Abstract: A system and method for database security provides multiple choices of security mechanisms for enabling access to a database through a database driver. A security mechanism that is compatible with a database is selected and the security mechanisms between an application and a database server are automatically determined using the selected security mechanism.

Abstract: A system and method for database security provides, a database security method that receives an encryption property from an application and receives information relating to a database server. The method then requests security access to a database server using the strongest encryption algorithm server may support. If this request gets turned down, then the method determines the strongest encryption algorithm the server actually supports using the information the database server sent back and calculates the encryption keys. The method then caches the encryption algorithm along with the encryption keys in a persistent storage. For subsequent connections, the method checks the persistent storage first and retrieves the encryption algorithm and encryption keys from the persistent storage if the cache values are available, and sends the cached value to database server. By doing this, the database driver doesn't need to synchronize the encryption algorithm with server and calculate the encryption keys again.

Abstract: An apparatus, system, and method for establishing a reusable and reconfigurable trusted connection within a trusted context. The invention enhances interoperability with any existing authentication methods including the Kerberos, the DCE, and a combination of a user name and a password. The present invention includes common interfaces in a database driver for a middleware server to obtain a trusted connection. The invention enhances trusted context interoperability by allowing different types of trusted connections such as a normal connection, a pooled connection, or even a distribution transaction connection. The database driver generates unique identifiable information once a trusted connection is authenticated that can be utilized to reuse and reconfigure the trusted connection without re-authentication.

Abstract: A method for connecting a client to a database server are provided. The method provide for providing a generic interface, the generic interface being operable to interoperate with one or more non-GSSAPI (Generic Security Services Application Programming Interface) compliant security mechanisms, providing a set of specialized interfaces, the set of specialized interface being operable to interoperate with one or more GSSAPI compliant security mechanisms, and establishing a connection between a client and a database server using the generic interface or the set of specialized interfaces depending on a security mechanism used by the client. The one or more non-GSSAPI compliant security mechanisms and the one or more GSSAPI compliant security mechanisms may be predefined or user-defined.

Abstract: A system and method for database security provides multiple choices of security mechanisms for enabling access to a database through a database driver. A security mechanism that is compatible with a database is selected and the security mechanisms between an application and a database server are automatically determined using the selected security mechanism.

Abstract: A system and method for database security provides, a database security method that receives an encryption property from an application and receives information relating to a database server. The method then requests security access to a database server using the strongest encryption algorithm server may support. If this request gets turned down, then the method determines the strongest encryption algorithm the server actually supports using the information the database server sent back and calculates the encryption keys. The method then caches the encryption algorithm along with the encryption keys in a persistent storage. For subsequent connections, the method checks the persistent storage first and retrieves the encryption algorithm and encryption keys from the persistent storage if the cache values are available, and sends the cached value to database server. By doing this, the database driver doesn't need to synchronize the encryption algorithm with server and calculate the encryption keys again.

Abstract: An apparatus, system, and method for establishing a reusable and reconfigurable trusted connection within a trusted context. The invention enhances interoperability with any existing authentication methods including the Kerberos, the DCE, and a combination of a user name and a password. The present invention includes common interfaces in a database driver for a middleware server to obtain a trusted connection. The invention enhances trusted context interoperability by allowing different types of trusted connections such as a normal connection, a pooled connection, or even a distribution transaction connection. The database driver generates unique identifiable information once a trusted connection is authenticated that can be utilized to reuse and reconfigure the trusted connection without re-authentication.

Abstract: A computer program product and database driver for connecting a client to a database server are provided. The computer program product and database driver provide for providing a generic interface, the generic interface being operable to interoperate with one or more non-GSSAPI (Generic Security Services Application Programming Interface) compliant security mechanisms, providing a set of specialized interfaces, the set of specialized interface being operable to interoperate with one or more GSSAPI compliant security mechanisms, and establishing a connection between a client and a database server using the generic interface or the set of specialized interfaces depending on a security mechanism used by the client. The one or more non-GSSAPI compliant security mechanisms and the one or more GSSAPI compliant security mechanisms may be predefined or user-defined.

Abstract: A method, computer program product, and database driver for connecting a client to a database server are provided. The method, computer program product, and database driver provide for providing a generic interface, the generic interface being operable to interoperate with one or more non-GSSAPI (Generic Security Services Application Programming Interface) compliant security mechanisms, providing a set of specialized interfaces, the set of specialized interface being operable to interoperate with one or more GSSAPI compliant security mechanisms, and establishing a connection between a client and a database server using the generic interface or the set of specialized interfaces depending on a security mechanism used by the client. The one or more non-GSSAPI compliant security mechanisms and the one or more GSSAPI compliant security mechanisms may be predefined or user-defined.