Abstract: Techniques are disclosed relating to database query optimizers. In some embodiments, a query parser of a database system receives a query requesting data from a multi-tenant database. The query includes a first constraint that restricts a query optimizer's selection of a set of execution plans available to implement the query. The database system determines whether an override has been specified for a particular tenant associated with the received query, the override indicating that the first constraint is to be replaced with a second constraint for the particular tenant. In response to determining that the override has been specified for the particular tenant, the database system replaces the first constraint in the query with the second constraint and provides the query with the second constraint to the query optimizer for selection of an execution plan in accordance with the second constraint.

Abstract: A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat.

Abstract: Computer security threat management information is generated by receiving a notification of a security threat and/or a notification of a test that detects intrusion of a computer security threat. A computer-actionable TMV is generated from the notification that was received.

Abstract: Computer security threat management information is generated by receiving a notification of a security threat and/or a notification of a test that detects intrusion of a computer security threat. A computer-actionable TMV is generated from the notification that was received.

Abstract: The invention relates to the integration of a security operations policy into a threat management vector.

Abstract: A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat.

Abstract: The invention relates to the integration of a security operations policy into a threat management vector.

Abstract: A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat.

Abstract: A threat management domain controller is responsive to a computer-actionable threat management vector that includes a first computer-readable field that provides identification of at least one system type that is affected by a computer security threat, a second computer-readable field that provides identification of a release level for the system type and a third computer-readable field that provides identification of a set of possible countermeasures for a system type and release level. The threat management domain controller processes a threat management vector that is received for use by a domain of target computer systems, and transmits the threat management vector that has been processed to at least one of the target computer systems in the domain of target computer systems.

Abstract: The present invention provides in a data processing system storing a plurality of discrete entities, each identified by a single parameter within a monotonic parameter spectrum, resident at an addressable location and locatable by searching a system maintained hierarchical index mapping parameters onto location addresses, a method of compressing the index by the system, which method is interruptable to permit valid searching of the index and executes in a variable length ordered sequence of processing cycles, each comprising a variable length sequence of two part iterations, each iteration comprising the selective performance of each of an ordered fixed sequence of basic operations, wherein each full cycle initially operates on successive index levels in the direction opposite to that in which the index is searched while performing the first part of each iteration and thereafter operates on successive levels in the reverse direction performing the second part of each iteration, parameter relocation at a level