GB2248951A - Secure retrieval of data from a stored database - Google Patents

Secure retrieval of data from a stored database Download PDF

Info

Publication number
GB2248951A
GB2248951A GB9022578A GB9022578A GB2248951A GB 2248951 A GB2248951 A GB 2248951A GB 9022578 A GB9022578 A GB 9022578A GB 9022578 A GB9022578 A GB 9022578A GB 2248951 A GB2248951 A GB 2248951A
Authority
GB
United Kingdom
Prior art keywords
screen
field
fields
security level
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB9022578A
Other versions
GB2248951B (en
GB9022578D0 (en
Inventor
Robert Ashmore
David Snow
John Connolly
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
COMPUTER RESOURCES RESEARCH LI
Original Assignee
COMPUTER RESOURCES RESEARCH LI
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by COMPUTER RESOURCES RESEARCH LI filed Critical COMPUTER RESOURCES RESEARCH LI
Priority to GB9022578A priority Critical patent/GB2248951B/en
Priority to BE9001059A priority patent/BE1002442A6/en
Publication of GB9022578D0 publication Critical patent/GB9022578D0/en
Publication of GB2248951A publication Critical patent/GB2248951A/en
Application granted granted Critical
Publication of GB2248951B publication Critical patent/GB2248951B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

A process is disclosed for retrieving data from a database stored in a fixed disc 3 for display on the screen of a VDU 6 or printing at a printer 9. Fields in each retrieved database record are stored in a RAM 4 in the form of a virtual screen 41 which is similar to a screen layout for the VDU 6 except that physical constraints are not taken into account up to preset large dimensions, in this case 256 rows, each having 256 character locations. Blocks 44 within the virtual screen 41 are selected for display to give the effect of a window or viewport on the virtual screen 41. Versatility in security of data fields is achieved by comparisons between a user security level and a separate security level value for each individual field. According to the comparison, a control unit 2 selects which fields are written to a screen memory 8 or printed and which may be written to in the RAM 4. <IMAGE>

