Search Images Maps Play YouTube News Gmail Drive More »
Advanced Patent Search | Web History | Sign in

Patents

An access control system provides multilevel and mandatory access control for a database management system. The access control systems provide access control at the row level in a relational database table. The database table contains a security label column within which is recorded a security label that is defined within a hierarchical security scheme. A user's security label is encoded with security information concerning the user. When a user requests access to a row, a security mechanism compares the user's security information with the security information in the row. If the user's security dominates the row's security, the user is given access to the row.

InventorsCurt Cotner, Roger Lee Miller
Original AssigneeInternational Business Machines Corporation
Primary Examiner: Marceau Milord
Attorney: Sughrue Mion, PLLC
Current U.S. Classification707/3; 707/4; 707/9; 707/103; 707/201; 709/225; 713/201; 713/202

View patent at USPTO
Search USPTO Assignment Database

Citations

Cited PatentFiling dateIssue dateOriginal AssigneeTitle
US548359624 Jan 19949 Jan 1996Paralon Technologies, Inc.Apparatus and method for controlling access to and interconnection of computer system resources
US55726731 Dec 19935 Nov 1996Sybase, Inc.Secure multi-level system for executing stored procedures
US569217916 Feb 199525 Nov 1997Sharp Kabushiki KaishaInformation retrieving apparatus
US575194923 May 199512 May 1998MCI CorporationData security system and method
US578742821 Aug 199628 Jul 1998British Telecommunications public limited companyControl of database access using security/user tag correspondence table
US589308710 Apr 19966 Apr 1999Dex Information Systems, Inc.Method and apparatus for improved information storage and retrieval system
US59130373 Jul 199615 Jun 1999Compaq Computer CorporationDynamic management information base manager
US59150863 Apr 199722 Jun 1999Oracle CorporationHierarchical protection of seed data
US594194718 Aug 199524 Aug 1999Microsoft CorporationSystem and method for controlling access to data entities in a computer network
US596364230 Dec 19965 Oct 1999Method and apparatus for secure storage of data
US59744084 Aug 199826 Oct 1999Oracle CorporationMethod and apparatus for executing a query that specifies a sort plus operation
US600623431 Oct 199721 Dec 1999Oracle CorporationLogical groupings within a database
US604437329 Sep 199728 Mar 2000International Business Machines CorporationObject-oriented access control method and system for military and commercial file systems
US604437829 Sep 199728 Mar 2000International Business Machines CorporationMethod and system for a federated digital library by managing links
US609807516 Dec 19971 Aug 2000International Business Machines CorporationDeferred referential integrity checking based on determining whether row at-a-time referential integrity checking would yield the same results as deferred integrity checking
US613454931 Mar 199517 Oct 2000Showcase CorporationClient/server computer system having personalizable and securable views of database data
US621979019 Jun 199817 Apr 2001Lucent Technologies Inc.Centralized authentication, authorization and accounting server with support for multiple transport protocols and multiple client types
US623361717 Aug 199915 May 2001Siebel Systems, Inc.Determining the visibility to a remote database client
US62666737 Jun 200024 Jul 2001Oracle CorporationPerforming operations on objects in a database system in a response to a request that specifies references that indicate where the objects reside
US62861044 Aug 19994 Sep 2001Oracle CorporationAuthentication and authorization in a multi-tier relational database management system
US636984010 Mar 19999 Apr 2002America Online, Inc.Multi-layered online calendaring and purchasing
US640521227 Sep 199911 Jun 2002Oracle CorporationDatabase system event triggers
US64841802 Aug 199919 Nov 2002Oracle CorporationAccessing domain object data stored in a relational database system
US64875525 Oct 199826 Nov 2002Oracle CorporationDatabase fine-grained access control
US65780377 Jun 200010 Jun 2003Oracle CorporationPartitioned access control to a database
US660662727 Aug 200112 Aug 2003Oracle CorporationTechniques for managing resources for multiple exclusive groups
US663137118 Sep 20027 Oct 2003Oracle International CorporationDatabase fine-grained access control
US671157920 Apr 200123 Mar 2004Sree Ayyanar Spinning and Weaving Mills LimitedData storage schema independent programming for data retrieval using semantic bridge
US677566811 Sep 200010 Aug 2004Novell, Inc.Method and system for enhancing quorum based access control to a database
US68200823 Apr 200016 Nov 2004Allegis CorporationRule based database security system and method
US69226969 Nov 200026 Jul 2005SRI InternationalLattice-based security classification system and method
US693141130 May 200216 Aug 2005Cryptek, Inc.Virtual data labeling system and method
US713402216 Jul 20027 Nov 2006Multi-level and multi-category data labeling system
US72400464 Sep 20023 Jul 2007International Business Machines CorporationRow-level security in a relational database management system
US746408010 May 20079 Dec 2008International Business Machines CorporationRow-level security in a relational database management system
US2002007307213 Dec 2001Method of controlling access to database, database device, method of controlling access to resource, information processing device, program, and storage medium for the program
US2002009540518 Jan 2001Hitachi America, Ltd.View definition with mask for cell-level data access control
US2003004657630 Aug 2001International Business Machines CorporationRole-permission model for security policy administration and enforcement
US2003014009719 Jun 2002Method and device for presenting data to a user

