发明名称 |
AUTOMATIC DATA PROTECTION IN A COMPUTER SYSTEM |
摘要 |
Techniques are provided for a data security system that includes two mappings: a first mapping that maps a security policy to sensitive type and a second mapping that maps the sensitive type to one or more data sets. The sensitive type indicates a class of sensitive data. Example data sets include columns, tables, tablespaces, files, and directories in a file system. Because a security policy is not tightly coupled to a target data set, the security policy becomes data-agnostic, portable, and reusable. Also, a security policy may be objectless in that, at some point in time, the security policy is not associated with any data set. A security policy may also be multifunctional in that the security policy may include multiple security features or requirements. A security policy may also be exhaustive in that all necessary security requirements prescribed for a data set can be included in the security policy. |
申请公布号 |
US2014380404(A1) |
申请公布日期 |
2014.12.25 |
申请号 |
US201313925090 |
申请日期 |
2013.06.24 |
申请人 |
Oracle International Corporation |
发明人 |
Raj Dilip;Mir Rahil;Rotondo Scott |
分类号 |
G06F21/62 |
主分类号 |
G06F21/62 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method comprising:
storing, in a computer system, a first mapping that maps a data security policy to a sensitive type, wherein the data security policy includes a particular security feature; storing, in the computer system, a second mapping that maps the sensitive type to one or data sets; based on the first mapping and the second mapping, causing the particular security feature to be applied to each data set of the one or more data sets; wherein the method is performed by one or more computing devices. |
地址 |
Redwood Shores CA US |