Patent · US Active

Reducing network attack surface area for a database using deep input validation

US11277435B2 · kind B2 · utility

0Cited by

12References

24Claims

0Family size

Assignee

Oracle International Corporation · US

Inventors

Krishna Mohan Itikarlapalli · Bengaluru, IN
Santanu Datta · Fremont, US
Srinath Krishnaswamy · Redwood City, US
Lakshminarayanan Chidambaran · San Jose, US
Rajesh Kumar · Palo Alto, US
Sumit Sahu · Kanchinakote, IN
Rajendra Pingte · Foster City, US

Key dates

Filing date	Sep 14, 2017
Grant date	Mar 15, 2022
Priority date	—
Expiry date	Aug 13, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F16/00
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques described herein improve database security by reducing network attack surface area in conjunction with deep input validation. In an embodiment, a database session receives one or more network packets sent via a network, the database session including a database session state that specifies one or more database privileges. The database session reads said one or more network packets into one or more request-packet-buffers, wherein said one or more request-packet-buffers include an RPC op code for a database operation. Based on the one or more database privileges associated with the user associated with the database session, the database session determines whether the RPC op code may be executed. In response to determining that the RPC op code may be executed by said database session, the RPC op code is executed. In response to determining that the op code may not be executed by said database session, the execution of the RPC op code is prevented.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.