Databases, such as IBM's IMS (Information Management System), are well known in the art. (IMS is a trademark of International Business Machines Corporation in the United States, other countries, or both.) IMS is a hierarchical database management system (HDBMS) with wide spread usage in many large enterprises where high transaction volume, reliability, availability and scalability are of the utmost importance. IMS provides software and interfaces for running the businesses of many of the world's largest corporations.
A large DBMS, such as IMS, is highly scalable and in some enterprise environments may accommodate thousands, or even tens of thousands, of users connected to the system at any given point in time. Furthermore, the information and data managed by the DBMS may be highly sensitive data, critical to the operation of the enterprise as well as critical to the individual users of the DBMS system. Travel reservation systems, inventory control, and online banking systems are some typical examples. Therefore, it is essential that such a DBMS incorporate safeguards whereby each user of the DBMS system is authorized to make various DBMS requests.
Other aspects of a large DBMS include highly reliable operation, such as 24/7 availability, and very fast response time. Even relatively small delays in response time, magnified by thousands of users, are highly detrimental to enterprise productivity. Therefore, the authorization process discussed supra must not significantly delay a user's request to update or retrieve information. To this end, a large DBMS may retain security information for each active user in cache memory for ready access when the need arises. This enhances performance by eliminating I/O processing that would otherwise be required to obtain the necessary security information required to perform the authorization checking.
Therefore, caching user security information (hereinafter referred to as a cached user security profile) is known in the art and is a valuable technique for enhancing DBMS performance by eliminating I/O processing to obtain user security information when performing authorization checking for the user. However, this presents a significant problem in those unusual situations where the integrity of the cached user security profiles is questionable and a global refresh of all cached user security profiles must occur. The obligation to support 24/7 precludes the ability to shut the DBMS down, even for a few minutes, to refresh each of the possibly tens of thousands of cached user security profiles from permanent storage. Yet, to allow access to the DBMS during the global refresh would greatly compromise the integrity of the system since cached user security information of questionable validity may be used during the authorization processing.
Accordingly, there is a great need to provide a global refresh of cached user security profile information without significantly impacting the availability or response time of the DBMS system while at the same time ensuring complete integrity of the DBMS authorization checking during a global refresh operation.