Patent · US Active

SQL transformation-based optimization techniques for enforcement of data access control

US9043309B2 · kind B2 · utility

6Cited by

0References

20Claims

0Family size

Assignee

Oracle International Corporation · US

Inventors

Tanvir Ahmed · Bellevue, US
Thomas Keefe · Mill Valley, US
Chao Liang · San Ramon, US
Vikram Pesati · San Jose, US

Key dates

Filing date	Jun 5, 2012
Grant date	May 26, 2015
Priority date	—
Expiry date	Feb 14, 2033

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2141
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Techniques are provided for a database server to identify a query that comprises an access check operator specifying a data access control policy, and if so, to re-write the query to produce an optimized query execution plan. A first technique rewrites a query comprising an access check operator based on the privileges associated with the database principal requesting the query. The rewritten query exposes the access predicates relevant to the requesting principal to subsequent database optimization processes. A second technique rewrites a query comprising an access check operator that specifies a data security policy that does not include a denied privilege. A third technique rewrites a query that comprises an access check operator specifying one or more database table columns that store row-specific access control lists. The rewritten queries are used to generate a query execution plan that provides for several query execution optimizations.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.