Browse Prior Art Database

Specifying And Querying Classification And Privacy Enforcement For Sensitive Data In Database Columns

IP.com Disclosure Number: IPCOM000207297D
Publication Date: 2011-May-25
Document File: 4 page(s) / 60K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method for specifying and querying classification and privacy enforcement for sensitive data in database columns.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 44% of the total text.

Page 01 of 4

Specifying And Querying Classification And Privacy Enforcement For Sensitive Data In Database Columns

The issue of data classification and privacy enforcement has grown in importance to commercial and government users of relational databases especially with recent government initiatives being put into place to strengthen overall security.

When data containing personal and sensitive information needs to be accessed by unauthorized or partially authorized individuals or software applications, the data must be appropriately privatized before being released. In most cases it is difficult and time consuming for a business matter expert to determine which columns need to be privatized and how.

Today, software external to a database management system is used to collect the privatization information and subsequently create the actionable instructions on how the production data is to be queried and privatized. Because this software is external to the database management system, the privatization rules and information can quickly become inaccessible, outdated or otherwise out of sync with the production database as it undergoes changes and enhancements.

In accordance with the method disclosed herein, a set of additions to a database management system's Data Definition Language (DDL) and underlying system catalogs are disclosed. The DDL and the system catalogs allow a designer of a database to specify classification of each piece of sensitive data and required privatization enforcement.

An enforcement is an opaque business rule that specifies the level of required

privatization. Whereas, a classification is a descriptive category, located in a hierarchy of ever more specialized categories that describes the data living in a particular column.

Enforcements are created as follows:

CREATE ENFORCEMENT Required [ON

];

CREATE ENFORCEMENT Not

_Required [ON

];

CREATE ENFORCEMENT Best

_Practice [ON

];

As such, an enforcement can be either global or owned by a

schema.

Classifications are created as follows:

CREATE CLASSIFICATION Personal

_Identification

_Information WITH

ENFORCEMENT(Required

) [ON

];

CREATE CLASSIFICATION Personal

_Name WITH ENFORCEMENT(Required

)

PARENT(Personal

_Identification

_Information

) [ON

].

As such, classifications can be either global or owned by

a schema. The referenced

1


Page 02 of 4

enforcement and parent must be visible to the definition (i.e., a global classification cannot reference a parent classification or enforcement created on a particular schema).

Lastly, the DDL for creating tables and columns are enhanced to support following syntax:

CREATE TABLE HR.EMPLOYEE (
ID CHAR(10

)

         NOT NULL, FIRST

_NAME CHAR(30

NOT NULL CLASSIFICATION(Personal

_Name

),

MIDDLE

_INITIAL CHAR(1

)

) CLASSIFICATION(Personal

_Name

LAST

_NAME CHAR(30

)

NOT NULL CLASSIFICATION(Personal

),_Name

),

CORPORATE

_CCN CHAR(16

)

CLASSIFICATION(

Amex

),

NATIONAL

_D CHAR(9

)

NOT NULL CLASSIFICATION(SSN

),

DATE

_OF

_BIRTH DATE NO NULL CLASSIFICATION(Birt...