公开(公告)号：US07925023B2

公开(公告)日：2011-04-12

申请号：US11367812

申请日：2006-03-03

申请人： Paul Youn ,  Daniel ManHung Wong ,  Min-Hank Ho ,  Chon Hei Lei

发明人： Paul Youn ,  Daniel ManHung Wong ,  Min-Hank Ho ,  Chon Hei Lei

IPC分类号： H04L9/08

CPC分类号： H04L9/3234 ,  H04L9/083 ,  H04L9/3239 ,  H04L63/06 ,  H04L63/0807

摘要： One embodiment of the present invention provides a system for managing keys. During operation, the system authenticates a client at a key manager. Next, the system receives a token from the client at the key manager, wherein the token is associated with a customer key, and includes a token authenticator. This token authenticator comprises one-half of an authenticator pair which is used to determine if the client is the owner of the customer key. Next, the system decrypts the token using a master key. The system then verifies a client authenticator, which comprises the other half of the authenticator pair which is used to determine if the client is the owner of the customer key. If the client is the owner of the customer key, the system sends the customer key to the client, which enables the client to encrypt/decrypt data. Finally, the client deletes the customer key.

摘要翻译： 本发明的一个实施例提供一种用于管理密钥的系统。 在运行期间，系统会在密钥管理器身份验证客户端。 接下来，系统在密钥管理器处从客户端接收令牌，其中令牌与客户密钥相关联，并且包括令牌认证器。 该令牌认证器包括认证器对的一半，用于确定客户端是客户密钥的所有者。 接下来，系统使用主密钥解密令牌。 然后，系统验证客户端认证器，客户端认证器包括用于确定客户端是否是客户密钥的所有者的认证器对的另一半。 如果客户端是客户密钥的所有者，则系统将客户密钥发送给客户端，这使得客户端能够对数据进行加密/解密。 最后，客户端删除客户密钥。

公开(公告)号：US07827403B2

公开(公告)日：2010-11-02

申请号：US11106181

申请日：2005-04-13

申请人： Daniel ManHung Wong ,  Chon Hei Lei

发明人： Daniel ManHung Wong ,  Chon Hei Lei

IPC分类号： H04L29/06 ,  H04L9/08 ,  G06F11/30 ,  G06F7/04 ,  G06F7/00 ,  G06F17/30 ,  G06F12/00 ,  H04L9/00

CPC分类号： G06F21/6227

摘要： One embodiment of the present invention provides a system that decrypts an encrypted column in a row. During operation, the system receives the encrypted column in the row. The system then determines a security domain associated with the encrypted column in the row, wherein the security domain represents a set of columns in rows encrypted using the same key. Next, the system determines a key associated with the security domain. The system then decrypts the encrypted column in the row using the key. Note that using a security domain to represent a set of columns in rows enables the database to grant access to data within the database at arbitrary levels of granularity.

摘要翻译： 本发明的一个实施例提供一种解密一行中的加密列的系统。 在操作期间，系统接收该行中的加密列。 然后，系统确定与行中的加密列相关联的安全域，其中安全域表示使用相同密钥加密的行中的一组列。 接下来，系统确定与安全域相关联的密钥。 系统然后使用密钥解密行中的加密列。 请注意，使用安全域来表示行中的一组列使数据库能够以任意级别的粒度为数据库内的数据授予访问权限。

公开(公告)号：US20110067084A1

公开(公告)日：2011-03-17

申请号：US12561461

申请日：2009-09-17

申请人： Ji-Won Byun ,  Chi Ching Chui ,  Daniel ManHung Wong ,  Chon Hei Lei

发明人： Ji-Won Byun ,  Chi Ching Chui ,  Daniel ManHung Wong ,  Chon Hei Lei

IPC分类号： G06F21/00 ,  G06F17/30

CPC分类号： G06F21/6209 ,  G06F16/217 ,  G06F16/2343

摘要： One embodiment of the present invention provides a system that secures a database configuration from undesired modifications. This system allows a security officer to issue a configuration-locking command, which activates a lock for the configuration of a database object. When a configuration lock is activated for a database object, the system prevents a user (e.g., a database administrator) from modifying the configuration of the database object, without restricting the user from accessing the database object itself. The security officer is a trusted user that is responsible for maintaining the stability of the database configuration, such that a configuration lock activated by the security officer preserves the database configuration by overriding the privileges assigned to a database administrator.

