Patent application number | Description | Published |
20090150412 | EFFICIENT STREAMING EVALUATION OF XPATHS ON BINARY-ENCODED XML SCHEMA-BASED DOCUMENTS - A database system may utilize XML schema information to increase the efficiency of an XPath streaming evaluation. The database system may access XML schema or translation information during the evaluation of an element, attribute, or value in an XML data source. Based on the XML schema or translation information, the database system may determine matches to an XPath expression without decoding any binary-encoded data in the XML data source. Also, based on the XML schema information, the database may selectively skip or evaluate portions of the XML data source depending on whether those portions are defined in the XML schema so as to possibly contain a match to one or more unmatched steps in the XPath expression. XML schema information may be compiled into a compiled representation of the XPath expression for additional efficiencies. | 06-11-2009 |
20090157686 | METHOD AND APPARATUS FOR EFFICIENTLY CACHING A SYSTEM-WIDE ACCESS CONTROL LIST - One embodiment of the present invention provides a system for efficiently caching a system-wide Access Control Entry (ACE) for a subject requesting an action on an object associated with an application. During operation, the system retrieves a security class that is associated with an application. The system then checks if a constrained system-wide ACE associated with the subject, the object, the requested action, and the security class exists in a cache. If so, then the system retrieves the entry. Otherwise, the system retrieves a system-wide ACE associated with the subject and the requested action. The system also retrieves a local ACE associated with the subject, the object, the requested action, and the security class. Next, the system constrains the system-wide ACE with the local ACE and caches the result so that the constrained system-wide ACE is associated with the subject, the object, the requested action, and the security class. | 06-18-2009 |
20090276824 | TECHNIQUE FOR EFFICIENTLY EVALUATING A SECURITY POLICY - One embodiment of the present invention provides a system for efficiently evaluating a security policy. During operation, the system retrieves one or more roles associated with the user. Next, the system checks if a session-level cache exists for a set of Access Control Entries (ACEs) which is associated with the one or more roles. If this session-level cache exists, the system returns the set of ACEs from the session-level cache. Otherwise, the system generates the set of ACEs associated with the one or more roles from an Access Control List (ACL). During operation, the system can also update the one or more roles associated with the user and update the set of ACEs based on the updated one or more roles and the ACL. The system subsequently updates the session level cache with the updated set of ACEs and updated one or more roles. | 11-05-2009 |
20090307239 | FAST EXTRACTION OF SCALAR VALUES FROM BINARY ENCODED XML - Techniques are provided for efficiently extracting scalar values from binary-encoded XML data. Node information is stored in association with binary-encoded XML data to indicate whether one or more nodes of an XML document are simple or complex. A node is simple if the node has no child elements and no attributes. The node information of a particular node is used to determine whether a particular node, identified in a query, is simple or complex. If the particular node is simple, then the scalar value of the particular node is identified without performing any operations other than possibly converting the scalar value to a non-binary-encoded format or converting the scalar value to a value of a different data type. | 12-10-2009 |
20090319477 | PERFORMING COST-BASED OPTIMIZATIONS OF AUTHORIZATION CHECKS IN DATABASE SYSTEMS - One embodiment of the present invention provides a system that facilitates performing a cost-based optimization of authorization checks in a database system. During operation, the system receives a query at the database system. Next, the system estimates a cost for executing the query, which involves estimating a cost for evaluating authorization checks, which involve functional evaluations of access rights for data accessed by the query. The system then rewrites the query to include evaluating authorization checks within the query. The system also estimates a cost for executing the rewritten query. Next, the system determines if executing the rewritten query has a lower cost than executing the query and performing the authorization checks. If so, the system executes the rewritten query. However, if not, the system executes the query. | 12-24-2009 |