Description

"Retrieval of data from a stored database" The invention relates to the retrieval of data from a stored database.
At present, it is necessary to divide relatively large database records into a number of separate screen layouts viewed as panels because of the physical size limitations of video screens. For example, where a database record includes, say 25 data fields, it may be necessary to have up to four separate panels for displaying of this data on retrieval from the storage device. Because each screen layout must be processed separately in random access memory and screen memory, the storage, retrieval and display of data in this manner requires considerable processing time. Further, a large amount of time is required of a user for inputting data to the database and in reading the data on retrieval.
If some data fields are to be kept secret from certain users, this is achieved by a password system which prevents display of panels including such fields. This is clearly inconvenient where the panel includes other fields which should be viewed by a user and results in failure to achieve optimum use of computerised databases by a group of people.
The present invention is directed towards providing for data retrieval from a database in a simple manner with relatively little processing required of a control unit. Another object is to achieve a clear presentation of retrieved data. A further object is to achieve security and confidentiality of selected data fields in an optimum manner without affecting retrieval of other data fields.
According to the invention, there is provided a process carried out by a control unit of a computerised apparatus for retrieval of data from a stored database, the apparatus further comprising a permanent storage device storing the database, a random access memory circuit, a user input interface, a visual display unit having a video controller and a screen memory; the process comprising the steps of: writing a user-requested database record containing data fields from the permanent storage device to the random access memory circuit, including the sub-step of writing the fields in a virtual screen format of a plurality of rows of character locations, the number of rows and of locations per row being independent of physical constraints of the screen of the visual display unit, determining boundary locations for a block of the virtual screen to be initially displayed on the visual display unit; retrieving a user security level valve from the permanent storage device; for each field of the virtual screen in turn, retrieving a security level value; comparing the field and user security level values; determining according to the comparison if the field is an open field which may be displayed or a closed field which may not be displayed at the visual display unit; writing open fields within the block of the virtual screen defined by the boundary locations to the screen memory for display under direction of the video controller; for each open field, determining according to the comparison if the field is a fixed field which may not be written to by a user or a variable field which may be written to; preventing transmission of write instructions to fixed fields in the random access memory circuit; and writing an updated block of the virtual screen to the screen memory on receipt of user input of updated block boundary locations of the virtual screen.
In one embodiment, the apparatus further comprises a printer and a printer controller, and the process comprises the further steps of the control unit directing retrieval by the printer controller of data for printing from the screen memory.
Ideally, each database record also includes output definition parameter values defining block boundary locations, and the step of the control unit determining boundary locations comprises the sub-step of reading the output definition parameter values in the database record.
Preferably, the output definition parameter values also include the field security level values for data fields within the record.
The invention will be more clearly understood from the following description of some preferred embodiments thereof, given by way of example only with reference to the accompanying drawings in which: Fig. 1 is a schematic representation of a computerised apparatus for storage of a database and retrieval of data; Fig. 2 is a flow diagram illustrating operation of the apparatus; Fig. 3 is a diagrammatic view of a virtual screen stored in the apparatus; and Figs. 4(a) to 4(c) are diagrammatic representations of data fields displayed on a visual display unit screen.
Referring to the drawings, and initially to Fig. 1, there is illustrated a computerised apparatus of the invention, indicated generally by the reference numeral 1. The apparatus 1 is for storage of a database and for retrieval of data for viewing or amendment by a user. For clarity, the parts of the apparatus 1 not essential to the carrying out of the invention are not illustrated. However, these will be readily understood by those skilled in the art.
The apparatus 1 comprises a microprocessor control unit 2 connected to a permanent storage device, namely, a fixed disc 3 and to a random access memory circuit 4 via a memory bus 5.
The apparatus 1 also includes a visual display unit (VDU) 6 which is controlled by a video controller 7 connected to a screen memory 8, which is in turn connected to the control unit 2. The apparatus 1 also includes a printer 9 controlled by a printer controller 10 connected to the control unit, and a keyboard 11 connected to a keyboard encoder 12.
In this embodiment, the fixed disc 3 has a capacity of 40 Mbytes, however, it is envisaged that it may be larger or smaller as desired. In particular, it is envisaged that one way of achieving a much higher storage capacity is to connect the memory bus 5 to a file server where up to 300 Mbytes of capacity may be achieved. The random access memory circuit 4 has a capacity of 1 Mbyte.
Referring to Figs. 2 to 4, operation of the apparatus 1 is illustrated in detail. Initially, a request is received at the keyboard 11 for viewing of at least some of the data fields in the stored database. When such a request is received, the control unit 2 retrieves the relevant record and writes it to the random access memory circuit 4.
Referring again to Fig. 1, a number of database records 40 are illustrated in diagrammatic form stored in the random access memory circuit 4. Each database record 40 comprises a set of output definition parameter values which define the manner in which the database records should be outputted to a user.
This part-of the record is represented by the numeral 42. In addition, each record 40 includes a plurality of data fields made up of descriptive text and a variable value associated with the text. The set of data fields in a record is stored by the control unit 2 in the random access memory 4 in a virtual screen format 41 of a plurality of rows of character locations in which the number of rows and the number of locations per row are independent of physical constraints of the screen of the visual display unit 6. In this embodiment, the virtual screen may have the dimensions of up to 256 characters per row and 256 rows whereas the screen of the VDU 6 can display only 25 rows, with 80 characters per row.The process steps involved in creating the virtual screen 41 are similar to those used for creating a panel for display on the screen, the difference being that the size of the panel is not limited by the physical constraints of the screen of the VDU 6 (25 rows, 80 character locations per row).
