Asserting identities of application users in a database system based on delegated trust
Techniques are provided for integrating application-level user security context with a database. A session manager, in a middle tier that includes an application, obtains the security context of a user and establishes, in the database, a light-weight session (LWS) that reflects the security context....
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Keefe, Thomas Ahmed, Tanvir Pesati, Vikram R |
| description | Techniques are provided for integrating application-level user security context with a database. A session manager, in a middle tier that includes an application, obtains the security context of a user and establishes, in the database, a light-weight session (LWS) that reflects the security context. The security context is synchronized between the middle tier and database before application code execution. The database maintains an isolated copy of the LWS for the unit of application code executed as the security context. The database sends to the session manager the identifier of the copy of LWS. Before allowing a request from an application to be sent to the database, the session manager, transparent to the application, inserts an identifier that identifies the LWS. In this way, the database processes an application request in the context of the corresponding user's security context that is the same as the security context in the middle tier. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US10049205B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US10049205B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US10049205B23</originalsourceid><addsrcrecordid>eNqNyjEKwkAQheE0FqLeYTyAsEYtUqoo9iqWYcy-hIG4u2Qmhbd3BQ9g9f4H37R47FUxmISOxCOYmEAptsQp9dKwSQw0ZqIkgZg8Gz9ZQfpWw4u-7Skbjx4dWz42jGrzYtJyr1j8dlYsz6fb8bJCijU0cYMAq-_XtXPbqnS7Q7n5x3wAemM6KA</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Asserting identities of application users in a database system based on delegated trust</title><source>esp@cenet</source><creator>Keefe, Thomas ; Ahmed, Tanvir ; Pesati, Vikram R</creator><creatorcontrib>Keefe, Thomas ; Ahmed, Tanvir ; Pesati, Vikram R</creatorcontrib><description>Techniques are provided for integrating application-level user security context with a database. A session manager, in a middle tier that includes an application, obtains the security context of a user and establishes, in the database, a light-weight session (LWS) that reflects the security context. The security context is synchronized between the middle tier and database before application code execution. The database maintains an isolated copy of the LWS for the unit of application code executed as the security context. The database sends to the session manager the identifier of the copy of LWS. Before allowing a request from an application to be sent to the database, the session manager, transparent to the application, inserts an identifier that identifies the LWS. In this way, the database processes an application request in the context of the corresponding user's security context that is the same as the security context in the middle tier.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; INFORMATION STORAGE ; PHYSICS ; STATIC STORES ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2018</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20180814&DB=EPODOC&CC=US&NR=10049205B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25542,76290</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20180814&DB=EPODOC&CC=US&NR=10049205B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Keefe, Thomas</creatorcontrib><creatorcontrib>Ahmed, Tanvir</creatorcontrib><creatorcontrib>Pesati, Vikram R</creatorcontrib><title>Asserting identities of application users in a database system based on delegated trust</title><description>Techniques are provided for integrating application-level user security context with a database. A session manager, in a middle tier that includes an application, obtains the security context of a user and establishes, in the database, a light-weight session (LWS) that reflects the security context. The security context is synchronized between the middle tier and database before application code execution. The database maintains an isolated copy of the LWS for the unit of application code executed as the security context. The database sends to the session manager the identifier of the copy of LWS. Before allowing a request from an application to be sent to the database, the session manager, transparent to the application, inserts an identifier that identifies the LWS. In this way, the database processes an application request in the context of the corresponding user's security context that is the same as the security context in the middle tier.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>INFORMATION STORAGE</subject><subject>PHYSICS</subject><subject>STATIC STORES</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2018</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNyjEKwkAQheE0FqLeYTyAsEYtUqoo9iqWYcy-hIG4u2Qmhbd3BQ9g9f4H37R47FUxmISOxCOYmEAptsQp9dKwSQw0ZqIkgZg8Gz9ZQfpWw4u-7Skbjx4dWz42jGrzYtJyr1j8dlYsz6fb8bJCijU0cYMAq-_XtXPbqnS7Q7n5x3wAemM6KA</recordid><startdate>20180814</startdate><enddate>20180814</enddate><creator>Keefe, Thomas</creator><creator>Ahmed, Tanvir</creator><creator>Pesati, Vikram R</creator><scope>EVB</scope></search><sort><creationdate>20180814</creationdate><title>Asserting identities of application users in a database system based on delegated trust</title><author>Keefe, Thomas ; Ahmed, Tanvir ; Pesati, Vikram R</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US10049205B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2018</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>INFORMATION STORAGE</topic><topic>PHYSICS</topic><topic>STATIC STORES</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Keefe, Thomas</creatorcontrib><creatorcontrib>Ahmed, Tanvir</creatorcontrib><creatorcontrib>Pesati, Vikram R</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Keefe, Thomas</au><au>Ahmed, Tanvir</au><au>Pesati, Vikram R</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Asserting identities of application users in a database system based on delegated trust</title><date>2018-08-14</date><risdate>2018</risdate><abstract>Techniques are provided for integrating application-level user security context with a database. A session manager, in a middle tier that includes an application, obtains the security context of a user and establishes, in the database, a light-weight session (LWS) that reflects the security context. The security context is synchronized between the middle tier and database before application code execution. The database maintains an isolated copy of the LWS for the unit of application code executed as the security context. The database sends to the session manager the identifier of the copy of LWS. Before allowing a request from an application to be sent to the database, the session manager, transparent to the application, inserts an identifier that identifies the LWS. In this way, the database processes an application request in the context of the corresponding user's security context that is the same as the security context in the middle tier.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_epo_espacenet_US10049205B2 |
| source | esp@cenet |
| subjects | CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY INFORMATION STORAGE PHYSICS STATIC STORES TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
| title | Asserting identities of application users in a database system based on delegated trust |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-29T18%3A19%3A42IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Keefe,%20Thomas&rft.date=2018-08-14&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS10049205B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |