-
公开(公告)号:US20100268722A1
公开(公告)日:2010-10-21
申请号:US12386560
申请日:2009-04-20
IPC分类号: G06F17/30
CPC分类号: G06F17/30958
摘要: Systems, methods, and other embodiments associated with access control for graph data at the instance-level are described. One example method includes accepting data access constraints that are expressed as match and apply pattern pairs to enforce security policies. A user query on graph data with a security policy restricts the returned data to data that the user is authorized to access. For this purpose, a user query that includes query selection criteria corresponding to one or more match pattern criteria based on the resource referenced in the query is rewritten to include security conditions specified in the associated apply pattern to restrict access to the graph data.
摘要翻译: 描述了与在实例级别的图形数据的访问控制相关联的系统,方法和其他实施例。 一个示例性方法包括接受表示为匹配的数据访问约束,并应用模式对以执行安全策略。 对具有安全策略的图形数据的用户查询将返回的数据限制为用户被授权访问的数据。 为此,重写包括基于查询中引用的资源的与一个或多个匹配模式标准相对应的查询选择标准的用户查询,以包括在相关联的应用模式中指定的安全条件以限制对图形数据的访问。
-
公开(公告)号:US09244981B2
公开(公告)日:2016-01-26
申请号:US12317858
申请日:2008-12-30
CPC分类号: G06F17/30507 , G06F21/6245
摘要: Systems, methods, and other embodiments associated with resource description framework (RDF) security are described. One example method includes generating, based on sensitivity labels associated with the contents of a triple in an RDF record, a sensitivity label. The example method may also include comparing the sensitivity label to an access label associated with an entity requesting an action associated with the record to be performed. The example method may also include performing the action upon determining that the entity has sufficient permission to request the action.
摘要翻译: 描述了与资源描述框架(RDF)安全性相关联的系统,方法和其他实施例。 一个示例性方法包括基于与RDF记录中的三元组的内容相关联的灵敏度标签来生成灵敏度标签。 示例性方法还可以包括将灵敏度标签与与请求与要执行的记录相关联的动作的实体相关联的访问标签进行比较。 该示例方法还可以包括在确定该实体具有足够的请求该动作的许可之后执行该动作。
-
公开(公告)号:US20100169966A1
公开(公告)日:2010-07-01
申请号:US12317858
申请日:2008-12-30
CPC分类号: G06F17/30507 , G06F21/6245
摘要: Systems, methods, and other embodiments associated with resource description framework (RDF) security are described. One example method includes generating, based on sensitivity labels associated with the contents of a triple in an RDF record, a sensitivity label. The example method may also include comparing the sensitivity label to an access label associated with an entity requesting an action associated with the record to be performed. The example method may also include performing the action upon determining that the entity has sufficient permission to request the action.
摘要翻译: 描述了与资源描述框架(RDF)安全性相关联的系统,方法和其他实施例。 一个示例性方法包括基于与RDF记录中的三元组的内容相关联的灵敏度标签来生成灵敏度标签。 示例性方法还可以包括将灵敏度标签与与请求与要执行的记录相关联的动作的实体相关联的访问标签进行比较。 该示例方法还可以包括在确定该实体具有足够的请求该动作的许可之后执行该动作。
-
公开(公告)号:US08250048B2
公开(公告)日:2012-08-21
申请号:US12386560
申请日:2009-04-20
IPC分类号: G06F7/00
CPC分类号: G06F17/30958
摘要: Systems, methods, and other embodiments associated with access control for graph data at the instance-level are described. One example method includes accepting data access constraints that are expressed as match and apply pattern pairs to enforce security policies. A user query on graph data with a security policy restricts the returned data to data that the user is authorized to access. For this purpose, a user query that includes query selection criteria corresponding to one or more match pattern criteria based on the resource referenced in the query is rewritten to include security conditions specified in the associated apply pattern to restrict access to the graph data.
摘要翻译: 描述了与在实例级别的图形数据的访问控制相关联的系统,方法和其他实施例。 一个示例性方法包括接受表示为匹配的数据访问约束,并应用模式对以执行安全策略。 对具有安全策略的图形数据的用户查询将返回的数据限制为用户被授权访问的数据。 为此,重写包括基于查询中引用的资源的与一个或多个匹配模式标准相对应的查询选择标准的用户查询,以包括在相关联的应用模式中指定的安全条件以限制对图形数据的访问。
-
公开(公告)号:US20090077135A1
公开(公告)日:2009-03-19
申请号:US12102831
申请日:2008-04-14
IPC分类号: G06F17/30
CPC分类号: G06F17/30359
摘要: Techniques are provided for freeing up resources before operations that change the resources have successfully completed. Resources are freed up by committing database transactions that perform portions of operations before the operations themselves have successfully completed. If the operations fail to complete successfully, then “compensation information” is used to remove the effects of the committed changes that were performed as part of the operation. Techniques are also provided for allowing database transactions to update values without retaining exclusive locks on those values. Operational constraints set forth conditions that must be satisfied before an update is allowed to proceed. If an attempt is made to update a particular value that has changes that may be undone, then the database server determines a plurality of “possible result values” for the particular value. If the possible result values satisfy the operational constraint conditions, then the update is allowed to proceed.
