RU2676223C1 (en) * 2017-11-16 2018-12-26 Общество с ограниченной ответственностью "Научно-технический центр РЕЛЭКС" Method for separating database objects based on privacy labels
GB2569605A (en) * 2017-12-21 2019-06-26 Sita Inf Networking Computing Usa Inc System, device and method for processing data
CN108874863B (en) * 2018-04-19 2022-03-25 华为技术有限公司 Data access control method and database access device
US11244063B2 (en) * 2018-06-11 2022-02-08 Palantir Technologies Inc. Row-level and column-level policy service
US20200065507A1 (en) * 2018-08-21 2020-02-27 Hcl Technologies Limited System and method for providing access to a user based on a multi-dimensional data structure
US11327933B2 (en) * 2019-02-15 2022-05-10 International Business Machines Corporation Migrating a multi-level secured database
CN110427770B (en) * 2019-06-20 2021-04-20 中国科学院信息工程研究所 Database access control method and system supporting service security marker
CN110427747B (en) * 2019-06-20 2021-12-14 中国科学院信息工程研究所 Identity authentication method and device supporting service security mark
CN110324326B (en) * 2019-06-20 2020-12-22 中国科学院信息工程研究所 Network data transmission control method and device based on service security marker
CN110427744B (en) * 2019-06-20 2021-07-13 中国科学院信息工程研究所 Identity management method and system supporting service security label
US11675920B2 (en) * 2019-12-03 2023-06-13 Sonicwall Inc. Call location based access control of query to database
CN111339507A (en) * 2020-02-24 2020-06-26 杭州数梦工场科技有限公司 Method, system, equipment and readable storage medium for processing access request
CN111523098A (en) * 2020-04-15 2020-08-11 支付宝(杭州)信息技术有限公司 Data authority management method and device
US11868349B2 (en) * 2020-05-05 2024-01-09 International Business Machines Corporation Row secure table plan generation
US11405401B2 (en) * 2020-05-21 2022-08-02 Adp, Inc. Determining and applying assurance levels for application operations security
CN111813803B (en) * 2020-07-02 2023-07-21 上海达梦数据库有限公司 Method, device, equipment and storage medium for generating statement block execution plan
US11397826B2 (en) * 2020-10-29 2022-07-26 Snowflake Inc. Row-level security
US11704306B2 (en) 2020-11-16 2023-07-18 Snowflake Inc. Restricted views to control information access in a database system
US20230376623A1 (en) * 2022-05-18 2023-11-23 Sap Se Resource-efficient row-level security in database systems
CN115168741A (en) * 2022-07-05 2022-10-11 上海鼎捷移动科技有限公司 Associated transaction pushing and managing system and method thereof
CN116186767B (en) * 2023-01-12 2023-10-03 北京万里开源软件有限公司 Method and device for marking row level in database

