专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明申请

US20110067084A1 METHOD AND APPARATUS FOR SECURING A DATABASE CONFIGURATION 审中-公开
标题翻译：用于保护数据库配置的方法和装置
公开(公告)号：US20110067084A1
公开(公告)日：2011-03-17
申请号：US12561461
申请日：2009-09-17
申请人： Ji-Won Byun , Chi Ching Chui , Daniel ManHung Wong , Chon Hei Lei
发明人： Ji-Won Byun , Chi Ching Chui , Daniel ManHung Wong , Chon Hei Lei
IPC分类号： G06F21/00 , G06F17/30
CPC分类号： G06F21/6209 , G06F16/217 , G06F16/2343
摘要： One embodiment of the present invention provides a system that secures a database configuration from undesired modifications. This system allows a security officer to issue a configuration-locking command, which activates a lock for the configuration of a database object. When a configuration lock is activated for a database object, the system prevents a user (e.g., a database administrator) from modifying the configuration of the database object, without restricting the user from accessing the database object itself. The security officer is a trusted user that is responsible for maintaining the stability of the database configuration, such that a configuration lock activated by the security officer preserves the database configuration by overriding the privileges assigned to a database administrator.
摘要翻译：本发明的一个实施例提供一种确保数据库配置免受不期望的修改的系统。该系统允许安全员发布配置锁定命令，该命令激活用于配置数据库对象的锁。当为数据库对象激活配置锁定时，系统防止用户（例如，数据库管理员）修改数据库对象的配置，而不会限制用户访问数据库对象本身。安全官员是一个值得信赖的用户，负责维护数据库配置的稳定性，使得由安全人员激活的配置锁定通过覆盖分配给数据库管理员的权限来保留数据库配置。

32. 发明授权

US07873660B1 Enforcing data privacy aggregations 有权
标题翻译：执行数据隐私聚合
公开(公告)号：US07873660B1
公开(公告)日：2011-01-18
申请号：US10377366
申请日：2003-02-27
申请人： Daniel Manhung Wong , Chon Hei Lei , Rama Vissapragada
发明人： Daniel Manhung Wong , Chon Hei Lei , Rama Vissapragada
IPC分类号： G06F7/00 , G06F17/30
CPC分类号： G06F21/6245
摘要： Described herein is an approach that may be used to control access to information requested by a query, where access is granted or denied to all the information requested based on factors that relate to information requested as a whole rather than on individual-by-individual row basis. Also described is a mechanism in which a database server dynamically creates and computes another query in response to receiving a query, and then uses the computed results to determine whether access to the data requested by the received query may be granted.
摘要翻译：这里描述了一种方法，其可以用于控制对查询所请求的信息的访问，其中基于与作为整体请求的信息相关的因素而不是逐个单独行的因素而授予或拒绝所有所请求的信息的访问基础。还描述了一种机制，其中数据库服务器响应于接收到查询而动态地创建和计算另一个查询，然后使用所计算的结果来确定是否可以授予对所接收的查询所请求的数据的访问。

33. 发明授权

US07814330B2 Method and apparatus for facilitating multi-level computer system authentication 有权
标题翻译：用于促进多级计算机系统认证的方法和装置
公开(公告)号：US07814330B2
公开(公告)日：2010-10-12
申请号：US11195016
申请日：2005-08-01
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F11/30
CPC分类号： G06F21/31
摘要： One embodiment of the present invention provides a system that facilitates authenticating a user at a computer system. During operation, the system creates an authentication profile and assigns the authentication profile to a user, wherein the authentication profile specifies authentication criteria. Next, the computer system receives a login request from the user, and in responding to the login request, the computer system checks if the authentication criteria in the authentication profile are satisfied. If so, the system allows the user to login. If not, the user is prevented from logging into the computer system.
摘要翻译：本发明的一个实施例提供一种便于在计算机系统上认证用户的系统。在操作期间，系统创建认证简档并将认证简档分配给用户，其中认证简档指定认证标准。接下来，计算机系统从用户接收登录请求，并且响应登录请求，计算机系统检查认证简档中的认证标准是否被满足。如果是这样，系统允许用户登录。如果没有，则防止用户登录到计算机系统。