摘要翻译: 提供了在更改资源成功完成的操作之前释放资源的技术。 通过在操作本身已经成功完成之前提交执行部分操作的数据库事务来释放资源。 如果操作无法成功完成,则使用“补偿信息”来消除作为操作一部分而执行的所作出的更改的影响。 还提供了允许数据库事务更新值而不保留这些值的排他锁的技术。 操作约束规定了允许进行更新之前必须满足的条件。 如果尝试更新具有可以被撤销的变化的特定值,则数据库服务器确定特定值的多个“可能的结果值”。 如果可能的结果值满足操作约束条件,则允许进行更新。
-
公开(公告)号:US07904434B2
公开(公告)日:2011-03-08
申请号:US12102831
申请日:2008-04-14
CPC分类号: G06F17/30359
摘要: Techniques are provided for freeing up resources before operations that change the resources have successfully completed. Resources are freed up by committing database transactions that perform portions of operations before the operations themselves have successfully completed. If the operations fail to complete successfully, then “compensation information” is used to remove the effects of the committed changes that were performed as part of the operation. Techniques are also provided for allowing database transactions to update values without retaining exclusive locks on those values. Operational constraints set forth conditions that must be satisfied before an update is allowed to proceed. If an attempt is made to update a particular value that has changes that may be undone, then the database server determines a plurality of “possible result values” for the particular value. If the possible result values satisfy the operational constraint conditions, then the update is allowed to proceed.
摘要翻译: 提供了在更改资源成功完成的操作之前释放资源的技术。 通过在操作本身已经成功完成之前提交执行部分操作的数据库事务来释放资源。 如果操作无法成功完成,则使用“补偿信息”来消除作为操作一部分而执行的所作出的更改的影响。 还提供了允许数据库事务更新值而不保留这些值的排他锁的技术。 操作约束规定了允许进行更新之前必须满足的条件。 如果尝试更新具有可能被撤销的变化的特定值,则数据库服务器确定特定值的多个“可能的结果值”。 如果可能的结果值满足操作约束条件,则允许进行更新。
-
7.发明授权Index with entries that store the key of a row and all non-key values of the row 有权索引,其中存储行的键和行的所有非键值的条目
公开(公告)号:US6128610A
公开(公告)日:2000-10-03
申请号:US139526
申请日:1998-08-25
申请人: Jagannathan Srinivasan , Samuel De Fazio , Anil Nori , Souripriya Das , Chuck Freiwald , Jayanta Banerjee
发明人: Jagannathan Srinivasan , Samuel De Fazio , Anil Nori , Souripriya Das , Chuck Freiwald , Jayanta Banerjee
IPC分类号: G06F17/30
CPC分类号: G06F17/30321 , Y10S707/99932 , Y10S707/99933 , Y10S707/99943
摘要: A method and apparatus for efficiently storing and retrieving data in a database using index-only tables is disclosed. Storing a row of data in a database using index-only tables involves storing in a leaf node an index entry that includes a key value along with all other values in the row of data. If the row of data exceeds a predetermined size, then a portion of the row of data is stored in a user specified overflow area. Retrieving a row of data from an index-only table for a user-supplied key involves identifying a leaf node for the key, and reading a row of data from the index entry and any remaining portion from the overflow area when the row exceeds the predetermined size.
摘要翻译: 公开了一种使用仅索引表在数据库中有效地存储和检索数据的方法和装置。 使用仅索引表存储数据库中的一行数据涉及在叶节点中存储包含键值的索引条目以及数据行中的所有其他值。 如果该数据行超过预定大小,则该行数据的一部分被存储在用户指定的溢出区域中。 从用户提供的密钥的仅索引表中检索一行数据涉及识别密钥的叶节点,并且当该行超过预定的值时从索引条目读取一行数据和来自溢出区域的剩余部分 尺寸。
-
公开(公告)号:US5852822A
公开(公告)日:1998-12-22
申请号:US764112
申请日:1996-12-09
CPC分类号: G06F17/30327 , Y10S707/99933 , Y10S707/99934 , Y10S707/99936 , Y10S707/99952
摘要: A method and apparatus for building, maintaining, and using a multi-level index is provided. The multi-level index is accessed using a key. The key is divided into multiple portions referred to as sub-keys. The first level of the multi-level index is built on a first-level sub-key. Each index entry at the first-level is for a particular first-level sub-key value, and either includes sub-entries associated with second-level sub-key values or a reference to a second-level data retrieval structure. All second-level data retrieval structures are built on the portion of the key that has been designated as the second-level sub-key. As the vocabulary of the first-level sub-key becomes exhausted, fewer maintenance operations will have to be performed to maintain the first-level data retrieval structure. This decreases the overhead and increases the concurrency in a database system that uses the multiple-level index. The multi-level index structure is especially suited for queries that retrieve all values for a given first-level sub-key. The structure also has reduced storage costs compared to a single-level index structure, since first-level sub-key values are stored only once for each nested group.
