专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明授权

US06986060B1 Method and apparatus for sharing a security context between different sessions on a database server 有权
标题翻译：用于在数据库服务器上的不同会话之间共享安全上下文的方法和装置
公开(公告)号：US06986060B1
公开(公告)日：2006-01-10
申请号：US09577220
申请日：2000-05-23
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： H04L9/00 , G06F15/16 , G06F17/30
CPC分类号： G06F21/6227 , Y10S707/99939
摘要： One embodiment of the present invention provides a system for sharing a security context between different sessions on a database server. The system operates by receiving a request at the database server through a database session between the database server and an application on a database client. The system looks up an identifier for an application client that was previously associated with the database session. The system uses this identifier to look up the security context containing attributes related to the application client within a storage area associated with the database server. Next, the system performs a database operation to satisfy the request and in doing so enforces access rights associated with the security context. In one embodiment of the present invention, the request includes a database query directed to a database on the database server. In one embodiment of the present invention, performing the database operation involves modifying the database query to enforce access rights associated with the security context. In one embodiment of the present invention, the identifier for the application client identifies a user of the application that is sending the request to the database server. In one embodiment of the present invention, the database client is an application server that is sending the request to the database server, and the identifier for the application client identifies an application session between the application on the application server and the client of the application.
摘要翻译：本发明的一个实施例提供了一种用于在数据库服务器上的不同会话之间共享安全上下文的系统。系统通过数据库服务器和数据库客户端上的应用程序之间的数据库会话在数据库服务器上接收请求来进行操作。系统查找先前与数据库会话关联的应用程序客户端的标识符。系统使用该标识符来查找包含与数据库服务器相关联的存储区域内与应用客户端相关的属性的安全上下文。接下来，系统执行数据库操作以满足请求，并且这样执行与安全上下文相关联的访问权限。在本发明的一个实施例中，请求包括指向数据库服务器上的数据库的数据库查询。在本发明的一个实施例中，执行数据库操作涉及修改数据库查询以实现与安全上下文相关联的访问权限。在本发明的一个实施例中，应用客户端的标识符标识正在向数据库服务器发送请求的应用的用户。在本发明的一个实施例中，数据库客户机是将请求发送到数据库服务器的应用服务器，并且应用客户端的标识符标识应用服务器上的应用与应用的客户端之间的应用会话。

42. 发明授权

US06813617B2 Dynamic generation of optimizer hints 有权
标题翻译：动态生成优化器提示
公开(公告)号：US06813617B2
公开(公告)日：2004-11-02
申请号：US10431971
申请日：2003-05-07
申请人： Daniel Manhung Wong , Chon Hei Lei
发明人： Daniel Manhung Wong , Chon Hei Lei
IPC分类号： G06F1730
CPC分类号： G06F17/30471 , G06F17/3048 , G06F21/6227 , Y10S707/99933 , Y10S707/99934 , Y10S707/99935 , Y10S707/99939
摘要： A fine-grained access control mechanism uses policy functions that are associated with a database object (e.g. table and view). The policy functions are invoked, when, for example, a database server detects that a query is issued against the database object. The policy functions return optimizer hints, which are added to the query.
摘要翻译：细粒度访问控制机制使用与数据库对象（例如表和视图）相关联的策略功能。当例如数据库服务器检测到针对数据库对象发出查询时，调用策略函数。策略函数返回优化器提示，这些提示被添加到查询中。

43. 发明授权

US10540508B2 Method and apparatus for securing a database configuration 有权
公开(公告)号：US10540508B2
公开(公告)日：2020-01-21
申请号：US12561461
申请日：2009-09-17
申请人： Ji-Won Byun , Chi Ching Chui , Daniel ManHung Wong , Chon Hei Lei
发明人： Ji-Won Byun , Chi Ching Chui , Daniel ManHung Wong , Chon Hei Lei
IPC分类号： G06F21/62
摘要： One embodiment of the present invention provides a system that secures a database configuration from undesired modifications. This system allows a security officer to issue a configuration-locking command, which activates a lock for the configuration of a database object. When a configuration lock is activated for a database object, the system prevents a user (e.g., a database administrator) from modifying the configuration of the database object, without restricting the user from accessing the database object itself. The security officer is a trusted user that is responsible for maintaining the stability of the database configuration, such that a configuration lock activated by the security officer preserves the database configuration by overriding the privileges assigned to a database administrator.