34. 发明授权

US07761704B2 Method and apparatus for expiring encrypted data 有权
标题翻译：用于到期加密数据的方法和装置
公开(公告)号：US07761704B2
公开(公告)日：2010-07-20
申请号：US11084346
申请日：2005-03-17
申请人： Min-Hank Ho , Daniel ManHung Wong , Chon Hei Lei , Thomas Keefe
发明人： Min-Hank Ho , Daniel ManHung Wong , Chon Hei Lei , Thomas Keefe
IPC分类号： H04L29/06
CPC分类号： H04N21/433 , H04L9/083 , H04L2209/56 , H04N5/913 , H04N7/165 , H04N21/4627 , H04N21/6543 , H04N21/8355 , H04N2005/91364 , Y10S707/99944
摘要： One embodiment of the present invention provides a system that can expire encrypted-data. During operation, the system receives an expiry-request that includes object-identifying information, which can be used to identify a set of database objects that contain the encrypted-data, wherein a database object can be a table, a partition, a row, or a column in a row. Furthermore, a database object can have an expiration time, and it can be stored in an archive, which is typically used to store large amounts of data for long periods using a slower, but cheaper storage medium than the storage medium used by the database. The system then identifies a set of keys for the encrypted-data using the object-identifying information. Next, the system deletes the set of keys, thereby expiring the encrypted-data. Note that, deleting the set of keys ensures that the secure key repository does not contain any stale keys associated with expired encrypted-data.
摘要翻译：本发明的一个实施例提供一种能够使加密数据过期的系统。在操作期间，系统接收包含对象标识信息的到期请求，该信息可用于标识包含加密数据的一组数据库对象，其中数据库对象可以是表，分区，行，或一列。此外，数据库对象可以具有到期时间，并且可以将其存储在通常用于使用比数据库使用的存储介质更慢但更便宜的存储介质来长时间存储大量数据的存档。然后，系统使用对象识别信息来标识用于加密数据的一组密钥。接下来，系统删除一组密钥，从而使加密数据过期。请注意，删除密钥集可确保安全密钥存储库不包含与过期的加密数据相关联的任何过时的密钥。

35. 发明申请

US20100174749A1 SECURING DBMS EVENT NOTIFICATIONS 有权
标题翻译：安全DBMS事件通知
公开(公告)号：US20100174749A1
公开(公告)日：2010-07-08
申请号：US12350055
申请日：2009-01-07
申请人： Abhishek Saxena , Neerja Bhatt , Daniel ManHung Wong , Jinqiang Han
发明人： Abhishek Saxena , Neerja Bhatt , Daniel ManHung Wong , Jinqiang Han
IPC分类号： G06F17/30
CPC分类号： G06F21/445 , G06F17/30306
摘要： One embodiment of the present invention provides a database server for securing database event notifications. The server includes a session key creation mechanism configured to create a session key when a client registers for an event, a storage mechanism configured to store the session key on the database server, a data accessing mechanism configured to access registration metadata to obtain the session key when the event occurs, a connection mechanism configured to establish a communication channel between the database server and the client, a mutual authenticating mechanism configured to using the session key to mutually authenticate the client and the database server during event notification, and an event notifying mechanism configured to send the event notification to the client.
摘要翻译：本发明的一个实施例提供一种用于保护数据库事件通知的数据库服务器。服务器包括会话密钥创建机构，被配置为当客户端注册事件时创建会话密钥，被配置为在数据库服务器上存储会话密钥的存储机制，被配置为访问注册元数据以获得会话密钥的数据访问机制当事件发生时，配置为在数据库服务器和客户端之间建立通信信道的连接机制，配置为在事件通知期间使用会话密钥来相互认证客户端和数据库服务器的相互认证机制，以及事件通知机制配置为将事件通知发送给客户端。

