Patents by Inventor Walid Rjaibi
Walid Rjaibi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230418859Abstract: A method, computer system, and a computer program product for data processing, comprising obtaining a plurality of files from a data source. These files are analyzed the files for information about the content and in order to determine structural information of each file. Once the files have been analyzed, information in each file may be sorted and categorized by common content. Sensitive information may also be extracted and categorized separately. Information may then be then merged using the categories to create a single unified file.Type: ApplicationFiled: June 27, 2022Publication date: December 28, 2023Inventors: Youngja Park, MOHAMMED FAHD ALHAMID, Stefano Braghin, Jing Xin Duan, Mokhtar Kandil, Michael Vu Le, Killian Levacher, Micha Gideon Moffie, Ian Michael Molloy, Walid Rjaibi, ARIEL FARKASH
-
Patent number: 8983985Abstract: Access to a data element stored within a database object is controlled. A request is received from a user to perform an operation in relation to the database object, the operation including retrieval of information from the data element of the database object. Prior to retrieving information from the data element, a determination is made whether at least a portion of the information from the data element is subject to masking in accordance with an access policy. In response to determining that information from the data element is subject to masking, the request is modified to require that information from the data element be retrieved in a masked condition.Type: GrantFiled: January 28, 2011Date of Patent: March 17, 2015Assignee: International Business Machines CorporationInventors: Stephen Yao Ching Chen, Curt L. Cotner, Gerald G. Kiernan, Irene Ching-Hua Liu, Claire W. McFeely, Walid Rjaibi, Timothy J. Vincent
-
Patent number: 8930410Abstract: According to one embodiment of the present invention, a system processes a database query, and comprises a computer system including at least one processor. The system identifies one or more expressions within the database query utilizing a database object with value masking. Masking requirements are determined for each identified expression and the database object utilized by that identified expression is replicated to provide masked and actual versions of that database object in response to the masking requirements for that expression including masked values and actual values of that database object. The value masking of the database object is applied to the identified expressions within the database query based on the determined masking requirements to produce search results with masked values for the database query. Embodiments of the present invention further include a method and computer program product for processing a database query in substantially the same manner described above.Type: GrantFiled: October 3, 2011Date of Patent: January 6, 2015Assignee: International Business Machines CorporationInventors: Eric L. Alton, Thomas A. Beavin, Harley W. Boughton, Yao-Ching S. Chen, Curt L. Cotner, Yuping Ding, Dengfeng Gao, Gerald G. Kiernan, Xun Li, Irene C. Liu, Walid Rjaibi, Gregory R. Stager, Joyce A. Taylor, Timothy J. Vincent, Liyan Zhou
-
Patent number: 8577906Abstract: Disclosed is a data processing-implemented method, a data processing system, and an article of manufacture for modifying a query during compilation of the query. The query includes a request for an element of data from a table in a database and parameters identifying the requested element.Type: GrantFiled: November 22, 2010Date of Patent: November 5, 2013Assignee: International Business Machines CorporationInventors: Paul M. Bird, Walid Rjaibi
-
Patent number: 8515948Abstract: Provided are techniques for creating one or more fine-grained access control rules that are associated with a base table. A materialized query table is created from the base table without applying the one or more fine-grained access control rules associated with the base table when obtaining data from the base table. A fine-grained access control protection indicator is turned on for the materialized query table. In response to receiving a direct access request to the materialized query table in a query referencing the materialized query table, access is provided to the data in the materialized query table by applying one or more fine-grained access control rules associated directly with the materialized query table to the data in the materialized query table before returning the data.Type: GrantFiled: March 9, 2011Date of Patent: August 20, 2013Assignee: International Business Machines CorporationInventors: Yao-Ching S. Chen, Curt L. Cotner, Gerald G. Kiernan, David J. Kuang, Irene C. Liu, Regina J. Liu, Walid Rjaibi, Timothy J. Vincent
-
Publication number: 20130086088Abstract: According to one embodiment of the present invention, a system processes a database query, and comprises a computer system including at least one processor. The system identifies one or more expressions within the database query utilizing a database object with value masking. Masking requirements are determined for each identified expression and the database object utilized by that identified expression is replicated to provide masked and actual versions of that database object in response to the masking requirements for that expression including masked values and actual values of that database object. The value masking of the database object is applied to the identified expressions within the database query based on the determined masking requirements to produce search results with masked values for the database query. Embodiments of the present invention further include a method and computer program product for processing a database query in substantially the same manner described above.Type: ApplicationFiled: October 3, 2011Publication date: April 4, 2013Applicant: International Business Machines CorporationInventors: Eric L. Alton, Thomas A. Beavin, Harley W. Boughton, Yao-Ching S. Chen, Curt L. Cotner, Yuping Ding, Dengfeng Gao, Gerald G. Kiernan, Xun Li, Irene C. Liu, Walid Rjaibi, Gregory R. Stager, Joyce A. Taylor, Timothy J. Vincent, Liyan Zhou