44. 发明授权

US08892905B2 Method and apparatus for performing selective encryption/decryption in a data storage system 有权
标题翻译：用于在数据存储系统中执行选择性加密/解密的方法和装置
公开(公告)号：US08892905B2
公开(公告)日：2014-11-18
申请号：US11726428
申请日：2007-03-21
申请人： Adam Y. Lee , Varun Malhotra , Daniel ManHung Wong , Tirthankar Lahiri , Kiran Goyal , Juan R. Loaiza , Paul Youn
发明人： Adam Y. Lee , Varun Malhotra , Daniel ManHung Wong , Tirthankar Lahiri , Kiran Goyal , Juan R. Loaiza , Paul Youn
IPC分类号： G06Q30/02 , H04L9/08
CPC分类号： H04L9/0894
摘要： One embodiment of the present invention provides a system for performing selective encryption/decryption in a data storage system. During operation, the system receives a data block from a storage medium at an input/output layer, wherein the input/output layer serves as an interface between the storage medium and a buffer cache. Next, the system determines whether the data block is an encrypted data block. If not, the system stores the data block in the buffer cache. Otherwise, if the data block is an encrypted data block, the system retrieves a storage-key, wherein the storage-key is associated with a subset of storage, which is associated with the encrypted data block. Using the storage-key, the system then decrypts the encrypted data block to produce a decrypted data block. Finally, the system stores the decrypted data block in the buffer cache, wherein the data block remains encrypted in the storage medium.
摘要翻译：本发明的一个实施例提供一种用于在数据存储系统中执行选择性加密/解密的系统。在操作期间，系统在输入/输出层从存储介质接收数据块，其中输入/输出层用作存储介质和缓冲器高速缓存之间的接口。接下来，系统确定数据块是否是加密数据块。如果没有，系统将数据块存储在缓冲区高速缓存中。否则，如果数据块是加密数据块，则系统检索存储密钥，其中存储密钥与与加密数据块相关联的存储子集相关联。使用存储密钥，系统然后解密加密的数据块以产生解密的数据块。最后，系统将解密的数据块存储在缓冲器高速缓存中，其中数据块在存储介质中保持加密。

45. 发明申请

US20130275590A1 THIRD PARTY PROGRAM INTEGRITY AND INTEGRATION CONTROL IN WEB-BASED APPLICATIONS 有权
标题翻译：基于WEB应用的第三方程序完整性和集成控制
公开(公告)号：US20130275590A1
公开(公告)日：2013-10-17
申请号：US13446381
申请日：2012-04-13
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F15/173
CPC分类号： H04L63/10 , G06F17/3089 , G06F21/6209 , G06F2221/2115 , G06F2221/2119 , H04L29/06 , H04L29/08072 , H04L67/16 , H04L67/20 , H04L67/32 , H04L67/42
摘要： Disclosed herein are a resource control service, system, method and architecture. A client device's resource access is limited to an approved resource, or resources. A request for a resource is directed to a resource control service that determines whether or not to grant access to the requested resource. Where a determination is made to grant access to the resource, a response is transmitted to the client device, the response redirecting the client device to a second URI for the approved version of the requested resource. The response can be used by the client device request the resource from the location identified in the response.
摘要翻译：这里公开了资源控制服务，系统，方法和架构。客户端设备的资源访问仅限于已批准的资源或资源。对资源的请求被引导到资源控制服务，其确定是否授权对所请求的资源的访问。在确定授予对资源的访问的情况下，将响应发送到客户端设备，响应将客户端设备重定向到所请求资源的已批准版本的第二URI。响应可以由客户端设备从响应中标识的位置请求资源。

46. 发明授权

US08326996B2 Method and apparatus for establishing multiple sessions between a database and a middle-tier client 有权
标题翻译：用于在数据库和中间层客户端之间建立多个会话的方法和装置
公开(公告)号：US08326996B2
公开(公告)日：2012-12-04
申请号：US11445633
申请日：2006-06-02
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F15/16 , G06F7/00
CPC分类号： G06F17/3056
摘要： One embodiment of the present invention provides a system for establishing multiple sessions between a database and a middle-tier client. During operation, the system receives a request for a plurality of sessions at a database from a middle-tier client. In response to the request, the system authenticates the middle-tier client, and creates a session between the database and the middle-tier client. The system clones the session one or more times to create the plurality of sessions. Finally, the system sends a plurality of session-handles associated with the plurality of sessions to the middle-tier client. This enables the middle-tier client to distribute the session-handles to end-user clients in response to subsequent requests from the end-user clients to access the database.
摘要翻译：本发明的一个实施例提供了一种用于在数据库和中间层客户端之间建立多个会话的系统。在操作期间，系统从中间层客户端在数据库处接收对多个会话的请求。响应请求，系统对中间层客户端进行身份验证，并在数据库和中间层客户端之间创建会话。系统克隆会话一次或多次以创建多个会话。最后，系统将与多个会话相关联的多个会话句柄发送到中间层客户端。这使得中间层客户端可以将会话句柄分发给最终用户客户端，以响应最终用户客户端访问数据库的后续请求。

