发明名称 |
Systems and methods that optimize row level database security |
摘要 |
The systems and methods of the present invention facilitate database row-level security by utilizing SQL extensions to create and associate named security expressions with a query initiator(s). Such expressions include Boolean expressions, which must be satisfied by a row of data in order for that data to be made accessible to the query initiator. In general, a query is augmented with security expressions, which are aggregated and utilized during querying rows of data. The systems and methods variously place security expressions within a query in order to optimize query performance while mitigating information leaks. This is achieved by tagging security expressions as special and utilizing rules of predicate to pull or push non-security expressions above or below security expressions, depending on the likelihood of a non-security being safe, as determined via a static and/or dynamic analysis. <IMAGE> |
申请公布号 |
EP1564620(A1) |
申请公布日期 |
2005.08.17 |
申请号 |
EP20050000405 |
申请日期 |
2005.01.11 |
申请人 |
MICROSOFT CORPORATION |
发明人 |
COMEAU, ALAIN C.;CHANDER, GIRISH;HAMILTON, JAMES R.;CRISTOFOR, LAURENTIU B.;KLINE, RODGER N.;DUTTA, TANMOY |
分类号 |
G06F17/30;G06F17/40;G06F21/62 |
主分类号 |
G06F17/30 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|