The step of writing the database records to the random access memory circuit 4 is represented by the step 20 in Fig. 2 and in step 21, the control unit 2 reads block boundary locations from the parameter value section 42. The block boundary locations are character locations which usually define a rectangular block in the virtual screen 41, which block is equal to or less then the maximum block size which may be displayed on the screen of the VDU 6. Blocks 44 are represented schematically in Fig. 3 in a virtual screen 41.
The boundary locations which are stored are the initial boundary locations which define the block which should be initially displayed on the VDU 6. In may cases the block will be in the top left-hand section of a virtual screen 41.
Needless to say, if there are very few data fields, the virtual screen 41 may take up less space than the physical size of the screen of the VDU 6, in which case the boundary locations are redundant.
In step 22, the control unit 2 retrieves a user security level value from the fixed disc 3 via the random access memory circuit 4. Before requesting to view data, the user must input a password, which password is used by the control unit 2 to retrieve a security level value. In this embodiment, there are 100 security level values between 0 and 99, 0 giving maximum access to data and 99 giving least access. In Fig. 1, user security level values 43 are illustrated stored in the random access memory circuit 4.
The output parameter value section 42 of the database record 40 also includes a security level value for each field of that record. Again, the field security level values range between O and 99, 0 representing the most secretive field and 99 representing the least secretive. After retrieving the user security level value, the control unit 2 retrieves for each field of the record in turn, the field security level value and compares the two values in step 24. In step 25, the control unit 2 determines if the user security level value is less than or equal to the field security level value. If so, that particular field is designated in step 27 as an "open field", which means that the field may be displayed. If not, the field is designated in step 26 as a "closed field which may not be displayed.If the field is open, in step 28 the control unit 2 determines if the user security level value is less than the field security level value. If not (ie they are equal) the field is designated in step 29 as a "fixed field" which means that while the field may be displayed on a screen, it may not be written to for amendment. If the user value is less than the field value, the field is designated in step 30 as a "variable field" which may not only be displayed but may also be amended by the user by write instructions to the random access circuit 4.
In step 31, the control unit 2 determines if all of the fields have been designated, and if not the procedure is repeated for the next field in the database record 40. When all of the fields have been designated, the control unit 2 writes a block 44 which is defined by the boundary locations stored in the output definition parameter value section 42 to the screen memory 8. The block which is written to the screen memory 8 only includes open fields. Neither the text or the data value of a closed field is transmitted to the screen memory 8. When the block is transmitted to the screen memory 8, the video controller 7 simply retrieves the block from the screen memory 8 as if it were a conventional panel for display on the VDU 6 and is not required to operate in a non-conventional manner.
If instructions are received at the keyboard 11 from the user for writing to fields which are open and are thus seen by the user, but which have been designated as being fixed, the control unit 2 prevents write instructions being transmitted to the random access memory circuit 4 to prevent amendment of the fixed field data values. This is illustrated in step 33.
Referring to Fig. 4, three sample blocks 44 of a virtual screen 41 as seen by a user on the VDU 6 are illustrated.
There are five fields in this portion of the virtual screen 41 as follows: Field Description Field Security Level Value Name 99 Address 80 Telephone Number 80 Medical Record 10 Salary 1 The block 44 illustrated in Fig. 4(a) is for a user with a security level value 0. Because 0 is less than or equal to all of the field security level values, all of the fields are open and may be viewed. Further, because 0 is less than all of the field security level values, all of the fields are variable and the control unit 2 allows write instructions to these fields in the random access memory circuit 4.
Typically, a user with a security level value 0 would be the most senior person in an organisation. Fig. 4(b) represents a situation where the user security level value is 1 and again, all of the fields are open and are thus visible.
However, the salary field also has a security level value of 1 and thus, while this field is open, it is designated as being fixed and may not be written to. Typically, a user having a security level value 1 would be, say, a personnel manager. Fig. 4(c) represents the situation where a user has a security level value of 50. This value is not less than or equal to the values for the salary and medical record fields and accordingly these fields are closed and are not displayed and accordingly they may not be amended. It will be noted that not only is the data not displayed, but the descriptive part of the field is not illustrated so that the user having a security level value of 50 does not even know that this information is stored on the database. This is a particularly important aspect of the invention as it significantly reduces the incentive to circumvent security of the apparatus 1.If the control unit 2 receives a request from a user at the keyboard 11 for printing of data fields, the control unit 2 directs delivery of data to the printer controller 10 directly from the screen memory 8. Accordingly data is delivered for printing in the same manner as it is for display.
When the control unit 2 has delivered a block 44 of the virtual screen 41 to the screen memory 8, it may receive (in step 34) at the keyboard 11 updated block boundary locations defining an updated block. The control unit 2 then transmits open data fields within the updated block boundary conditions to the screen memory 8.
It will be appreciated that excellent versatility is achieved as only those fields which are to be kept secret from a user are deleted from a displayed screen, all other information required by a user being available. This is an important feature of the invention, particularly where there are a relatively large amount of users who require data from the stored database.
It will also be appreciated that because each database record is stored in the form of a virtual screen, the user is not required to view a succession of different panels but in effect regards his screen as a viewport or window which allows him view any portion of a large screen as desired. This is a simple concept for a user which provides for more speedy viewing of a database record. Further, less processing time is required because the control unit 2 is not required to store and retrieve separate screen layouts in the RAM 4 and the screen memory 8 updating and switching between different panels. Further, creation of a database record in this manner is also considerably simpler than heretofore.
The invention is not limited to the embodiment hereinbefore described, but may be varied in construction and detail.

