Traitement en cours

Veuillez attendre...

Paramétrages

Paramétrages

Aller à Demande

1. WO2020117316 - RÉDACTION SÉLECTIVE ET COMPLÈTE D'INTERROGATIONS

Note: Texte fondé sur des processus automatiques de reconnaissance optique de caractères. Seule la version PDF a une valeur juridique

[ EN ]

CLAIMS

What is claimed is:

1. A method comprising:

receiving, by a database server, a clear text version of a database command;

based on the clear text version, the database server parsing, compiling and executing the database command;

determining that the database command qualifies as sensitive;

responsive to determining that the database command qualifies as sensitive, generating a redacted version of the database command;

wherein, in the redacted version of the database command, at least a portion of the database command is encrypted using a particular encryption key; and

based on the database command qualifying as sensitive, storing the redacted version of the database command in a log where the clear text version would have been stored if the database command had not qualified as sensitive;

wherein the method is performed by one or more computing devices.

2. The method of Claim 1 wherein:

determining that the database command qualifies as sensitive includes receiving, from a user that submits the clear text version of the command, a redacted query indication; and based on the redacted query indication, the database command is determined to be sensitive.

3. The method of Claim 2 wherein the indication indicates that only the database command qualifies as sensitive.

4. The method of Claim 2 wherein the indication indicates that all database commands in a particular session qualify as sensitive.

5. The method of Claim 1 wherein in the redacted version, the entire database command is encrypted using the particular encryption key.

6. The method of Claim 1 further comprising:

determining that the database command specifies a value for a field that has been designated to be sensitive; and

in the redacted version of the database command, a subset of the clear text version is

encrypted with the particular encryption key, wherein the subset includes the value for the field.

7. The method of Claim 6 wherein:

the value is a first value;

the field is a first field;

the particular encryption key is a first encryption key;

the subset is a first subset;

the method further comprises:

determining that the database command specifies a second value for a second field that has been designated to be sensitive; and

in the redacted version of the database command, a second subset of the clear text version is encrypted with a second encryption key, wherein the second subset includes the second value for the second field;

wherein the second encryption key is different from the first encryption key.

8. The method of Claim 1 further comprising storing, in the log, a key identifier that corresponds to the particular encryption key.

9. The method of Claim 1 wherein executing the database command includes:

generating a result set for the database command;

generating a redacted result set by encrypting at least a portion of the result set with the particular encryption key; and

responding to the database command by returning the redacted result set.

10. The method of Claim 1 wherein determining that the database command qualifies as sensitive includes determining that a user that submitted the database command has a privilege that allows database command redaction.

11. The method of Claim 10 wherein the particular encryption key is an encryption key specified by the user.

12. The method of Claim 1 wherein determining that the database command qualifies as sensitive includes determining that a particular field, for which the database command specifies a value, is designated as sensitive.

13. The method of Claim 1 wherein determining that the database command qualifies as sensitive includes determining, based on one or more stored policies, that the database command qualifies as sensitive.

14. The method of Claim 1 further comprising, based on the database command qualifying as sensitive, storing the redacted version of the database command in a shared memory area where the clear text version would have been stored if the database command had not qualified as sensitive.

15. The method of Claim 1 wherein:

the database command was issued in a particular session context; and

the method further comprises, based on the database command qualifying as sensitive, redacting from the log one or more pieces of information about the particular session context.

16. One or more non-transitory computer-readable media storing instructions which, when executed by one or more computing devices, cause performance of the method recited in any one of Claims 1-15.