ENCRYPTION OF SECURITY-SENSITIVE DATA BY RE-USING A CONNECTION
    1.
    发明申请
    ENCRYPTION OF SECURITY-SENSITIVE DATA BY RE-USING A CONNECTION 失效
    通过重新使用连接来加密安全敏感数据

    公开(公告)号:US20110055563A1

    公开(公告)日:2011-03-03

    申请号:US12912652

    申请日:2010-10-26

    IPC分类号: H04L9/32

    摘要: Techniques are provided for processing data. Connections having different security properties are stored, wherein each of the connections allows applications at the client computer to access data sources at a server computer. A request is received from an application to access a data source, wherein the request has associated security properties. In response to the client computer requesting establishment of a connection on behalf of the application, it is determined whether there is a stored connection that used a same set of security properties as are associated with the request from the application and that connected to the data source that the application requests access to. In response to determining that there is a stored connection that used the same set of security properties and that connected to the data source, the connection and an associated client encryption seed, client encryption token, server encryption seed, and server encryption token are re-used. In response to determining that there is not a connection that used the same set of security properties and that connected to the data source, a new client connection key, client encryption seed, client encryption token, sever connection key, server encryption seed, and server encryption token are generated.

    摘要翻译: 提供了处理数据的技术。 存储具有不同安全属性的连接,其中每个连接允许客户端计算机上的应用访问服务器计算机上的数据源。 从应用程序接收到访问数据源的请求,其中所述请求具有相关联的安全属性。 响应于客户端计算机代表应用程序请求建立连接,确定是否存在使用与来自应用的请求相关联并且连接到数据源的相同的一组安全属性的存储连接 应用程序请求访问。 响应于确定存在使用相同的一组安全属性并连接到数据源的存储连接,连接和关联的客户机加密种子,客户端加密令牌,服务器加密种子和服务器加密令牌被重新连接, 用过的。 响应于确定没有使用相同的一组安全属性并连接到数据源的连接,新的客户端连接密钥,客户端加密种子,客户端加密令牌,服务器连接密钥,服务器加密种子和服务器 生成加密令牌。

    Encryption of security-sensitive data by re-using a connection
    2.
    发明授权
    Encryption of security-sensitive data by re-using a connection 失效
    通过重新使用连接来加密安全敏感数据

    公开(公告)号:US08200972B2

    公开(公告)日:2012-06-12

    申请号:US12912652

    申请日:2010-10-26

    IPC分类号: H04L9/32

    摘要: Techniques are provided for processing data. Connections having different security properties are stored, wherein each of the connections allows applications at the client computer to access data sources at a server computer. A request is received from an application to access a data source, wherein the request has associated security properties. In response to the client computer requesting establishment of a connection on behalf of the application, it is determined whether there is a stored connection that used a same set of security properties as are associated with the request from the application and that connected to the data source that the application requests access to. In response to determining that there is a stored connection that used the same set of security properties and that connected to the data source, the connection and an associated client encryption seed, client encryption token, server encryption seed, and server encryption token are re-used. In response to determining that there is not a connection that used the same set of security properties and that connected to the data source, a new client connection key, client encryption seed, client encryption token, sever connection key, server encryption seed, and server encryption token are generated.

    摘要翻译: 提供了处理数据的技术。 存储具有不同安全属性的连接,其中每个连接允许客户端计算机上的应用访问服务器计算机上的数据源。 从应用程序接收到访问数据源的请求,其中所述请求具有相关联的安全属性。 响应于客户端计算机代表应用程序请求建立连接,确定是否存在使用与来自应用的请求相关联并且连接到数据源的相同的一组安全属性的存储连接 应用程序请求访问。 响应于确定存在使用相同的一组安全属性并连接到数据源的存储连接,连接和关联的客户机加密种子,客户端加密令牌,服务器加密种子和服务器加密令牌被重新连接, 用过的。 响应于确定没有使用相同的一组安全属性并连接到数据源的连接,新的客户端连接密钥,客户端加密种子,客户端加密令牌,服务器连接密钥,服务器加密种子和服务器 生成加密令牌。