Claims (5)

1. A process carried out by a control unit of a computerised apparatus for retrieval of data from a stored database, the apparatus further comprising a permanent storage device storing the database, a random access memory circuit, a user input interface, a visual display unit having a video controller and a screen memory; the process comprising the steps of: writing a user-requested database record containing data fields from the permanent storage device to the random access memory circuit, including the sub-step of writing the fields in a virtual screen format of a plurality of rows of character locations, the number of rows and of locations per row being independent of physical constraints of the screen of the visual display unit, determining boundary locations for a block of the virtual screen to be initially displayed on the visual display unit; retrieving a user security level valve from the permanent storage device; for each field of the virtual screen in turn, retrieving a security level value; comparing the field and user security level values; determining according to the comparison if the field is an open field which may be displayed or a closed field which may not be displayed at the visual display unit; writing open fields within the block of the virtual screen defined by the boundary locations to the screen memory for display under direction of the video controller; for each open field, determining according to the comparison if the field is a fixed field which may not be written to by a user or a variable field which may be written to; preventing transmission of write instructions to fixed fields in the random access memory circuit; and writing an updated block of the virtual screen to the screen memory on receipt of user input of updated block boundary locations of the virtual screen.
2. A process as claimed in claim 1, wherein the apparatus further comprises a printer and a printer controller, and the process comprises the further steps of the control unit directing retrieval by the printer controller of data for printing from the screen memory.
3. A process as claimed in claims 1 or 2, wherein each database record also includes output definition parameter values defining block boundary locations, and the step of the control unit determining boundary locations comprises the sub-step of reading the output definition parameter values in the database record.
4. A process as claimed in claim 3, wherein the output definition parameter values also include the field security level values for data fields within the record.
5. A process substantially as hereinbefore described with reference to and as illustrated in the accompanying drawings.
GB9022578A 1990-10-17 1990-10-17 Retrieval of data from a stored database Expired - Fee Related GB2248951B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB9022578A GB2248951B (en) 1990-10-17 1990-10-17 Retrieval of data from a stored database
BE9001059A BE1002442A6 (en) 1990-10-17 1990-11-09 SEARCHING FOR DATABASES IN A STORED DATABASE.

