Selective audit by row in a relational database system: technique
The European Patent Office has considered the selective audit by row in a relational database system as a technique. Here are the practical lessons to be learned from the decision T 0963/09 (Selective control / ORACLE) of 5.6.2014 of the Technical Board of Appeal 3.5.07:
Key points to remember
Access to databases in general and the specific implementation of selective row auditing in a relational database system, in particular, are considered technical.
The invention underlying the present decision relates to the securing of computerized databases. Databases often store highly sensitive data, such as salaries, corporate financial data, and even classified military secrets. For security reasons, it is essential to be able to audit access to this sensitive data. Conventional database systems typically provide a general audit function that records an audit trail containing general information about the user and the request made. However, conventional audit facilities have a number of shortcomings. They do not record specific information about the application, the session environment, or, most importantly, the results of the query. Consequently, the information collected by a traditional audit service is often insufficient to reconstruct an event, or even to determine whether access rights have been violated (cf. WO 01/82118 A2, p. 1, l. 19- 28). Thus, the application intends to provide an audit mechanism making it possible to specify a finer granularity of the audit conditions when accessing the relational tables in order to minimize the number of false audit records generated (cf. WO 01/82118 A2 , p. 2, l. 3-5).
Fig. 1 of WO 01/82118 A2
Claim 1 (main request)
A method for selectively auditing access to a relational database system (109), comprising:
receiving a query (123) from a client (102) on a database server (110) which processes queries for the relational database system, wherein the relational database system includes a plurality of tables relational (113) and each of the relational tables includes an audit flag (206) to indicate whether auditing is enabled for the relational table;
determine if auditing is enabled by checking all tables referenced by the query to see if an audit flag is set for the tables, and if so, modify the query before processing the query by inserting some logic from monitoring in the request to cause an audit record to be created and saved for rows that meet an audit condition;
process the query at the database server level to produce a query result, where processing the query causes an audit record to be created only for those rows in relational tables that meet the query conditions and for which the request accesses and satisfies the audit condition;
recording the audit record in an audit record memory (118); and
return the result of the request (124) to the client.
Is it patentable?
The first instance examining division decided that the independent claims of the main request were devoid of inventive step in view of two cited prior art documents. In addition to the discussion of prior art, the board expressed some concerns in the subpoena as to whether the claimed subject matter is technical at all:
7.6 In the communication accompanying the summons, the Commission observed that database access audit, while in itself a technical operation, within the framework of the present invention did not appear to serve any specific technical objective going beyond the act of audit. Likewise, the motivation to make the audit selective, that is to say to limit the audit of access to databases to accesses to lines satisfying a particular audit condition, seemed to be non-technical.
During the hearing, the applicant objected to this (preliminary) view of the Commission in charge:
7.8 During the oral proceedings, the complainant explained that the claimed invention allowed a selective audit based on the lines to be performed based on an audit condition referring to fields that were not included in the query result returned to the client.
Apparently, the Board followed this argument and considered that the claimed subject-matter of the main request involved an inventive step:
7.9 In view of this explanation, the Board accepts that the claimed solution to the problem of implementing selective audit cannot be considered, without documentary evidence, as a simple obvious possibility.
Thus, at least implicitly, the competent chamber also considered that the claimed subject-matter of the main request was of a technical nature and annulled the first instance decision.
You can read the full decision here: T 0963/09 (Selective control / ORACLE) of 5.6.2014.