Invention Grant
US09043309B2 SQL transformation-based optimization techniques for enforcement of data access control
有权
用于执行数据访问控制的基于SQL变换的优化技术
- Patent Title: SQL transformation-based optimization techniques for enforcement of data access control
- Patent Title (中): 用于执行数据访问控制的基于SQL变换的优化技术
-
Application No.: US13488739Application Date: 2012-06-05
-
Publication No.: US09043309B2Publication Date: 2015-05-26
- Inventor: Tanvir Ahmed , Thomas Keefe , Chao Liang , Vikram Pesati
- Applicant: Tanvir Ahmed , Thomas Keefe , Chao Liang , Vikram Pesati
- Applicant Address: US CA Redwood Shores
- Assignee: ORACLE INTERNATIONAL CORPORATION
- Current Assignee: ORACLE INTERNATIONAL CORPORATION
- Current Assignee Address: US CA Redwood Shores
- Agency: Hickman Palermo Becker Bingham LLP
- Main IPC: G06F17/30
- IPC: G06F17/30 ; G06F21/62
Abstract:
Techniques are provided for a database server to identify a query that comprises an access check operator specifying a data access control policy, and if so, to re-write the query to produce an optimized query execution plan. A first technique rewrites a query comprising an access check operator based on the privileges associated with the database principal requesting the query. The rewritten query exposes the access predicates relevant to the requesting principal to subsequent database optimization processes. A second technique rewrites a query comprising an access check operator that specifies a data security policy that does not include a denied privilege. A third technique rewrites a query that comprises an access check operator specifying one or more database table columns that store row-specific access control lists. The rewritten queries are used to generate a query execution plan that provides for several query execution optimizations.
Public/Granted literature
- US20130325841A1 SQL TRANSFORMATION-BASED OPTIMIZATION TECHNIQUES FOR ENFORCEMENT OF DATA ACCESS CONTROL Public/Granted day:2013-12-05
Information query