    Method for providing and utilizing a network trusted context
    3.
    发明授权
    Method for providing and utilizing a network trusted context 失效
    提供和利用网络信任上下文的方法

    公开(公告)号:US07568039B2

    公开(公告)日:2009-07-28

    申请号:US11023921

    申请日:2004-12-27

    IPC分类号: G06F21/00

    CPC分类号: H04L63/08 H04L63/102

    摘要: A method for establishing a connection between a data server and a middleware server is disclosed. The method includes defining a plurality of trust attributes corresponding to a trusted context between the middleware server and the data server and validating the plurality of trust attributes against a plurality of attributes corresponding to the middleware server. The plurality of attributes provided in a connection request. The method also includes establishing the trusted context based on the validating the plurality of trust attributes.

    摘要翻译: 公开了一种在数据服务器和中间件服务器之间建立连接的方法。 该方法包括定义与中间件服务器和数据服务器之间的信任上下文相对应的多个信任属性,并针对对应于中间件服务器的多个属性来验证多个信任属性。 在连接请求中提供的多个属性。 该方法还包括基于验证多个信任属性来建立可信赖的上下文。

    System for providing and utilizing a network trusted context
    4.
    发明授权
    System for providing and utilizing a network trusted context 失效
    用于提供和利用网络可信上下文的系统

    公开(公告)号:US07661125B2

    公开(公告)日:2010-02-09

    申请号:US12166839

    申请日:2008-07-02

    IPC分类号: G06F21/00 H04L9/00

    CPC分类号: H04L63/08 H04L63/102

    摘要: A system for establishing a connection between a data server and a middleware server is disclosed. The system includes defining a plurality of trust attributes corresponding to a trusted context between the middleware server and the data server and validating the plurality of trust attributes against a plurality of attributes corresponding to the middleware server. The plurality of attributes provided in a connection request. The system also includes establishing the trusted context based on the validating the plurality of trust attributes.

    摘要翻译: 公开了一种用于在数据服务器和中间件服务器之间建立连接的系统。 该系统包括定义与中间件服务器和数据服务器之间的可信上下文相对应的多个信任属性,并针对对应于中间件服务器的多个属性来验证多个信任属性。 在连接请求中提供的多个属性。 该系统还包括基于验证多个信任属性来建立可信赖的上下文。

    Method of returning data during insert statement processing
    5.
    发明授权
    Method of returning data during insert statement processing 有权
    插入语句处理期间返回数据的方法

    公开(公告)号:US07711730B2

    公开(公告)日:2010-05-04

    申请号:US10744633

    申请日:2003-12-22

    IPC分类号: G06F7/00 G06F17/30

    CPC分类号: G06F17/30595 G06F17/30463

    摘要: A method for generating an execution plan for updating and retrieving data from a database in a single process includes: receiving a statement by a server to update a database with a first set of data and to retrieve a second set of data from the database; building a first execution plan to update the database with the first set of data; building a second execution plan to retrieve the second set of data from the database; and building a single execution plan including a combination of the first and second execution plans. The single execution plan allows for the updating and retrieval of data with a single crossing of an interface between a client and the database. By performing both functions in this manner, the efficiency of performing such tasks on the database is significantly increased.

    摘要翻译: 一种用于生成用于在单个进程中从数据库更新和检索数据的执行计划的方法包括:由服务器接收用第一组数据更新数据库的语句,并从数据库中检索第二组数据; 构建第一个执行计划,用第一组数据更新数据库; 构建第二个执行计划以从数据库中检索第二组数据; 并构建包括第一和第二执行计划的组合的单个执行计划。 单个执行计划允许通过客户端和数据库之间的接口的单个​​交叉来更新和检索数据。 通过以这种方式执行这两个功能,在数据库上执行这样的任务的效率显着增加。

    Method and system of subsetting a cluster of servers
    6.
    发明授权
    Method and system of subsetting a cluster of servers 失效
    子集服务器集群的方法和系统