摘要翻译： 本发明的一个实施例提供一种确保数据库配置免受不期望的修改的系统。 该系统允许安全员发布配置锁定命令，该命令激活用于配置数据库对象的锁。 当为数据库对象激活配置锁定时，系统防止用户（例如，数据库管理员）修改数据库对象的配置，而不会限制用户访问数据库对象本身。 安全官员是一个值得信赖的用户，负责维护数据库配置的稳定性，使得由安全人员激活的配置锁定通过覆盖分配给数据库管理员的权限来保留数据库配置。

公开(公告)号：US07761704B2

公开(公告)日：2010-07-20

申请号：US11084346

申请日：2005-03-17

申请人： Min-Hank Ho ,  Daniel ManHung Wong ,  Chon Hei Lei ,  Thomas Keefe

发明人： Min-Hank Ho ,  Daniel ManHung Wong ,  Chon Hei Lei ,  Thomas Keefe

IPC分类号： H04L29/06

CPC分类号： H04N21/433 ,  H04L9/083 ,  H04L2209/56 ,  H04N5/913 ,  H04N7/165 ,  H04N21/4627 ,  H04N21/6543 ,  H04N21/8355 ,  H04N2005/91364 ,  Y10S707/99944

摘要： One embodiment of the present invention provides a system that can expire encrypted-data. During operation, the system receives an expiry-request that includes object-identifying information, which can be used to identify a set of database objects that contain the encrypted-data, wherein a database object can be a table, a partition, a row, or a column in a row. Furthermore, a database object can have an expiration time, and it can be stored in an archive, which is typically used to store large amounts of data for long periods using a slower, but cheaper storage medium than the storage medium used by the database. The system then identifies a set of keys for the encrypted-data using the object-identifying information. Next, the system deletes the set of keys, thereby expiring the encrypted-data. Note that, deleting the set of keys ensures that the secure key repository does not contain any stale keys associated with expired encrypted-data.

摘要翻译： 本发明的一个实施例提供一种能够使加密数据过期的系统。 在操作期间，系统接收包含对象标识信息的到期请求，该信息可用于标识包含加密数据的一组数据库对象，其中数据库对象可以是表，分区，行， 或一列。 此外，数据库对象可以具有到期时间，并且可以将其存储在通常用于使用比数据库使用的存储介质更慢但更便宜的存储介质来长时间存储大量数据的存档。 然后，系统使用对象识别信息来标识用于加密数据的一组密钥。 接下来，系统删除一组密钥，从而使加密数据过期。 请注意，删除密钥集可确保安全密钥存储库不包含与过期的加密数据相关联的任何过时的密钥。

公开(公告)号：US07440962B1

公开(公告)日：2008-10-21

申请号：US09974085

申请日：2001-10-09

申请人： Daniel ManHung Wong ,  Nina Lewis ,  Chon Hei Lei

发明人： Daniel ManHung Wong ,  Nina Lewis ,  Chon Hei Lei

IPC分类号： G06F17/00

CPC分类号： G06F21/6218 ,  Y10S707/99942 ,  Y10S707/99943

摘要： An improved method and system for centrally managing and accessing attribute information in a distributed computing system is disclosed. Applications set up application specific user attributes in a directory. When an application user connects to a server, the server automatically accesses the directory to identify the relevant user attributes for that application. These user attributes are retrieved and stored in the session context. Standard LDAP attributes can also be retrieved from the directory and stored in the session context.