摘要翻译: 提供了一种用于构建,维护和使用多级索引的方法和装置。 使用密钥访问多级索引。 密钥分为多个部分,称为子密钥。 多级索引的第一级建立在一级子密钥上。 第一级的每个索引条目用于特定的一级子密钥值,并且包括与二级子密钥值相关联的子条目或对二级数据检索结构的引用。 所有二级数据检索结构都建立在已被指定为二级子密钥的密钥部分上。 由于第一级子密钥的词汇量已经耗尽,因此维护第一级数据检索结构将不得不执行较少的维护操作。 这降低了开销,并增加了使用多级索引的数据库系统中的并发性。 多级索引结构特别适用于检索给定一级子密钥的所有值的查询。 与单级索引结构相比,结构也降低了存储成本,因为对于每个嵌套组,一级子键值只存储一次。
-
公开(公告)号:US09384222B2
公开(公告)日:2016-07-05
申请号:US13440702
申请日:2012-04-05
申请人: Jayanta Banerjee , Robert Hanckel , Siva Ravada
发明人: Jayanta Banerjee , Robert Hanckel , Siva Ravada
IPC分类号: G06F17/30
CPC分类号: G06F17/30306
摘要: Techniques for history enabling a table in a database system so that past versions of rows of the history-enabled table are available for temporal querying. The table is history enabled by adding a start time column to the table and creating a history table for the history-enabled table. The start time field's value in a row of the history-enabled table indicates when the contents of the row last changed. The rows of the history table are copies of rows of the history-enabled table that have been deleted or updated. The rows include end time fields whose values indicate when the row was updated or deleted. A history table's row thus indicates a period in which the history table's row was in the history-enabled table. Temporal queries are performed on a view which is the union of the history-enabled table and the history table.
摘要翻译: 用于历史的技术,使数据库系统中的表能够使历史启用的表的行的历史版本可用于时间查询。 通过向表中添加开始时间列并为启用历史记录的表创建历史记录表来启用表。 历史使能表中的行的起始时间字段的值指示行的内容何时更改。 历史记录表的行是已经被删除或更新的启用历史记录的表的行的副本。 这些行包括结束时间字段,其值指示行何时更新或删除。 历史表格的行因此表示历史记录表的行在启用历史记录的表中的一段时间。 时间查询是在具有历史记录功能的表和历史记录表的联合的视图上执行的。
-
公开(公告)号:US20070130226A1
公开(公告)日:2007-06-07
申请号:US11291446
申请日:2005-12-01
申请人: Jayanta Banerjee , Robert Hanckel , Siva Ravada
发明人: Jayanta Banerjee , Robert Hanckel , Siva Ravada
IPC分类号: G06F17/30
CPC分类号: G06F17/30306
摘要: Techniques for history enabling a table in a database system so that past versions of rows of the history-enabled table are available for temporal querying. The table is history enabled by adding a start time column to the table and creating a history table for the history-enabled table. The start time field's value in a row of the history-enabled table indicates when the contents of the row last changed. The rows of the history table are copies of rows of the history-enabled table that have been deleted or updated. The rows include end time fields whose values indicate when the row was updated or deleted. A history table's row thus indicates a period in which the history table's row was in the history-enabled table. Temporal queries are performed on a view which is the union of the history-enabled table and the history table.
摘要翻译: 用于历史的技术,使数据库系统中的表能够使历史启用的表的行的历史版本可用于时间查询。 通过向表中添加开始时间列并为启用历史记录的表创建历史记录表来启用表。 历史使能表中的行的起始时间字段的值指示行的内容何时更改。 历史记录表的行是已经被删除或更新的启用历史记录的表的行的副本。 这些行包括结束时间字段,其值指示行何时更新或删除。 历史表格的行因此表示历史记录表的行在启用历史记录的表中的一段时间。 时间查询是在具有历史记录功能的表和历史记录表的联合的视图上执行的。
-
-
-
-
-
-
-
-
-
搜索结果
20 条记录 (耗时 0.023 秒)