    公开(公告)号:US07299231B2

    公开(公告)日:2007-11-20

    申请号:US10903665

    申请日:2004-07-29

    IPC分类号: G06F17/30

    摘要: A method and system of subsetting a group of server systems configures a server system with a group name and a group port, and with at least one subset name and subset port. The server system, when activated, reads its configuration and registers with a system routing entity as being part of the group name and the group port, and as being part of the subset name and the subset port. In this manner, server systems can be targeted via its subset name and subset port, while also accessible via the common name and port for the group. If the group includes a workload balancer, the server system also registers with the workload balancer using the group name and the subset name, such that workload balancing is provided for the subset.

    摘要翻译: 子集一组服务器系统的方法和系统配置具有组名称和组端口以及至少一个子集名称和子集端口的服务器系统。 服务器系统激活时,将其配置和系统路由实体注册为组名称和组端口的一部分,并作为子集名称和子集端口的一部分。 以这种方式,可以通过其子集名称和子集端口来定位服务器系统,同时还可以通过该组的公用名称和端口访问服务器系统。 如果组包括工作负载均衡器,则服务器系统还使用组名称和子集名称向工作负载平衡器注册,以便为该子集提供工作负载平衡。

    Package resolution mechanism for database systems
    7.
    发明授权
    Package resolution mechanism for database systems 有权
    数据库系统的包解析机制

    公开(公告)号:US07899797B2

    公开(公告)日:2011-03-01

    申请号:US10730192

    申请日:2003-12-04

    IPC分类号: G06F7/00 G06F17/30

    CPC分类号: G06F17/30595

    摘要: A method and system for providing package resolution in a database system is disclosed. The method and system comprise providing a statement within a server which allows an application to identify a list of package collections. The method and system further includes executing the statement to obtain the appropriate package. A system and method in accordance with the present invention provides a new current package path value, which is set via a statement referred to as Set Current Package Path. The SET CURRENT PACKAGE PATH statement allows the application to supply a precedence list of qualified package collections during execution time, therefore the scheme for resolving packages can be changed at any point during execution. The SET CURRENT PACKAGE PATH statement improves application development by making the package resolution mechanism less error prone and less tedious for the application developer, while providing an optimal-performance solution in the client-server environment.

    摘要翻译: 公开了一种在数据库系统中提供打包分辨率的方法和系统。 方法和系统包括在服务器内提供允许应用程序识别包集合列表的语句。 该方法和系统还包括执行该语句以获得适当的包。 根据本发明的系统和方法提供新的当前包路径值,其通过称为设置当前包路径的语句来设置。 SET CURRENT PACKAGE PATH语句允许应用程序在执行时间内提供合格的包集合的优先列表,因此可以在执行期间的任何时候更改解决包的方案。 SET CURRENT PACKAGE PATH语句通过使程序包解析机制对于应用程序开发人员而言更不容易出错,更乏味,同时在客户端 - 服务器环境中提供最佳性能解决方案,从而改进了应用程序开发。

    Method for managing distributed savepoints across multiple DBMS's within a distributed transaction
    8.
    发明授权
    Method for managing distributed savepoints across multiple DBMS's within a distributed transaction 失效
    在分布式事务中跨多个DBMS管理分布式保存点的方法

    公开(公告)号:US06816873B2

    公开(公告)日:2004-11-09

    申请号:US09858735

    申请日:2001-05-15

    IPC分类号: G06F1200

    摘要: System, method, and program product for managing transactions on a plurality of Database Management Systems residing on separate participant servers and a coordinator server. A single transaction proceeds by multiple steps across more then one of the plurality of Database Management Systems as participants. Savepoints are assigned to the participants across the Database Management System, with at least one savepoint within a multiple step transaction. The DBMS responds to application requests to rollback to savepoint by rolling back the transaction, across the Database Management System participants, to the savepoint Further disclosed is a program product that contains code, which, either as written on the medium, or as instantiated in RAM, or both, controls the operation of a distributed database management system.