摘要翻译： 公开了一种用于在分布式计算系统中集中管理和访问属性信息的改进方法和系统。 应用程序在目录中设置应用程序特定的用户属性。 当应用程序用户连接到服务器时，服务器会自动访问目录，以识别该应用程序的相关用户属性。 这些用户属性被检索并存储在会话上下文中。 标准LDAP属性也可以从目录中检索并存储在会话上下文中。

公开(公告)号：US10540508B2

公开(公告)日：2020-01-21

申请号：US12561461

申请日：2009-09-17

申请人： Ji-Won Byun ,  Chi Ching Chui ,  Daniel ManHung Wong ,  Chon Hei Lei

发明人： Ji-Won Byun ,  Chi Ching Chui ,  Daniel ManHung Wong ,  Chon Hei Lei

IPC分类号： G06F21/62

摘要： One embodiment of the present invention provides a system that secures a database configuration from undesired modifications. This system allows a security officer to issue a configuration-locking command, which activates a lock for the configuration of a database object. When a configuration lock is activated for a database object, the system prevents a user (e.g., a database administrator) from modifying the configuration of the database object, without restricting the user from accessing the database object itself. The security officer is a trusted user that is responsible for maintaining the stability of the database configuration, such that a configuration lock activated by the security officer preserves the database configuration by overriding the privileges assigned to a database administrator.

公开(公告)号：US07770006B2

公开(公告)日：2010-08-03

申请号：US11139709

申请日：2005-05-26

申请人： Daniel ManHung Wong ,  MingKang Xu ,  Paul Youn ,  MinHank Ho ,  Chon Hei Lei

发明人： Daniel ManHung Wong ,  MingKang Xu ,  Paul Youn ,  MinHank Ho ,  Chon Hei Lei

IPC分类号： H04L9/32 ,  G06F21/00 ,  G06F17/30

CPC分类号： H04L9/085 ,  G06F21/6218 ,  G06F2221/2115 ,  Y10S707/99931

摘要： One embodiment of the present invention provides a system that authorizes a sensitive database operation. During operation, the system receives a request to perform a sensitive database operation. Note that, a sensitive database operation is an operation which, in the hands of a malicious user, poses a serious security threat. Next, the system determines a multiparty authorization requirement for the sensitive database operation, wherein the multiparty authorization requirement specifies a set of approvals required for authorizing the sensitive database operation. The system then sends approval requests to one or more approving parties based on the multiparty authorization requirement. Next, the system receives approvals for authorizing the sensitive database operation. The system then determines whether the approvals satisfy the multiparty authorization requirement. Next, if the approvals satisfy the multiparty authorization requirement, the system authorizes the sensitive database operation, thereby allowing the database to perform the sensitive database operation.

摘要翻译： 本发明的一个实施例提供了授权敏感数据库操作的系统。 在操作期间，系统接收到执行敏感数据库操作的请求。 请注意，敏感数据库操作是在恶意用户手中造成严重安全威胁的操作。 接下来，系统确定敏感数据库操作的多方授权要求，其中多方授权要求指定了授权敏感数据库操作所需的一组批准。 系统然后根据多方授权要求向一个或多个批准方发出批准请求。 接下来，系统接收授权敏感数据库操作的批准。 然后，系统确定批准是否满足多方授权要求。 接下来，如果批准满足多方授权要求，则系统授权敏感数据库操作，从而允许数据库执行敏感数据库操作。

公开(公告)号：US07117197B1

公开(公告)日：2006-10-03

申请号：US09559171

申请日：2000-04-26

申请人： Daniel ManHung Wong ,  Chon Hei Lei ,  Patrick F. Sack

发明人： Daniel ManHung Wong ,  Chon Hei Lei ,  Patrick F. Sack

IPC分类号： G06F17/30

CPC分类号： G06F17/30306 ,  Y10S707/99933

摘要： One embodiment of the present invention provides a system that selectively audits accesses to a relational database system. This system starts by receiving a query from a client at a database server. The system processes this query at the database server to produce a query result. The system also creates an audit record for rows in relational tables that are accessed by the query, and that satisfy an auditing condition. Next, the system records the audit record in an audit record store and returns the query result to the client. Integrating the auditing facility into the relational database system in this manner ensures that auditing is performed in the same way regardless of which application generates the query. Furthermore, this auditing is transparent to applications and users. In one embodiment of the present invention, the system additionally modifies the query so that processing the query causes the audit record to be created and recorded for rows in relational tables that are accessed by the query and that satisfy the auditing condition. In a variation on this embodiment, the auditing condition is associated with a table in the relational database system.