20090327252 | ESTIMATING THE COST OF XML OPERATORS FOR BINARY XML STORAGE - Techniques for estimating the cost of processing a database statement that includes one or more path expressions are provided. One aspect of cost is I/O cost, or the cost of reading data from persistent storage into memory according to a particular streaming operator. Binary-encoded XML data is stored in association with a synopsis that summarizes the binary-encoded XML data. The synopsis includes skip length information for one or more elements and indicates, for each such element, how large (e.g., in bytes) the element is in storage. The skip length information of a particular element thus indicates how much data may be skipped during I/O if the particular element does not match the path expression that is input to the streaming operator. The skip length information of one or more elements is used to estimate the cost of processing the database statement. | 12-31-2009 |
Patent application number | Description | Published |
20090037368 | FAST PATH LOADING OF XML DATA - Techniques for implementing fast loading of binary XML into a binary XML database repository are provided. A client application reduces the processing burden on the repository by doing pre-processing of the binary XML data prior to loading. | 02-05-2009 |
20090125495 | OPTIMIZED STREAMING EVALUATION OF XML QUERIES - A database system may perform a streaming evaluation of an XPath expression by utilizing an XPath evaluation component in tandem with an XML event-streaming component. For a more optimal filtered streaming evaluation, the XML event-streaming component may provide an interface whereby the evaluation component sends certain criteria to the event-streaming component when requesting an XML event. The criteria may be based on a next unmatched step in the XPath expression. In response to the request for an XML event, the event-streaming component may only return events that match the criteria. The evaluation component may be, for example, a compiled state machine for the XPath expression. The criteria may be pre-compiled for each possible state in the state machine. The event-streaming component may also utilize the criteria along with schema information to skip parsing of certain segments of XML data. | 05-14-2009 |
20090125693 | TECHNIQUES FOR MORE EFFICIENT GENERATION OF XML EVENTS FROM XML DATA SOURCES - One may increase the efficiency of an XML event-generating process by reducing the number of requests to allocate or deallocate system memory. Such reduction may occur as the result of pre-allocating a memory chunk of sufficient size to contain all of the memory buffers required by a particular event-generating process. Instead of allocating new memory chunks for new memory buffers, an application may store any required buffers within the pre-allocated memory chunk. A sufficient memory size may be estimated by performing the event-generating process on a training set of XML documents. Also, an application may re-use buffers during the process or between different iterations of the process, thus avoiding the need to deallocate and reallocate memory that is essentially being used for the same purpose. | 05-14-2009 |
20090144804 | METHOD AND APPARATUS TO SUPPORT PRIVILEGES AT MULTIPLE LEVELS OF AUTHENTICATION USING A CONSTRAINING ACL - Embodiments of the present invention provide systems and techniques for creating, updating, and using an ACL (access control list). A database system may include a constraining ACL which represents a global security policy that is to be applied to all applications that interact with the database. By ensuring that all ACLs inherit from the constraining ACL, the database system can ensure that the global security policy is applied to all applications that interact with the database. During operation, the system may receive a request to create or update an ACL. Before creating or updating the ACL, the system may modify the ACL to ensure that it inherits from the constraining ACL. In an embodiment, the system grants a privilege to a user only if both the ACL and the constraining ACL grant the privilege. | 06-04-2009 |
20110137963 | PERFORMING AN ACTION IN RESPONSE TO A FILE SYSTEM EVENT - A method and apparatus for performing an action in response to a file system event is provided. According to one aspect, sets of “event listeners” are associated with a file hierarchy and/or the nodes thereof. Each event listener contains a set of “event handlers.” Each event handler corresponds to a separate type of event that may occur relative to the file hierarchy's nodes. When an event is going to occur relative to the hierarchy or a node thereof, all event listeners that are associated with that hierarchy/node are inspected to determine whether those event listeners contain any event handlers that correspond to the event's type. Those event handlers that correspond to the event's type are placed in an ordered list of event handlers to be invoked. As the event handlers in the list are invoked, programmatic mechanisms that correspond to those event handlers are executed to perform customized user-specified actions. | 06-09-2011 |