-
Publication number: 20120233148Abstract: Provided are techniques for creating one or more fine-grained access control rules that are associated with a base table. A materialized query table is created from the base table without applying the one or more fine-grained access control rules associated with the base table when obtaining data from the base table. A fine-grained access control protection indicator is turned on for the materialized query table. In response to receiving a direct access request to the materialized query table in a query referencing the materialized query table, access is provided to the data in the materialized query table by applying one or more fine-grained access control rules associated directly with the materialized query table to the data in the materialized query table before returning the data.Type: ApplicationFiled: March 9, 2011Publication date: September 13, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Yao-Ching S. CHEN, Curt L. COTNER, Gerald G. KIERNAN, David J. KUANG, Irene C. LIU, Regina J. LIU, Walid RJAIBI, Timothy J. VINCENT
-
Publication number: 20120197919Abstract: Access to a data element stored within a database object is controlled. A request is received from a user to perform an operation in relation to the database object, the operation including retrieval of information from the data element of the database object. Prior to retrieving information from the data element, a determination is made whether at least a portion of the information from the data element is subject to masking in accordance with an access policy. In response to determining that information from the data element is subject to masking, the request is modified to require that information from the data element be retrieved in a masked condition.Type: ApplicationFiled: January 28, 2011Publication date: August 2, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Stephen Yao Ching Chen, Curt L. Cotner, Gerald G. Kiernan, Irene Ching-Hua Liu, Claire W. McFeely, Walid Rjaibi, Timothy J. Vincent
-
Patent number: 8234299Abstract: A method and system for controlling access to data stored in a table of a database are provided. The method includes marking the table of the database as being protected with fine-grained access control (FGAC), creating a system authorization class for the table of the database, the system authorization class having a default row authorization that prevents access to all rows in the table, the system authorization class being unmodifiable, creating a user authorization class for the table of the database, the user authorization class having a default row authorization that prevents access to all rows in the table, the user authorization class being modifiable, and associating the system authorization class and the user authorization class with the table of the database.Type: GrantFiled: January 11, 2008Date of Patent: July 31, 2012Assignee: International Business Machines CorporationInventors: Paul Miller Bird, Yao-Ching Stephen Chen, George Gerald Kiernan, Scott Ian Logan, Allen William Luniewski, Walid Rjaibi
-
Patent number: 8176088Abstract: A system, an article, and a computer program product for estimating a cardinality value for a set of data values. In one embodiment, the system includes means for initializing a data structure for representing an array of counts; means for obtaining a data value from said set of data values; means for transforming said data value into a transformed string; means for modifying said data structure with said transformed string; means for obtaining a summary statistic value from said modified data structure, wherein the summary statistic value is based on the array of counts; and means for generating said estimated cardinality value using said summary statistic value.Type: GrantFiled: November 26, 2008Date of Patent: May 8, 2012Assignee: International Business Machines CorporationInventors: Walid Rjaibi, Peter Jay Haas
-
Publication number: 20110072031Abstract: Disclosed is a data processing-implemented method, a data processing system, and an article of manufacture for modifying a query during compilation of the query. The query includes a request for an element of data from a table in a database and parameters identifying the requested element.Type: ApplicationFiled: November 22, 2010Publication date: March 24, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Paul Miller BIRD, Walid Rjaibi
-
Patent number: 7913172Abstract: A method for controlling access to an XML document includes referencing a schema definition comprising a path security label definition associated with a sibling-to-sibling path of an XML document. An XML document may then be validated by comparing it with the schema definition. This validation may include verifying that the XML document has a path security label associated with a sibling-to-sibling path that is at least as restrictive as that specified by the path security label definition. An access security label may be assigned to a user seeking to access the sibling-to-sibling path. The path security label and the access security label may then be compared, using pre-determined access rules, to determine whether the user is authorized to access the sibling-to-sibling path. Access to the sibling-to-sibling path may then be granted or denied according to the access rules.Type: GrantFiled: September 1, 2007Date of Patent: March 22, 2011Assignee: International Business Machines CorporationInventors: Walid Rjaibi, Zheng (Alex) Zhang
-
Patent number: 7865521Abstract: A method, for controlling access to elements in a database object are provided. The method provide for receiving a request from a user to access the database object, determining whether an access restriction is imposed on the database object, and controlling access to the elements in the database object by the user based on the access restriction. The access restriction specifies one or more users to which the access restriction is applicable, defines a dynamic condition the one or more users must satisfy in order to access the database object, and identifies one or more of the elements in the database object accessible to the one or more users when the dynamic condition is satisfied.Type: GrantFiled: December 12, 2005Date of Patent: January 4, 2011Assignee: International Business Machines CorporationInventors: Paul Miller Bird, Walid Rjaibi