摘要翻译： 本发明的一个实施例提供了一种选择性地审计对关系数据库系统的访问的系统。 该系统从数据库服务器的客户端接收查询开始。 该系统在数据库服务器处理此查询以产生查询结果。 该系统还为查询中访问的关系表中的行创建审计记录，并满足审计条件。 接下来，系统将审计记录记录在审计记录存储中，并将查询结果返回给客户端。 以这种方式将审计工具集成到关系数据库系统中确保以相同的方式执行审计，而不管哪个应用程序生成查询。 此外，这种审核对应用程序和用户是透明的。 在本发明的一个实施例中，系统另外修改查询，使得处理查询导致为查询中访问并满足审计条件的关系表中的行创建和记录审计记录。 在该实施例的变型中，审计条件与关系数据库系统中的表相关联。

公开(公告)号：US08234694B2

公开(公告)日：2012-07-31

申请号：US11298775

申请日：2005-12-09

申请人： Paul Youn ,  Daniel ManHung Wong

发明人： Paul Youn ,  Daniel ManHung Wong

IPC分类号： H04L29/06

CPC分类号： H04L63/0846 ,  H04L63/0428

摘要： One embodiment of the present invention provides a system that re-establishes communication between a client and a server after an unexpected termination of communication. During operation, the system receives a request from the client at the server to re-establish communication between the client and the server, wherein the request includes a temporary credential. If the temporary credential is valid, the system temporarily re-establishes communication between the client and the server, until the client can be re-authenticated with a permanent credential.

摘要翻译： 本发明的一个实施例提供一种在意外终止通信之后重新建立客户端与服务器之间的通信的系统。 在操作期间，系统从服务器处的客户端接收请求，以重新建立客户端与服务器之间的通信，其中请求包括临时证书。 如果临时凭证有效，则系统会暂时重新建立客户端与服务器之间的通信，直到客户端可以通过永久凭证进行重新身份验证。

公开(公告)号：US07751570B2

公开(公告)日：2010-07-06

申请号：US11398187

申请日：2006-04-04

申请人： Paul Youn ,  Daniel ManHung Wong

发明人： Paul Youn ,  Daniel ManHung Wong

IPC分类号： H04L9/08 ,  H04L9/00 ,  H04L9/32

CPC分类号： H04L9/0822 ,  H04L9/0891 ,  H04L63/0428 ,  H04L63/06 ,  H04L2463/062

摘要： One embodiment of the present invention provides a system for managing keys. During operation, the system receives a request from a user at a database to encrypt/decrypt data at the database. In response to this request, the system sends a user-token to the user, wherein the user-token includes a user-key encrypted with a user-secret thereby enabling the user to decrypt the user-key with the user-secret. Next, the system receives the decrypted user-key from the user. The system then uses the user-key to encrypt/decrypt the data at the database. Finally, the system deletes the user-key at the database.

摘要翻译： 本发明的一个实施例提供一种用于管理密钥的系统。 在操作期间，系统从数据库接收来自用户的请求，以对数据库中的数据进行加密/解密。 响应于该请求，系统向用户发送用户令牌，其中用户令牌包括用用户秘密加密的用户密钥，从而使用户能够以用户秘密解密用户密钥。 接下来，系统从用户接收解密的用户密钥。 然后，系统使用用户密钥对数据库中的数据进行加密/解密。 最后，系统删除数据库中的用户密钥。