Abstract: One embodiment of the present invention provides a system that differentiates service provided to a database user based on a security profile of the user. During operation, the system receives a sequence of commands from a user at a database system. The system then uses the sequence of commands to determine a security profile which indicates whether the user is behaving suspiciously. Next the system associates a resource consumer group with the user based on the security profile. Finally, the system differentiates service provided to the user based on the resource consumer group.

Abstract: One embodiment of the present invention provides a system that differentiates service provided to a database user based on a security profile of the user. During operation, the system receives a sequence of commands from a user at a database system. The system then uses the sequence of commands to determine a security profile which indicates whether the user is behaving suspiciously. Next the system associates a resource consumer group with the user based on the security profile. Finally, the system differentiates service provided to the user based on the resource consumer group.

Abstract: One embodiment of the present invention provides a system that differentiates service provided to a database user based on a security profile of the user. During operation, the system receives a sequence of commands from a user at a database system. The system then uses the sequence of commands to determine a security profile which indicates whether the user is behaving suspiciously. Next the system associates a resource consumer group with the user based on the security profile. Finally, the system differentiates service provided to the user based on the resource consumer group.

Abstract: A method for preventing intrusions in a database system is provided. When the database system receives a request to execute a database command, the database command is parsed to generate parsed information. Before executing the database command, the parsed information is evaluated against a set of rules. If the parsed information satisfies the conditions associated with a rule, the database system performs an action associated with the rule. The action may be an action designed to prevent intrusions, and may be performed instead of or in addition to executing the database command.

Abstract: A method for preventing intrusions in a database system is provided. When the database system receives a request to execute a database command, the database command is parsed to generate parsed information. Before executing the database command, the parsed information is evaluated against a set of rules. If the parsed information satisfies the conditions associated with a rule, the database system performs an action associated with the rule. The action may be an action designed to prevent intrusions, and may be performed instead of or in addition to executing the database command.

Abstract: One embodiment of the present invention provides a system that differentiates service provided to a database user based on a security profile of the user. During operation, the system receives a sequence of commands from a user at a database system. The system then uses the sequence of commands to determine a security profile which indicates whether the user is behaving suspiciously. Next the system associates a resource consumer group with the user based on the security profile. Finally, the system differentiates service provided to the user based on the resource consumer group.

Abstract: A method for preventing intrusions in a database system is provided. When the database system receives a request to execute a database command, the database command is parsed to generate parsed information. Before executing the database command, the parsed information is evaluated against a set of rules. If the parsed information satisfies the conditions associated with a rule, the database system performs an action associated with the rule. The action may be an action designed to prevent intrusions, and may be performed instead of or in addition to executing the database command.