DANIEL WONG, ENDOCRINOLOGY
Osteopathic Medicine at 29 St, Sacramento, CA

6986060, Jan 10, 2006

May 23, 2000

09/577220

Daniel ManHung Wong - Sacramento CA, US

Oracle International Corp. - Redwood Shores CA

H04L 9/00, G06F 15/16, G06F 17/30

713201, 713202, 707 9, 709229

One embodiment of the present invention provides a system for sharing a security context between different sessions on a database server. The system operates by receiving a request at the database server through a database session between the database server and an application on a database client. The system looks up an identifier for an application client that was previously associated with the database session. The system uses this identifier to look up the security context containing attributes related to the application client within a storage area associated with the database server. Next, the system performs a database operation to satisfy the request and in doing so enforces access rights associated with the security context. In one embodiment of the present invention, the request includes a database query directed to a database on the database server. In one embodiment of the present invention, performing the database operation involves modifying the database query to enforce access rights associated with the security context.

7639819, Dec 29, 2009

Jun 16, 2005

11/156307

Min-Hank Ho - Newark CA, US
Paul Youn - Redwood City CA, US
Daniel ManHung Wong - Sacramento CA, US
Chon Lei - Alameda CA, US

Oracle International Corporation - Redwood Shores CA

H04L 9/00

380277, 713192, 713193

One embodiment of the present invention provides a system that facilitates using an external security device to secure data in a database without having to modify database applications. The system operates by receiving a request at the database to perform an encryption/decryption operation, wherein the encryption/decryption operation is performed with the assistance of the external security module in a manner that is transparent to database applications. In response to the request, the system passes a wrapped (encrypted) column key (a key used to encrypt data within the database) to an external security module, wherein the wrapped column key is a column key encrypted with a master key that exists only within the external security module. The system then unwraps (decrypts) the wrapped column key in the external security module to retrieve the column key. Next, the system returns the column key to the database.

7228300, Jun 5, 2007

May 7, 2003

10/431972

Chon Hei Lei - Alameda CA, US
Daniel Manhung Wong - Sacramento CA, US

Oracle International Corporation - Redwood Shores CA

G06F 17/30

707 3, 707 4

A fine-grained access control mechanism uses policy functions that are associated with a database object (e. g. table and view). The policy functions are invoked, when, for example, a database server detects that a query is issued against the database object. The value of a policy function remains constant under certain conditions. For example, once a database server is brought up, the value of a policy function may remain the same. Users can specify the conditions under which the value of a policy function remain constant. Based on this information, when a policy function is computed while processing a query, the database server caches the value of the policy function. When processing another query that requires the value of the policy function, the database server retrieves the result from the cache rather than re-computing the policy function, as long as the condition under which the policy function remains constant persists.

2009020, Aug 13, 2009

Feb 13, 2008

12/030393

Daniel ManHung Wong - Sacramento CA, US

ORACLE INTERNATIONAL CORPORATION - Redwood Shores CA

G06F 17/30

707 2, 707 4, 707E17014

One embodiment of the present invention provides a system that facilitates performing multi-stage table updates. During operation, the system receives a query at a query processor, wherein executing the query causes an update to an entire table in a database. Next, the system estimates an amount of transaction log space required to execute the query. If the amount of transaction log space is greater than a pre-determined threshold, the system splits the query into a set of sub-queries, wherein an amount of transaction log space required by each sub-query in the set of sub-queries is less than the pre-determined threshold. For each sub-query in the set of sub-queries, the system executes the sub-query, and performs a mini-commit operation for the sub-query, wherein updates which comprise the mini-commit operation are not exposed to a user. Finally, when mini-commit operations have been performed for all of the sub-queries, the system performs a commit operation for the query.

7653630, Jan 26, 2010

Aug 24, 2005

11/210326

Daniel ManHung Wong - Sacramento CA, US

Oracle International Corporation - Redwood Shores CA

G06F 17/30

707 9, 707100, 726 2

A system that facilitates implementing a privileged schema in a database, wherein the privileged schema is comprised of a set of database objects. Note that in relational database terminology, sometimes object stores are simply referred to as schema. The system starts by creating the privileged schema. Next, the system receives a database operation from a user. The system then authenticates the user to determine if the user is the owner of the privileged schema. If so, the system executes the database operation. On the other hand, if the user is not the owner, then the system rejects the database operation.

8234694, Jul 31, 2012

Dec 9, 2005

11/298775

Paul Youn - Redwood City CA, US
Daniel ManHung Wong - Sacramento CA, US

Oracle International Corporation - Redwood Shores CA

H04L 29/06

726 5, 713156, 713171

One embodiment of the present invention provides a system that re-establishes communication between a client and a server after an unexpected termination of communication. During operation, the system receives a request from the client at the server to re-establish communication between the client and the server, wherein the request includes a temporary credential. If the temporary credential is valid, the system temporarily re-establishes communication between the client and the server, until the client can be re-authenticated with a permanent credential.

8065281, Nov 22, 2011

Jul 19, 2007

11/780359

Daniel ManHung Wong - Sacramento CA, US

Oracle International Corporation - Redwood Shores CA

G06F 17/00

707694, 707736

One embodiment of the present invention provides a system that facilitates distributed processing of database operations. During operation, the system receives a database operation at a distributed command processor, wherein the database operation includes a query language command. Next, the system performs a set of non-data processing operations associated with the database operation to obtain a set of non-data processing results. The system then sends the query language command to a database, which enables the database to execute the query language command to obtain a result.

7814330, Oct 12, 2010

Aug 1, 2005

11/195016

Daniel ManHung Wong - Sacramento CA, US

Oracle International Corporation - Redwood Shores CA

G06F 11/30

713182, 380287

One embodiment of the present invention provides a system that facilitates authenticating a user at a computer system. During operation, the system creates an authentication profile and assigns the authentication profile to a user, wherein the authentication profile specifies authentication criteria. Next, the computer system receives a login request from the user, and in responding to the login request, the computer system checks if the authentication criteria in the authentication profile are satisfied. If so, the system allows the user to login. If not, the user is prevented from logging into the computer system.

2008004, Feb 21, 2008

Aug 2, 2006

11/497765

Daniel M. Wong - Sacramento CA, US
Gopal B. Mulagund - Bangalore, IN

Oracle International Corporation - Redwood Shores CA

H04L 9/32

726 20

Systems, methodologies, media, and other embodiments associated with storage of audit information. One system embodiment includes an audit memory configured to temporarily store audit information associated with a user request, an audit logic configured to store the audit information in the audit memory while the user request is processed; and, an audit storage logic configured to store the audit information stored in the audit memory in an audit store before a response is provided to the user request.