    摘要翻译: 用于管理驻留在单独的参与者服务器和协调器服务器上的多个数据库管理系统上的事务的系统,方法和程序产品。 单个事务通过作为参与者的多个数据库管理系统中的多于一个的多个步骤进行。 保存点被分配给跨数据库管理系统的参与者,在多步事务中至少有一个保存点。 DBMS通过将数据库管理系统参与者的事务回滚到保存点来响应应用程序请求回滚到保存点。另外披露的是一个程序产品,其中包含代码,无论是在介质上写入还是在RAM中实例化 ,或两者都控制分布式数据库管理系统的操作。

    Computer-readable medium to multiplex multiple application server requests over a single database connection
    9.
    发明授权
    Computer-readable medium to multiplex multiple application server requests over a single database connection 失效
    用于通过单个数据库连接复用多个应用程序服务器请求的计算机可读介质

    公开(公告)号:US07933948B2

    公开(公告)日:2011-04-26

    申请号:US12164920

    申请日:2008-06-30

    IPC分类号: G06F15/16

    摘要: In a system for avoiding section collision for application server requests over a single database connection, the database server assigns query identifiers to each instance of the same cursor opened for the same processing level within an application, allowing multiple instances of the same cursor to be processed in parallel without section collision. The application server assigns a command source identifier to each statement sent over a single database connection to uniquely identify the application source of the statement. This applies for multiples of the same statement sent by different application sources within the same application, for a single statement containing multiple application sources, and for multiple statements from different applications multiplexed over a single database connection. These statements can be processed separately from and in parallel with the each other without section collision.

    摘要翻译: 在用于通过单个数据库连接避免应用程序服务器请求的部分冲突的系统中,数据库服务器为应用程序内为相同处理级别打开的同一个游标的每个实例分配查询标识符,允许处理相同光标的多个实例 平行而无分段碰撞。 应用程序服务器为通过单个数据库连接发送的每个语句分配命令源标识符,以唯一标识语句的应用程序源。 这适用于同一应用程序中由不同应用程序源发送的相同语句的倍数,对于包含多个应用程序源的单个语句,以及来自通过单个数据库连接复用的不同应用程序的多个语句。 这些语句可以彼此分开处理,也可以彼此并行处理,而不会出现部分冲突。

    Method and apparatus for manipulating data within a remote database in a multiple tier environment
    10.
    发明授权
    Method and apparatus for manipulating data within a remote database in a multiple tier environment 有权
    用于在多层环境中操纵远程数据库内的数据的方法和装置

    公开(公告)号:US07725459B2

    公开(公告)日:2010-05-25

    申请号:US11290494

    申请日:2005-12-01

    IPC分类号: G06F17/30 G06F7/00

    摘要: An embodiment of the present invention enables manipulation of data on a remote server and ensures uniqueness of data identifiers in a multi-tier environment, where a database client communicates through one or more intermediate servers to reach the target server containing the remote database. In particular, a client system transmits a query to the target server via a gateway system and receives a handle or data reference and a query identification for subsequent manipulation of data residing on that target server. A new query identification is generated by the gateway system and mapped with the query identification of the intended target server. When the client system transmits a query with the gateway query identification, the gateway system performs a lookup operation to identify the corresponding target server and subsequently forwards the query and target server query identification to the identified target server for processing.

    摘要翻译: 本发明的实施例能够操纵远程服务器上的数据,并确保数据库客户端通过一个或多个中间服务器进行通信以到达包含远程数据库的目标服务器的多层环境中的数据标识符的唯一性。 特别地,客户端系统经由网关系统向目标服务器发送查询,并接收句柄或数据引用以及查询标识,用于后续操作驻留在该目标服务器上的数据。 新的查询标识由网关系统生成,并与目标服务器的查询标识进行映射。 当客户端系统发送具有网关查询标识的查询时,网关系统执行查找操作以识别对应的目标服务器,随后将查询和目标服务器查询标识转发到所识别的目标服务器进行处理。