| CPC H04L 63/102 (2013.01) [G06F 21/6227 (2013.01); H04L 63/0876 (2013.01); H04L 63/20 (2013.01)] | 32 Claims |
|
1. A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors effectuate operations comprising:
receiving, by an external application programming interface (API), an API request from a database driver, the API request identifying client or user information and including information about an access event corresponding to a database arrangement, the database arrangement comprising at least a first database having a first data structure and a second database having a second data structure different from the first data structure;
inspecting the API request to obtain one or more identifiers of a client or user matching a policy for controlling data access from the database arrangement by the client or user;
modifying, responsive to one or more rules of the policy based on one or more of the identifiers, access event data for the database arrangement, wherein the modification comprises modifying a connection string for connecting to the database arrangement, a query for obtaining data from the database arrangement, or data returned by the database arrangement;
returning, by the external API, an API response to the database driver, the API response including the modified access event data; and
storing, in an audit log associated with the external API, at least the modified query, wherein the database arrangement:
stores in an audit log associated with the database arrangement queries received from the database driver, and
validates a query that is received from the database driver and that is stored in the audit log associated with the database arrangement by determining whether the query matches a modified query stored within the audit log associated with the external API.
|