Session attribute propagation through secure database server tiers

摘要

Mechanisms are provided for handling a database client request. An encrypted database client request (DCR) is received, by an unsecure access local agent, from a client computing device as part of a session between the client computing device and a database data processing system. The unsecure access local agent retrieves a database session information (DSI) address corresponding to the session and generates a first unique identifiable key (UIK) based on a portion of the encrypted DCR. The unsecure access local agent generates a DSI mapping data structure that maps the first UIK to the DSI address. A secure access local agent of the database data processing system processes the encrypted DCR using the DSI mapping data structure.

主权项

1. A method, in a data processing system comprising a processor and a memory, for handling a database client request, comprising:
receiving, by an unsecure access local agent of the data processing system, an encrypted database client request (DCR) from a client computing device as part of a session between the client computing device and the data processing system; retrieving, by the unsecure access local agent, a database session information (DSI) address corresponding to the session; generating, by the unsecure access local agent, a first unique identifiable key (UIK) based on a portion of the encrypted DCR; generating, by the unsecure access local agent, a DSI mapping data structure that maps the first UIK to the DSI address; and processing, by a secure access local agent of the data processing system, the encrypted DCR using the DSI mapping data structure, wherein generating the first UIK based on a portion of the encrypted DCR comprises: extracting an encrypted portion of the encrypted DCR as an encrypted pattern unique to the session; and storing the extracted encrypted portion of the encrypted DCR as the first UIK.