36. 发明授权

US07653630B2 Method and apparatus for facilitating privileged object stores in a database 有权
标题翻译：用于促进数据库中的特权对象存储的方法和装置
公开(公告)号：US07653630B2
公开(公告)日：2010-01-26
申请号：US11210326
申请日：2005-08-24
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F17/30
CPC分类号： G06F17/30595 , G06F21/604 , G06F21/6218
摘要： A system that facilitates implementing a privileged schema in a database, wherein the privileged schema is comprised of a set of database objects. Note that in relational database terminology, sometimes object stores are simply referred to as schema. The system starts by creating the privileged schema. Next, the system receives a database operation from a user. The system then authenticates the user to determine if the user is the owner of the privileged schema. If so, the system executes the database operation. On the other hand, if the user is not the owner, then the system rejects the database operation.
摘要翻译：一种有助于在数据库中实现特权模式的系统，其中特权模式由一组数据库对象组成。请注意，在关系数据库术语中，有时将对象存储简单地称为模式。系统从创建特权架构开始。接下来，系统从用户接收数据库操作。系统然后验证用户以确定用户是否是特权模式的所有者。如果是这样，系统将执行数据库操作。另一方面，如果用户不是所有者，则系统拒绝数据库操作。

37. 发明申请

US20090204570A1 METHOD AND APPARATUS FOR PERFORMING MULTI-STAGE TABLE UPDATES 有权
标题翻译：用于执行多级表更新的方法和装置
公开(公告)号：US20090204570A1
公开(公告)日：2009-08-13
申请号：US12030393
申请日：2008-02-13
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F17/30
CPC分类号： G06F17/30371 , G06F17/30368 , G06F17/30451
摘要： One embodiment of the present invention provides a system that facilitates performing multi-stage table updates. During operation, the system receives a query at a query processor, wherein executing the query causes an update to an entire table in a database. Next, the system estimates an amount of transaction log space required to execute the query. If the amount of transaction log space is greater than a pre-determined threshold, the system splits the query into a set of sub-queries, wherein an amount of transaction log space required by each sub-query in the set of sub-queries is less than the pre-determined threshold. For each sub-query in the set of sub-queries, the system executes the sub-query, and performs a mini-commit operation for the sub-query, wherein updates which comprise the mini-commit operation are not exposed to a user. Finally, when mini-commit operations have been performed for all of the sub-queries, the system performs a commit operation for the query.
摘要翻译：本发明的一个实施例提供一种便于执行多级表更新的系统。在操作期间，系统在查询处理器处接收查询，其中执行查询导致对数据库中的整个表的更新。接下来，系统估计执行查询所需的事务日志空间量。如果事务日志空间量大于预定阈值，则系统将查询分解成一组子查询，其中子查询集中的每个子查询所需的事务日志空间量是小于预定阈值。对于子查询集合中的每个子查询，系统执行子查询，并且执行子查询的小提交操作，其中包括小提交操作的更新不暴露给用户。最后，当对所有子查询执行了微型提交操作时，系统对查询执行提交操作。

38. 发明申请

US20090024565A1 METHOD AND APPARATUS FOR MASKING INDEX VALUES IN A DATABASE 有权
标题翻译：用于在数据库中显示索引值的方法和装置
公开(公告)号：US20090024565A1
公开(公告)日：2009-01-22
申请号：US11780340
申请日：2007-07-19
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F17/30
CPC分类号： G06F21/6227 , G06Q40/00
摘要： One embodiment of the present invention provides a system for masking index values in a database. During operation, the system receives a request to mask a column in a database, wherein the column is an index-column. Next, the system retrieves a tree which is used to index the column, wherein the tree provides a sorted representation of values in the column. The system then locates the root-node of the tree. Then, for each child-node in the tree, the system determines if the child-node is a leaf-node. If so, the system masks a node-value for the leaf-node without resorting the tree. If not, the system leaves the node-value unmasked.
摘要翻译：本发明的一个实施例提供了一种用于掩蔽数据库中的索引值的系统。在操作期间，系统接收到一个请求来屏蔽数据库中的列，其中列是一个索引列。接下来，系统检索用于索引列的树，其中树提供列中的值的排序表示。系统然后定位树的根节点。然后，对于树中的每个子节点，系统确定子节点是否是叶节点。如果是这样，系统会遮挡叶节点的节点值而不用树。如果没有，系统将忽略node-value。