-
Patent number: 7860875Abstract: Disclosed is a data processing-implemented method, a data processing system, and an article of manufacture for modifying a query during compilation of the query. The query includes a request for an element of data from a table in a database and parameters identifying the requested element.Type: GrantFiled: May 26, 2004Date of Patent: December 28, 2010Assignee: International Business Machines CorporationInventors: Paul Miller Bird, Walid Rjaibi
-
Patent number: 7827608Abstract: A method, system and apparatus for data leak prevention. An information system, such as a database system, which has been configured for data leak protection in accordance with the present invention can include an IDS coupled to the information system and a data leak protection system configured to apply a data leak protection policy for result sets produced by the information system in response to a database query. The data leak protection policy can include a listing of data shapes and corresponding remedial measures. The data leak protection policy further can include consideration for metrics produced by the IDS.Type: GrantFiled: February 8, 2005Date of Patent: November 2, 2010Assignee: International Business Machines CorporationInventors: Paul M. Bird, David L. Kaminsky, Sam S. Lightstone, Walid Rjaibi
-
Patent number: 7661125Abstract: A system for establishing a connection between a data server and a middleware server is disclosed. The system includes defining a plurality of trust attributes corresponding to a trusted context between the middleware server and the data server and validating the plurality of trust attributes against a plurality of attributes corresponding to the middleware server. The plurality of attributes provided in a connection request. The system also includes establishing the trusted context based on the validating the plurality of trust attributes.Type: GrantFiled: July 2, 2008Date of Patent: February 9, 2010Assignee: International Business Machines CorporationInventors: Paul M. Bird, Gayathiri R. Chandran, Curt L. Cotner, Adrian B. Lobo, James W. Pickel, Walid Rjaibi
-
Patent number: 7647626Abstract: A data server of a data processing system is operably coupled to a database and in communication with a middleware server. A connection between the data server and the middleware server is established and managed. A set of attributes identifying trusted middleware servers is instituted with the data server. The middleware server transmits a connection request to the data server. The connection request has request attributes including identifying the connection request as being for a new connection or reuse of an existing connection with different connection request attributes. A connection with the middleware server is established by the data server based on the connection request. A connection status message is received by the middleware server from the data server indicating a status of the connection request. A trust indicator for the connection is established at the data server according to a trust status identified by the set of attributes for the middleware server.Type: GrantFiled: December 8, 2004Date of Patent: January 12, 2010Assignee: International Business Machines CorporationInventors: Paul Miller Bird, Curt Lee Cotner, Walid Rjaibi, Timothy Jon Vincent
-
Patent number: 7568235Abstract: A method that controls user access to the stored data elements using security label components is disclosed. Each stored data element is associated with a set of data security label components, and each user is associated with a set of user security label components. The method receives a user request to access the stored data elements, compares the set of user security label components to the set of data security label components associated with the users, and based on the comparison result, determines whether or not to permit access to the stored data.Type: GrantFiled: January 15, 2005Date of Patent: July 28, 2009Assignee: International Business Machines CorporationInventors: Paul Miller Bird, Walid Rjaibi
-
Patent number: 7568039Abstract: A method for establishing a connection between a data server and a middleware server is disclosed. The method includes defining a plurality of trust attributes corresponding to a trusted context between the middleware server and the data server and validating the plurality of trust attributes against a plurality of attributes corresponding to the middleware server. The plurality of attributes provided in a connection request. The method also includes establishing the trusted context based on the validating the plurality of trust attributes.Type: GrantFiled: December 27, 2004Date of Patent: July 28, 2009Assignee: International Business Machines CorporationInventors: Paul M. Bird, Gayathiri R. Chandran, Curt L. Cotner, Adrian B. Lobo, James W. Pickel, Walid Rjaibi
-
Publication number: 20090182747Abstract: A method and system for controlling access to data stored in a table of a database are provided. The method includes marking the table of the database as being protected with fine-grained access control (FGAC), creating a system authorization class for the table of the database, the system authorization class having a default row authorization that prevents access to all rows in the table, the system authorization class being unmodifiable, creating a user authorization class for the table of the database, the user authorization class having a default row authorization that prevents access to all rows in the table, the user authorization class being modifiable, and associating the system authorization class and the user authorization class with the table of the database.Type: ApplicationFiled: January 11, 2008Publication date: July 16, 2009Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Paul Miller Bird, Yao-Ching Stephen Chen, George Gerald Kiernan, Scott Ian Logan, Allen William Luniewski, Walid Rjaibi