47. 发明授权

US08065281B2 Method and apparatus for facilitating distributed processing of database operations 有权
标题翻译：用于促进数据库操作的分布式处理的方法和装置
公开(公告)号：US08065281B2
公开(公告)日：2011-11-22
申请号：US11780359
申请日：2007-07-19
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F17/00
CPC分类号： G06F17/30477 , G06F21/6227
摘要： One embodiment of the present invention provides a system that facilitates distributed processing of database operations. During operation, the system receives a database operation at a distributed command processor, wherein the database operation includes a query language command. Next, the system performs a set of non-data processing operations associated with the database operation to obtain a set of non-data processing results. The system then sends the query language command to a database, which enables the database to execute the query language command to obtain a result.
摘要翻译：本发明的一个实施例提供一种促进数据库操作的分布式处理的系统。在操作期间，系统在分布式命令处理器处接收数据库操作，其中数据库操作包括查询语言命令。接下来，系统执行与数据库操作相关联的一组非数据处理操作，以获得一组非数据处理结果。然后系统将查询语言命令发送到数据库，使数据库能够执行查询语言命令获取结果。

48. 发明授权

US07958346B2 Multilayered security for systems interacting with configuration items 有权
标题翻译：与配置项目交互的系统的多层安全性
公开(公告)号：US07958346B2
公开(公告)日：2011-06-07
申请号：US11206701
申请日：2005-08-18
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： H04L29/06
CPC分类号： G06F21/57 , G06F21/6209
摘要： Systems, methodologies, and other embodiments associated with providing multi-layered security for configuration items are described. One exemplary system may include a security logic configured to process the contents of a configuration item based on the source of the configuration item and the integrity of the configuration item. The exemplary system may also include a verification logic configured to further process the contents and to selectively provide the contents. A configuration item may be provided to the security logic by a configuration item provider known to the security logic and related to the security logic by a first set of keys. The security logic may be related to the verification logic by a second set of keys different from the first set of keys.
摘要翻译：描述了与为配置项提供多层安全性相关联的系统，方法和其他实施例。一个示例性系统可以包括被配置为基于配置项的源和配置项的完整性来处理配置项的内容的安全逻辑。示例性系统还可以包括配置成进一步处理内容并选择性地提供内容的验证逻辑。配置项目可以由安全逻辑器已知的配置项提供商提供给安全逻辑，并且通过第一组密钥与安全逻辑相关。安全逻辑可以通过与第一组密钥不同的第二组密钥与验证逻辑相关。

49. 发明授权

US07941671B2 Method and apparatus for accommodating multiple verifier types with limited storage space 有权
标题翻译：用于容纳具有有限存储空间的多个验证器类型的方法和装置
公开(公告)号：US07941671B2
公开(公告)日：2011-05-10
申请号：US10966511
申请日：2004-10-14
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F21/00
CPC分类号： G06F21/31
摘要： One embodiment of the present invention provides a system that accommodates different types of verifiers in a computer system. During operation, the system receives a username and a password. The system then computes a verifier based on the password. If the size of the verifier exceeds a storage limit, the system transforms the verifier into a transformed verifier which conforms to the storage limit, thereby allowing the computer system to compare the transformed verifier with a locally stored verifier associated with the username to facilitate user authentication.
摘要翻译：本发明的一个实施例提供一种在计算机系统中容纳不同类型的验证器的系统。在操作过程中，系统会收到用户名和密码。然后系统将基于密码计算验证者。如果验证者的大小超过存储限制，则系统将验证者转换为符合存储限制的变换验证器，从而允许计算机系统将转换的验证器与与用户名相关联的本地存储的验证器进行比较以便于用户认证。

50. 发明授权

US07937375B2 Method and apparatus for masking index values in a database 有权
标题翻译：用于掩蔽数据库中的索引值的方法和装置
公开(公告)号：US07937375B2
公开(公告)日：2011-05-03
申请号：US11780340
申请日：2007-07-19
申请人： Daniel ManHung Wong
发明人： Daniel ManHung Wong
IPC分类号： G06F7/00 , G06Q40/00
CPC分类号： G06F21/6227 , G06Q40/00
摘要： One embodiment of the present invention provides a system for masking index values in a database. During operation, the system receives a request to mask a column in a database, wherein the column is an index-column. Next, the system retrieves a tree which is used to index the column, wherein the tree provides a sorted representation of values in the column. The system then locates the root-node of the tree. Then, for each child-node in the tree, the system determines if the child-node is a leaf-node. If so, the system masks a node-value for the leaf-node without resorting the tree. If not, the system leaves the node-value unmasked.
摘要翻译：本发明的一个实施例提供了一种用于掩蔽数据库中的索引值的系统。在操作期间，系统接收到一个请求来屏蔽数据库中的列，其中列是一个索引列。接下来，系统检索用于索引列的树，其中树提供列中的值的排序表示。系统然后定位树的根节点。然后，对于树中的每个子节点，系统确定子节点是否是叶节点。如果是这样，系统会遮挡叶节点的节点值，而不用树。如果没有，系统将忽略node-value。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式