International Business Machines Corporation
SECURITY SEMANTICS FOR DATABASE QUERIES

Abstract:

A computer-implemented method to inject security semantics into database queries. The method includes receiving, by a database system, a query, wherein the query is received from a host and the query is generated by a first user account. The method also includes, generating an access plan for the query. The method further includes, determining a first portion of the access plan matches a first security syntax. The method includes, injecting, in response to determining the first portion of the access plan matches the first security syntax, the first security syntax into the access plan. The method further includes, executing the query. The method includes, returning a set of results of the query to the host.