ENFORCING SECURITY FOR SENSITIVE DATA ON DATABASE CLIENT HOSTS

摘要

A restriction agent resides on a database client host, the database client host receiving first data from a database secured by a database access control system, the first data comprising sensitive information authorized by the database access control system for access by an authorized user requesting access to the database through a database client resident on the database client host. The restriction agent receives one or more instructions from a database access control system relative to the first data. The restriction agent enforces the one or more instructions on the database client host to restrict access to the first data to the authorized user only from among multiple users of the database client host.