Claims

1. An apparatus for use within a database management system having a data manager and a database, for determining whether a user is authorized to perform a requested operation on a row of data held within the database, the user being associated with a user security label and the row having a row security label, the apparatus comprising:

a user security unit having recorded therein a hierarchy of security labels;

a read security unit connected to the user security unit and between the data manager and the database, and configured to return the row from the database to the data manager only if the user security label is located in the hierarchy at a level with privileges that are greater than or equal to privileges for a level in the hierarchy at which the row security label is located.

2. The apparatus of claim 1, further comprising a write security unit connected to the data security unit and between the data manager and the database, and configured to set the row security label to the same value as the user security label if the requested operation is a row update operation.

3. The apparatus of claim 2, wherein the write security unit is further configured to set the row security label with a level lower than the user security level if the user is authorized to update rows with a lower level security label and if security categories specified for the lower level security label are a proper subset of security categories associated with the user security label.

4. The apparatus of claim 1, wherein the requested operation is submitted in a request from a user that does not contain a view operation.

5. The apparatus of claim 1, wherein a table containing the row of data contains access control information for limiting user access to the database.

6. The apparatus of claim 1, further comprising a cache configured to store security information associated with a cached security label, wherein the read access control unit uses the security information in the cache if the row security label matches the cached security label.

7. The apparatus of claim 1, wherein the read security unit compares, for each row of the database satisfying the requested operation, the user security level associated with the user with the row security level associated with the row.

8. The apparatus of claim 1, wherein the hierarchy of security labels correspond to a group of different levels of security in a multilevel security system.

9. A program product embodied on a computer readable medium, for controlling access to a relational database, comprising program instructions which when executed cause a computer to:

receive a user request for data from the database, the request including a request to perform a database operation and a user security label;

determine user security information from the user security label;

retrieve, in response to the user request, rows of data from a table in the database satisfying the database operation, the rows each having a security label;

determine row security information for each of the retrieved rows based on the row's security label;
determine, for each retrieved row, whether the user is authorized to access the row based on the user security information and the row security information by determining if the user security information dominates the row security information; and
return only the rows for which the user is determined to have authorization to access.

10. The program product of claim 9, wherein the request one or more queries of one or more tables.

11. The program product of claim 9, wherein the table containing the rows of data contains access control information for limiting user access to the database.

12. The program product of claim 9, wherein the database operation is a query.

13. The program product of claim 9, wherein the database operation involves a row update.

14. The program product of claim 9, wherein said determining row security information includes checking a cache for row security information corresponding to the row's security label.

15. The program product of claim 9, wherein the user security label is one of plurality of security labels arranged in a hierarchy of security levels.

16. The program product of claim 15, wherein the user is determined to be authorized to access the retrieved row only if the user security level corresponds to a security level having greater than or equal degree of access than a security level indicated by the retrieved row's security label.

17. The program product of claim apparatus of claim 15, wherein the hierarchy of security labels correspond to a group of different levels of security in a multilevel security system.

18. The program product of claim 9, wherein the determining if the user security information dominates the row security information is based on comparing, for each row of the database satisfying the requested operation, the user security level associated with the user with the row security level associated with the row.

Drawings