Family Cites Families (47)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH087709B2 (en) 1989-05-15 1996-01-29 インターナシヨナル・ビジネス・マシーンズ・コーポレーシヨン Access privilege control method and system
US5446903A (en) * 1993-05-04 1995-08-29 International Business Machines Corporation Method and apparatus for controlling access to data elements in a data processing system based on status of an industrial process by mapping user's security categories and industrial process steps
US5572673A (en) * 1993-12-01 1996-11-05 Sybase, Inc. Secure multi-level system for executing stored procedures
US5483596A (en) * 1994-01-24 1996-01-09 Paralon Technologies, Inc. Apparatus and method for controlling access to and interconnection of computer system resources
GB9402935D0 (en) 1994-02-16 1994-04-06 British Telecomm A method for controlling access to a database
JP3070896B2 (en) * 1994-04-22 2000-07-31 シャープ株式会社 Information retrieval device
US5729730A (en) * 1995-03-28 1998-03-17 Dex Information Systems, Inc. Method and apparatus for improved information storage and retrieval system
US5649182A (en) * 1995-03-17 1997-07-15 Reitz; Carl A. Apparatus and method for organizing timeline data
US6134549A (en) * 1995-03-31 2000-10-17 Showcase Corporation Client/server computer system having personalizable and securable views of database data
US5751949A (en) * 1995-05-23 1998-05-12 Mci Corporation Data security system and method
US5941947A (en) 1995-08-18 1999-08-24 Microsoft Corporation System and method for controlling access to data entities in a computer network
US5913037A (en) * 1996-07-03 1999-06-15 Compaq Computer Corporation Dynamic management information base manager
US5845068A (en) * 1996-12-18 1998-12-01 Sun Microsystems, Inc. Multilevel security port methods, apparatuses, and computer program products
US5963642A (en) * 1996-12-30 1999-10-05 Goldstein; Benjamin D. Method and apparatus for secure storage of data
WO1998038762A2 (en) * 1997-02-26 1998-09-03 Siebel Systems, Inc. Determining visibility to a remote database client
US5822748A (en) * 1997-02-28 1998-10-13 Oracle Corporation Group by and distinct sort elimination using cost-based optimization
US5915086A (en) 1997-04-03 1999-06-22 Oracle Corporation Hierarchical protection of seed data
US6044373A (en) * 1997-09-29 2000-03-28 International Business Machines Corporation Object-oriented access control method and system for military and commercial file systems
US6044378A (en) * 1997-09-29 2000-03-28 International Business Machines Corporation Method and system for a federated digital library by managing links
US6134558A (en) * 1997-10-31 2000-10-17 Oracle Corporation References that indicate where global database objects reside
US6006234A (en) * 1997-10-31 1999-12-21 Oracle Corporation Logical groupings within a database
US6098075A (en) * 1997-12-16 2000-08-01 International Business Machines Corporation Deferred referential integrity checking based on determining whether row at-a-time referential integrity checking would yield the same results as deferred integrity checking
JP4116137B2 (en) 1998-03-06 2008-07-09 富士通株式会社 Data protection apparatus and method in electronic data exchange system, and recording medium recording program for realizing the method
US6219790B1 (en) * 1998-06-19 2001-04-17 Lucent Technologies Inc. Centralized authentication, authorization and accounting server with support for multiple transport protocols and multiple client types
US6487552B1 (en) * 1998-10-05 2002-11-26 Oracle Corporation Database fine-grained access control
US6578037B1 (en) * 1998-10-05 2003-06-10 Oracle Corporation Partitioned access control to a database
US6446117B1 (en) * 1998-11-09 2002-09-03 Unisys Corporation Apparatus and method for saving session variables on the server side of an on-line data base management system
US6369840B1 (en) * 1999-03-10 2002-04-09 America Online, Inc. Multi-layered online calendaring and purchasing
US6484180B1 (en) * 1999-08-02 2002-11-19 Oracle Corporation Accessing domain object data stored in a relational database system
US6286104B1 (en) * 1999-08-04 2001-09-04 Oracle Corporation Authentication and authorization in a multi-tier relational database management system
US6405212B1 (en) * 1999-09-27 2002-06-11 Oracle Corporation Database system event triggers
US7093137B1 (en) 1999-09-30 2006-08-15 Casio Computer Co., Ltd. Database management apparatus and encrypting/decrypting system
JP2003518683A (en) * 1999-12-24 2003-06-10 ラヴェンパック アクチェンゲゼルシャフト Method and apparatus for presenting data to a user
US6820082B1 (en) * 2000-04-03 2004-11-16 Allegis Corporation Rule based database security system and method
US6922696B1 (en) * 2000-05-31 2005-07-26 Sri International Lattice-based security classification system and method
US6901346B2 (en) * 2000-08-09 2005-05-31 Telos Corporation System, method and medium for certifying and accrediting requirements compliance
US6775668B1 (en) * 2000-09-11 2004-08-10 Novell, Inc. Method and system for enhancing quorum based access control to a database
US20020062218A1 (en) * 2000-11-20 2002-05-23 Carolyn Pianin Method and system for providing property management services in an on-line computing evironment
JP2002182983A (en) * 2000-12-13 2002-06-28 Sharp Corp Method for controlling access to database, database unit, method for controlling access to resources and information processor
US20020085405A1 (en) 2000-12-28 2002-07-04 Gerhard Mueller Memory architecture with controllable bitline lengths
US20020095405A1 (en) * 2001-01-18 2002-07-18 Hitachi America, Ltd. View definition with mask for cell-level data access control
US6711579B2 (en) * 2001-04-20 2004-03-23 Sree Ayyanar Spinning And Weaving Mills Limited Data storage schema independent programming for data retrieval using semantic bridge
US6606627B1 (en) * 2001-05-08 2003-08-12 Oracle Corporation Techniques for managing resources for multiple exclusive groups
US6931411B1 (en) * 2001-05-30 2005-08-16 Cryptek, Inc. Virtual data labeling system and method
US7124192B2 (en) * 2001-08-30 2006-10-17 International Business Machines Corporation Role-permission model for security policy administration and enforcement
US7134022B2 (en) * 2002-07-16 2006-11-07 Flyntz Terence T Multi-level and multi-category data labeling system
US7240046B2 (en) * 2002-09-04 2007-07-03 International Business Machines Corporation Row-level security in a relational database management system

