Browse Prior Art Database

A method to mining related database sensitive object

IP.com Disclosure Number: IPCOM000235610D
Publication Date: 2014-Mar-12
Document File: 4 page(s) / 103K

Publishing Venue

The IP.com Prior Art Database

Abstract

At the beginning of establishing the security project in the enterprise environment, it is hard to check out all the sensitive objects for monitor but some of key ones. This disclosure provides a method of data security monitoring, through predefined sensitive objects to further found that other unknown sensitive objects.The key points of the disclosure is to automatically detect the potential objects which might be in the security list by the limited set of ones which is defined currently. It would help a lot to set up the security object set in a short time to narrow the risk of leaking information in a controllable region, and also save the effort to analyzing sensitive by huge number of masses.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 56% of the total text.

Page 01 of 4

A method to mining related database sensitive object

At present, in the database security field, the general method to capture 'unsafety' traffic is by predefining sensitive table or statements to do filter. Actually in real enterprise environment some cases can't be solved with general process.This paper introduces an approach which can determine relevant sensitive objects and give recommended security policy automatically by mining database content from multiple aspects.

The method includes the following parts. Set the core sensitive data object; choose the way to find sensitive object; set up the corresponding step, time and factor for data processing according to the selected method; determine the sensitivity level and scope and then give recommendation and implemental security policy. This method is based on user service, flexibly analyze and discover objects which related to core sensitive data, expand the effectiveness of data safety monitoring scope and practical protection.

Our disclosure is a method to mining related database sensitive object, and this method could divide into the following parts:


1) Set the core of sensitive data object;

Database structure

Sensitive Objects scope

  Core sensitive object definition

contents of the data

structure

Database traffic

          Data Access Method
choose

Security action

1



Page 02 of 4


2) Choose the way to find sensitive object;


Based on the database structure; Through the database Primary/ foreign key relationship, table structure definition to determine the sensitive data object associated with the core of sensitive data objects;


Based on the contents of the data structure; According to the contents of the database scanning, determination and the core content of sensitive data object structure similar objects


Based on access; Analysis of sensitive data object associated with the core of sensitive data in database access based on object


3) Setting up the corresponding step;

In different traffic, we could define some of the indicators for dimension tables. Currently, we could use the following indicators to present relation between...