The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 15, 2022
Filed:
Sep. 14, 2017
Oracle International Corporation, Redwood Shores, CA (US);
Krishna Mohan Itikarlapalli, Bengaluru, IN;
Santanu Datta, Fremont, CA (US);
Srinath Krishnaswamy, Fremont, CA (US);
Lakshminarayanan Chidambaran, Chennai, IN;
Rajesh Kumar, Noida, IN;
Sumit Sahu, Bangalore, IN;
Rajendra Pingte, Foster City, CA (US);
ORACLE INTERNATIONAL CORPORATION, Redwood Shores, CA (US);
Abstract
Techniques described herein improve database security by reducing network attack surface area in conjunction with deep input validation. In an embodiment, a database session receives one or more network packets sent via a network, the database session including a database session state that specifies one or more database privileges. The database session reads said one or more network packets into one or more request-packet-buffers, wherein said one or more request-packet-buffers include an RPC op code for a database operation. Based on the one or more database privileges associated with the user associated with the database session, the database session determines whether the RPC op code may be executed. In response to determining that the RPC op code may be executed by said database session, the RPC op code is executed. In response to determining that the op code may not be executed by said database session, the execution of the RPC op code is prevented.