Also Published As

Publication number Publication date
US9514328B2 (en) 2016-12-06
WO2004023375A1 (en) 2004-03-18
US7464080B2 (en) 2008-12-09
TW200412515A (en) 2004-07-16
US9870483B2 (en) 2018-01-16
US20090030907A1 (en) 2009-01-29
US8478713B2 (en) 2013-07-02
US20040044655A1 (en) 2004-03-04
AU2003260770A8 (en) 2004-03-29
JP2006502472A (en) 2006-01-19
US20090043775A1 (en) 2009-02-12
TWI249111B (en) 2006-02-11
US7240046B2 (en) 2007-07-03
JP4398371B2 (en) 2010-01-13
US20170053133A1 (en) 2017-02-23
AU2003260770A1 (en) 2004-03-29
CN100444180C (en) 2008-12-17
CN1729469A (en) 2006-02-01
US20070244898A1 (en) 2007-10-18

Similar Documents

Publication Publication Date Title
WO2004023375A8 (en) Row level based access control to a relational database
Tilley et al. Energy levels of light nuclei A= 5, 6, 7
WO2002097693A3 (en) Rights management unit
KR20030071395A (en) System for protecting and managing digital contents
WO2004034393A3 (en) Digital rights management apparatus, methods and multimedia products using biometric data
WO2003058397A3 (en) System and method for asset tracking with organization-property-individual model
WO2001055894A3 (en) Logical view with granular access to exchange data managed by a modular data and storage management system
WO2003012699A8 (en) Systems and methods providing metadata for tracking of information on a distributed file system of storage devices
MXPA05009733A (en) System and method to acquire information from a database.
WO2001084373A3 (en) Information retrieval
WO2004036458A3 (en) Method of and system for presenting media content to a user or group of users
CA2118297A1 (en) Distributed Cryptographic Object Method
SG142159A1 (en) Index structure of metadata, method for providing indices of metadata, and metadata searching method and apparatus using the indices of metadata
MXPA02000185A (en) Method and system for searching classified advertising.
AU8872291A (en) Multilevel, hierarchical, dynamically mapped data storage subsystem
EP1081609A3 (en) Metadata model
GB2277176B (en) Information retrieval system with hierarchical data management
GB0318231D0 (en) No details
WO2002071191A3 (en) Metadata enabled push-pull model for efficient low-latency video-content distribution over a network
CA2323993A1 (en) Recording medium editing apparatus based on content supply source
ATE316268T1 (en) SECURE PRODUCTION OF IDENTIFICATION CARDS
DE60228009D1 (en) Recording TV data
ZA200404944B (en) Computer system for online purchasing.
MY135432A (en) Information processing system and method
WO2004032395A3 (en) System and method for organizing information

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WR Later publication of a revised version of an international search report
WWE Wipo information: entry into national phase

Ref document number: 20038209055

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2004533614

Country of ref document: JP

122 Ep: pct application non-entry in european phase