The present invention relates to a solution to the problem of recognizing what records have been changed in a database using a Cyclic Redundancy Check (CRC).
The problem of recognizing what has changed in a database arise in three general situations. First, multiple databases may exist in a system requiring the same data in each. Therefore, if a change is made, the fact that a change has taken place must be recognized and the changed record transferred to the other databases. Second, an unauthorized change to a record may take place. Malicious software, commonly called viruses, change records in ways that are designed to conceal the change. Therefore, changed records must be identified for elimination of the virus and restoration of the attacked record. Third, it may be necessary to migrate data from a legacy data base in an old format base into a new data base in a new format. Because of the volume of data that may exist in the legacy data base, the time necessary for the migration can disrupt the user""s business activity. Therefore, the records in the legacy data base can be transferred to the new data base and the new format prior to the changeover, and then it only remains to migrate the changed, added or deleted records from the period between the creation of the new data base and the changeover. In other words, if the old data base was migrated into the new data base and format one month before the business was to start using the new database, only the changes that occurred in the one month need to be processed prior to the changeover, and that can be done in a shorter time, thereby eliminating a lengthy disruption of the user""s business activity.
In the first two situations described above, Cyclic Redundancy Checks (CRCs) have been used to identify changes in the database. As used herein CRCs mean a redundancy check in which the check key is generated by a cyclic algorithm. CRCs are used to verify database synchronization. Synchronization means, in application or data-base files, making version comparisons of copies of the files to ensure they contain the same data. U.S. Pat. No. 5,261,092 discloses verifying that two databases are synchronized. The ""092 patent discloses a method for verifying data base information of redundant processors, and more particularly, for verifying that the data base of a primary processor and the data base of a secondary processor are synchronized without requiring the processors to be running in a synchronous manner.
A checksum is a form of CRC. As used herein a checksum means the sum of a group of data associated with the group and used for checking purposes. The data are either numeric or other character strings regarded as numeric for the purpose of calculating the checksum. The checksum is a calculated value that is used to test data for the presence of errors that can occur when data is transmitted or when it is written to a disk. The checksum is calculated for a given amount of data by sequentially combining all the bytes of data with a series of arithmetic or logical operations. After the data is transmitted or stored, a new checksum is calculated in the same way using the (possibly faulty) transmitted or stored data. If the two checksums do not match, an error has occurred, and the data should be transmitted or stored again. Checksums cannot detect all errors, and they cannot be used to correct erroneous data. U.S. Pat. No. 4,849,978 discloses the use of a checksum to recreate memory data. In a system having xe2x80x9cnxe2x80x9d memory units, an additional memory unit is added to serve as a backup. The backup data stored in the backup memory unit consists of the checksum of all data stored in all other memory units such that a word at address x in the backup unit is the checksum of all words at address x of all other memory units.
U.S. Pat. No. 5,974,574 discloses using a checksum to verify the credibility of a database. The method disclosed includes forming a position sensitive checksum for each entry of the database to be used in the check. The checksums are then formed into a first database checksum. Periodically, the checksums are again created from each of the entries, and a second database checksum formed and compared to the first. A match indicates that the checked entries of the database have not changed. In another embodiment, the checksum value for a modified entry, and for the entry before the modification are compared with the first checksum value, and that result compared with the master checksum to ensure that the modification was properly made and that database remains credible.
U.S. Pat. No. 5,613,002 discloses using a checksum to verify a reconstructed database. The invention of the ""002 is directed toward an improved method of xe2x80x9cgeneric disinfectionxe2x80x9d. By generic disinfection is meant the use of a small amount of information about each host program in a database, and the use of that information to reconstruct the original program. Specifically, the ""002 patent discloses a method of recording certain information about a computer program, and for using that information to reconstruct the program in the event that it subsequently becomes infected with any of a very broad class of viruses. The method includes constructing a database with entries for each program to be protected. It further includes a fast trial-and-error method for constructing the original uninfected host based on cyclical redundancy checks (CRCs), or a broader class of linear modular-arithmetic mappings. The method is founded on the observation that, for virtually every known virus, the infected host contains no more than two contiguous blocks of code taken from the original uninfected host (and possibly reversed in order). Prior to the infection, a xe2x80x9cchecksumxe2x80x9d (a many-to-one bit mapping of the bytes comprising the uninfected host to a small number of bits or bytes) is computed. In addition, information pertaining to bytes near the beginning and end of the host is computed (designated Begin Tag and End Tag, respectively). Furthermore, the length of the host is determined. The checksum, Begin Tag, End Tag and filelength are recorded in a database containing one or more such entries, one for each host. The ""002 patent uses the checksum, Begin Tag, End Tag and filelength to reconstruct the original host if it is subsequently determined that the program has changed in a suspicious manner. The ""002 patent begins with an infected host and does not address detection of the infection.
U.S. Pat. No. 5,649,089 discloses, for a redundant, mirror database, using a checksum to assure that the standby database mirrors the active database. The disclosure deals with the real time tracking of change to a data base within a data communication system and more particularly to the maintenance of a redundant database in such systems. The active database includes a plurality of records each of which is subject to modifications from time to time. Those modifications must be communicated to and copied or mirrored in the standby database. In order to achieve the redundant controller system, a central processor modifies a record which includes a record checksum and incorporates the record checksum for the active data base. The active controller communicates the record, including the record checksum, and record number to the standby controller for incorporation into the standby database and concurrently constructs a virtual checksum. The virtual checksum is the checksum the active controller expects the standby database to have after the incorporation of the record being communicated. In this fashion, the active controller may continue making record modifications as required, reflected in the active checksum, and provide record updates, in a compatible timescale, to the standby data base, and yet retain the ability to compare, periodically the standby checksum to the virtual checksum, thus insuring that the standby data base mirrors the active data base.
What is needed beyond the prior art is a simplified extension to using CRCs to determine what has been changed in a database.
The invention which meets the needs identified above is a method for determining what records have been added, deleted or changed in a database utilizing primary keys and CRCs to make the determination. A first snapshot is taken of a record, the record retrieved, converted into characters, if necessary, and concatenated to produce a long string. A CRC code is calculated for the string. The CRC and the primary key for the record are stored. The CRC is compared with a subsequent CRC for a second snapshot of the record and a corresponding primary key. Comparing the two primary keys and the two CRCs allows determination of whether the record has been deleted, added or changed. If the first and second primary keys do not match, or if the first and second primary keys match and the CRCs do not match, the record is processed according to the particular application to be applied. The process is repeated for all records in the database.