Systems and methods that optimize row level database security

The systems and methods of the present invention facilitate database row-level security by utilizing SQL extensions to create and associate named security expressions with a query initiator(s). Such expressions include Boolean expressions, which must be satisfied by a row of data in order for that d...

Full description

Saved in:
Bibliographic Details
Main Authors HAMILTON JAMES R, DUTTA TANMOY, CHANDER GIRISH, CRISTOFOR LAURENTIU BOGDAN, KLINE RODGER N
Format Patent
LanguageEnglish
Published 09.02.2010
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
PICTORIAL COMMUNICATION, e.g. TELEVISION
Online AccessGet full text

Cover

More Information
Summary:The systems and methods of the present invention facilitate database row-level security by utilizing SQL extensions to create and associate named security expressions with a query initiator(s). Such expressions include Boolean expressions, which must be satisfied by a row of data in order for that data to be made accessible to the query initiator. In general, a query is augmented with security expressions, which are aggregated and utilized during querying rows of data. The systems and methods variously place security expressions within a query in order to optimize query performance while mitigating information leaks. This is achieved by tagging security expressions as special and utilizing rules of predicate to pull or push non-security expressions above or below security expressions, depending on the likelihood of a non-security being safe, as determined via a static and/or dynamic analysis.
Bibliography:Application Number: US20040885815