Patents by Inventor David M. Tilson
David M. Tilson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11139968Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: January 3, 2020Date of Patent: October 5, 2021Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 10903995Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: May 16, 2019Date of Patent: January 26, 2021Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 10678775Abstract: Evaluating integrity of database workloads includes receiving transactional database lock commands from concurrent users and identifying a usage pattern of lock actions when results of an execution of the transactional database lock commands match a usage pattern for a data integrity rule. The data integrity rule is added to a set of one or more data integrity rules for the transactional database lock commands. The transactional database lock commands and the set of one or more data integrity rules are forwarded from a primary database server to a duplicate database server that is equivalent to the primary database server and configured to execute the transactional database lock commands while applying the one or more data integrity rules. Anomalies indicating a data integrity problem may be detected based on a comparison of the results of the executions at the primary database server and the duplicate database server.Type: GrantFiled: December 20, 2016Date of Patent: June 9, 2020Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Paddy Burke, Gary F. Murtagh, David M. Tilson
-
Publication number: 20200162250Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: ApplicationFiled: January 3, 2020Publication date: May 21, 2020Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 10592471Abstract: A computer-implemented method of a database statement for a relational database. The database comprises one or more tables comprising one or more data rows. A database statement is received. A set of predicates from the database statement and a set of data rows from the tables to use to generate the result of the database statement are determined. A set of interdiction statements applicable to one or more data rows is obtained. For each predicate, a set of masks applicable to one or more data rows is obtained, where for each mask, the data masked by the mask is used by the predicate. It is determined if a data row has an applicable interdiction statement, and contains data masked by a mask. If so, the result of the database statement without using the result of applying the predicate to the data row.Type: GrantFiled: November 23, 2015Date of Patent: March 17, 2020Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Lei Pan, David M. Tilson
-
Patent number: 10554403Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: May 15, 2019Date of Patent: February 4, 2020Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Publication number: 20190305947Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: ApplicationFiled: May 16, 2019Publication date: October 3, 2019Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Publication number: 20190305946Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: ApplicationFiled: May 15, 2019Publication date: October 3, 2019Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Publication number: 20190305948Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: ApplicationFiled: May 17, 2019Publication date: October 3, 2019Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 10341101Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: February 15, 2018Date of Patent: July 2, 2019Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 10198472Abstract: In one embodiment, a method of processing a structured query language (SQL) statement is provided, comprising: determining whether a first query and a second query are equivalent, the first and second queries being respectively the left side and the right side operands of the OUTER JOIN operation; determining whether a SELECT output of the SQL statement does not refer to database columns from the left side of the OUTER JOIN operation which are not also partitioning columns of the OUTER JOIN operation; and responsive to determining that the first query and the second query are equivalent and that the SELECT output of the SQL statement does not refer to database columns from the left side of the OUTER JOIN operation which are not also partitioning columns of the OUTER JOIN operation, transforming the SQL statement into an optimized query SQL statement by removing the OUTER JOIN operation.Type: GrantFiled: June 9, 2016Date of Patent: February 5, 2019Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Peter J. Duffy, Lei Pan, David M. Tilson
-
Patent number: 10127277Abstract: In one embodiment, a method of processing a structured query language (SQL) statement is provided, comprising: determining whether a first query and a second query are equivalent, the first and second queries being respectively the left side and the right side operands of the OUTER JOIN operation; determining whether a SELECT output of the SQL statement does not refer to database columns from the left side of the OUTER JOIN operation which are not also partitioning columns of the OUTER JOIN operation; and responsive to determining that the first query and the second query are equivalent and that the SELECT output of the SQL statement does not refer to database columns from the left side of the OUTER JOIN operation which are not also partitioning columns of the OUTER JOIN operation, transforming the SQL statement into an optimized query SQL statement by removing the OUTER JOIN operation.Type: GrantFiled: July 31, 2015Date of Patent: November 13, 2018Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Peter J. Duffy, Lei Pan, David M. Tilson
-
Publication number: 20180189503Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: ApplicationFiled: February 15, 2018Publication date: July 5, 2018Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Publication number: 20180173744Abstract: Evaluating integrity of database workloads includes receiving transactional database lock commands from concurrent users and identifying a usage pattern of lock actions when results of an execution of the transactional database lock commands match a usage pattern for a data integrity rule. The data integrity rule is added to a set of one or more data integrity rules for the transactional database lock commands. The transactional database lock commands and the set of one or more data integrity rules are forwarded from a primary database server to a duplicate database server that is equivalent to the primary database server and configured to execute the transactional database lock commands while applying the one or more data integrity rules. Anomalies indicating a data integrity problem may be detected based on a comparison of the results of the executions at the primary database server and the duplicate database server.Type: ApplicationFiled: December 20, 2016Publication date: June 21, 2018Inventors: Pedro M. Barbas, Paddy Burke, Gary F. Murtagh, David M. Tilson
-
Patent number: 9953172Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: September 14, 2017Date of Patent: April 24, 2018Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 9929861Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: April 26, 2017Date of Patent: March 27, 2018Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 9916460Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: October 31, 2016Date of Patent: March 13, 2018Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Publication number: 20180012028Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: ApplicationFiled: September 14, 2017Publication date: January 11, 2018Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Publication number: 20170230177Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: ApplicationFiled: April 26, 2017Publication date: August 10, 2017Inventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson
-
Patent number: 9715594Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.Type: GrantFiled: October 15, 2015Date of Patent: July 25, 2017Assignee: International Business Machines CorporationInventors: Pedro M. Barbas, Joseph Duffy, Ken Maycock, David M. Tilson