| 发明名称 | Method and system for user authentication offload in a transparent database load balancer | ||
| 摘要 | Roughly described, a database accelerator is installed in a network between database client and server systems. Connection requests from a client system are received and authenticated by the accelerator itself, which is pre-configured with user authentication information, by emulating the authentication process on behalf of the server. An authenticated connection from the accelerator to a database server is established only if and when needed. Involving the server for authentication can be avoided for example if the accelerator maintains a pool of such authenticated server connections for re-use as needed, and/or if the accelerator maintains a cache of query responses previously received and can respond to new queries from the cache. By installing the accelerator transparently in the network, no modification of software in either the client application or the database servers is required in order to add authentication offload functionality to an existing client/server database arrangement. | ||
| 申请公布号 | US8763091(B1) | 申请公布日期 | 2014.06.24 |
| 申请号 | US201012862554 | 申请日期 | 2010.08.24 |
| 申请人 | Scalarc Inc. | 发明人 | Singh Varun;Sawanat Uday V.;Goel Prateek;Deshaveni Naresh G. |
| 分类号 | H04L29/06 | 主分类号 | H04L29/06 |
| 代理机构 | Haynes Beffel & Wolfeld LLP | 代理人 | Haynes Beffel & Wolfeld LLP ;Wolfeld Warren S. |
| 主权项 | 1. A database authentication method, for use by an accelerator in a network having a set of at least one client system each running an application which makes database queries via a network to a particular IP address and port combination, and a set of at least one database server each having access to at least a portion of a database, the method comprising the accelerator: receiving, through a network port at the accelerator, a first client-side connection request made by a first one of the client systems and directed to the particular IP address and port combination, the first client-side connection request including a username for the database; authenticating the first client-side connection request at a database authentication level, using first database level authentication credentials pre-configured accessibly to the accelerator, thereby establishing a first client-side authenticated connection to the accelerator; using the first database level authentication credentials, forming a first server-side authenticated connection between the accelerator and a first one of the database servers; receiving a first database query on the first client-side authenticated connection; and forwarding the first database query toward one of the database servers on the first server-side authenticated connection. | ||
| 地址 | Santa Clara CA US | ||