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB9022578A GB2248951B (en) 1990-10-17 1990-10-17 Retrieval of data from a stored database

Publications (3)

Publication Number Publication Date
GB9022578D0 GB9022578D0 (en) 1990-11-28
GB2248951A true GB2248951A (en) 1992-04-22
GB2248951B GB2248951B (en) 1994-04-06

Family

ID=10683882

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9022578A Expired - Fee Related GB2248951B (en) 1990-10-17 1990-10-17 Retrieval of data from a stored database

Country Status (2)

Country Link
BE (1) BE1002442A6 (en)
GB (1) GB2248951B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2391086A (en) * 2002-05-28 2004-01-28 Symbian Ltd Trusted user interface of a secure mobile communications device
US7437765B2 (en) 2002-06-04 2008-10-14 Sap Aktiengesellschaft Sensitive display system
US7594266B2 (en) 2001-11-23 2009-09-22 Protegrity Corporation Data security and intrusion detection
US8225106B2 (en) 2008-04-02 2012-07-17 Protegrity Corporation Differential encryption utilizing trust modes
US8402281B2 (en) 1996-06-20 2013-03-19 Protegrity Corporation Data security system for a database
US8443426B2 (en) 2007-06-11 2013-05-14 Protegrity Corporation Method and system for preventing impersonation of a computer system user

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2035638A (en) * 1978-11-17 1980-06-18 Cherry Leisure Ltd Improvements in or relating to a computer terminal
GB2061578A (en) * 1979-05-30 1981-05-13 Stockburger H Data transmission system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2035638A (en) * 1978-11-17 1980-06-18 Cherry Leisure Ltd Improvements in or relating to a computer terminal
GB2061578A (en) * 1979-05-30 1981-05-13 Stockburger H Data transmission system

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8402281B2 (en) 1996-06-20 2013-03-19 Protegrity Corporation Data security system for a database
US7594266B2 (en) 2001-11-23 2009-09-22 Protegrity Corporation Data security and intrusion detection
GB2391086A (en) * 2002-05-28 2004-01-28 Symbian Ltd Trusted user interface of a secure mobile communications device
GB2391086B (en) * 2002-05-28 2004-10-13 Symbian Ltd Trusted user interface for a secure mobile wireless device
US7437765B2 (en) 2002-06-04 2008-10-14 Sap Aktiengesellschaft Sensitive display system
EP1525524B1 (en) * 2002-06-04 2009-11-18 Sap Ag Secure display system
US8443426B2 (en) 2007-06-11 2013-05-14 Protegrity Corporation Method and system for preventing impersonation of a computer system user
US8225106B2 (en) 2008-04-02 2012-07-17 Protegrity Corporation Differential encryption utilizing trust modes

Also Published As

Publication number Publication date
GB2248951B (en) 1994-04-06
BE1002442A6 (en) 1991-02-12
GB9022578D0 (en) 1990-11-28

Similar Documents

Publication Publication Date Title
US4808987A (en) Image data file storage and retrieval system for an image data filing system
US5990888A (en) Method and system for manipulating graphical objects
EP0403122A2 (en) Processor controlled image overlay
GB2248951A (en) Secure retrieval of data from a stored database
JPH01243172A (en) System for controlling in-document area access
IE61650B1 (en) Retrieval of data from a stored database
JP3762065B2 (en) Object display method and apparatus
JP2000194788A (en) Electronic patient&#39;s record device
JPH0677261B2 (en) Document image information search method
Carroll et al. Multi-dimensional security program for a generalized information retrieval system
JP2647916B2 (en) Data processing device
JP2788556B2 (en) Image information retrieval device
JPS63191189A (en) Image filing apparatus
JPS647225A (en) Window re-displaying system
JP3024175B2 (en) Multi-window display device
JPS60102687A (en) Document editing apparatus
JPH0519997A (en) Data processor
JPH06131341A (en) Document processor
KR950000540B1 (en) Window generating method and apparatus therefor
JPS62226223A (en) Protecting system for display data
JPS63125983A (en) Display device
JPH07271876A (en) Data processor
JPH01211075A (en) Picture input/retrieval device
GB2274524A (en) Data security in a network file server.
JPS62243069A (en) Image file device

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20041017