39. 发明授权

US07440962B1 Method and system for management of access information 有权
标题翻译：访问信息管理方法和系统
公开(公告)号：US07440962B1
公开(公告)日：2008-10-21
申请号：US09974085
申请日：2001-10-09
申请人： Daniel ManHung Wong , Nina Lewis , Chon Hei Lei
发明人： Daniel ManHung Wong , Nina Lewis , Chon Hei Lei
IPC分类号： G06F17/00
CPC分类号： G06F21/6218 , Y10S707/99942 , Y10S707/99943
摘要： An improved method and system for centrally managing and accessing attribute information in a distributed computing system is disclosed. Applications set up application specific user attributes in a directory. When an application user connects to a server, the server automatically accesses the directory to identify the relevant user attributes for that application. These user attributes are retrieved and stored in the session context. Standard LDAP attributes can also be retrieved from the directory and stored in the session context.
摘要翻译：公开了一种用于在分布式计算系统中集中管理和访问属性信息的改进方法和系统。应用程序在目录中设置应用程序特定的用户属性。当应用程序用户连接到服务器时，服务器会自动访问目录，以识别该应用程序的相关用户属性。这些用户属性被检索并存储在会话上下文中。标准LDAP属性也可以从目录中检索并存储在会话上下文中。

40. 发明授权

US07127448B1 Reforming queries to selectively audit accesses to rows within a relational database 有权
标题翻译：重新构建查询以选择性地审计对关系数据库中的行的访问
公开(公告)号：US07127448B1
公开(公告)日：2006-10-24
申请号：US09559206
申请日：2000-04-26
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F17/30
CPC分类号： G06F17/30471 , Y10S707/99932 , Y10S707/99933 , Y10S707/99934
摘要： One embodiment of the present invention provides a system that selectively audits accesses to a relational database. The system receives a query at the relational database and modifies the query so that processing the query causes an audit record to be created and recorded for rows in relational tables that are accessed by the query and that satisfy an auditing condition. Next, the system processes the modified query to produce a query result. This processing causes an audit record to be created for rows in relational tables that are accessed by the query and that satisfy the auditing condition. The system records the audit record in an audit record store, and then returns the query result. In one embodiment of the present invention, if the query includes a select statement, the system inserts a case statement into the select statement. This case statement calls a function that causes the audit record to be created and recorded if the auditing condition is satisfied. In a variation on this embodiment, the case statement is evaluated near the end of the query processing so that the case statement is evaluated only after other conditions of the query are satisfied. In this way, an audit record is created only for rows that are actually accessed by the query.
摘要翻译：本发明的一个实施例提供了一种选择性地审计对关系数据库的访问的系统。系统在关系数据库中接收查询，并修改查询，以便处理查询会使查询记录的关系表中的行被创建并记录，并满足审计条件。接下来，系统处理修改后的查询以产生查询结果。此处理导致为查询中访问并满足审核条件的关系表中的行创建审计记录。系统将审计记录记录在审计记录存储中，然后返回查询结果。在本发明的一个实施例中，如果查询包括select语句，则系统将case语句插入到select语句中。该案例陈述调用一个功能，如果审计条件得到满足，则会创建和记录审计记录。在该实施例的变体中，在查询处理结束附近评估病例语句，使得仅在满足查询的其他条件之后才对病例语句进行评估。以这种方式，仅为查询实际访问的行创建审计记录。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式