Browse Prior Art Database

Sub-partition by security control

IP.com Disclosure Number: IPCOM000238693D
Publication Date: 2014-Sep-12
Document File: 5 page(s) / 98K

Publishing Venue

The IP.com Prior Art Database

Abstract

Database security is one the important problems. Currently, all the security control would focus on table object such column and row, there is no control on a chunk. We would like to issue a new type of sub-partition by security control. The table could be divided into several security sub-partition and a publish sub-partition. When the information input is sensitive for some users, database would assign the record to the right sub-partition depending on the security policy.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 54% of the total text.

Page 01 of 5

Sub

Sub-

Database security is one the important problems. Currently, all the security control would focus on table object such column and row, there is no control on a chunk.

We would like to issue a new type of sub-partition by security control. The table could be divided into several security sub-partition and a publish sub-partition. When the information input is sensitive for some users, database would assign the record to the right sub-partition depending on the security policy.

We could define different policies for sensitive information. When records are inserted, database would check the security policies in advance, and if the records qualify any one of policies, it would be located to the right partition.

The policy would be define in the following catalogtables. The table SysPartSecurity and SysPartPolicy are two new catalog tables, these two tables indicate the information about the security policy. The method could be applied for database objects and also other files.

1

--partition by security control

partition by security control



Page 02 of 5

The SysPartSecurity table contains one row for each partition security control. SysPartSecurity havs foreign key relationship with systables by Tbcreator and Tbname. PolicyNo links to the SysPartPolicy to indicate the policy in the security partition.

Tbcreator VARCHAR(128) Table creator

TbName VARCHAR(128) Table Name

PolicyNo INTEGER Security Policy Control ID

Enable CHAR(1)

Y:Enable column group control, N:Disable

Column Name

Column Type

Description

2



Page 03 of 5

The SysPartPolicy records the security partition information. This table relat...