Restricted replication for protection of replicated databases
First Claim
1. An apparatus for providing protection for a plurality of data servers configured to provide data replication for a database, the apparatus comprising at least one processing circuit configured to:
- receive records indicating respective modifications performed on a first version of the database stored in a first data server of the plurality of data servers; and
for at least one of the records;
determine a first risk level of the modification indicated by the record based on a first set of factors indicated in a security profile and deviation of the first set of factors from one or more baselines for data transactions, the first set of factors being indicative of anomalous data access activity and including a plurality of factors selected from the group consisting of;
size of data transactions, frequency of data transactions, historical pattern of data transactions, and authentication metrics of a user initiating the data transaction, and combinations thereof;
perform the modification indicated by the record on a second version of the database, stored in a second data server of the plurality of data servers, in response to the first risk level being less than a first threshold level indicated in the security profile; and
prevent the modification indicated by the record from being performed on the second version of the database in response to the first risk level being greater than or equal to the first threshold level.
5 Assignments
0 Petitions
Accused Products
Abstract
Apparatuses and methods are disclosed for protection of data servers configured for data replication of a database. An example apparatus includes a processing circuit configured to receive records indicating respective modifications performed on a first version of the database stored in a first data server of the plurality of data servers. The processing circuit determines a risk level of a modification indicated by a record based on a set of factors indicated in a security profile, the set of factors being indicative of anomalous data access activity. The processing circuit performs the modification in a second data server, in response to the risk level being less than a threshold level indicated in the security profile. The processing circuit prevents the modification indicated by the record from being performed in the second data server in response to the risk level being greater than or equal to the threshold level.
-
Citations
20 Claims
-
1. An apparatus for providing protection for a plurality of data servers configured to provide data replication for a database, the apparatus comprising at least one processing circuit configured to:
-
receive records indicating respective modifications performed on a first version of the database stored in a first data server of the plurality of data servers; and for at least one of the records; determine a first risk level of the modification indicated by the record based on a first set of factors indicated in a security profile and deviation of the first set of factors from one or more baselines for data transactions, the first set of factors being indicative of anomalous data access activity and including a plurality of factors selected from the group consisting of;
size of data transactions, frequency of data transactions, historical pattern of data transactions, and authentication metrics of a user initiating the data transaction, and combinations thereof;perform the modification indicated by the record on a second version of the database, stored in a second data server of the plurality of data servers, in response to the first risk level being less than a first threshold level indicated in the security profile; and prevent the modification indicated by the record from being performed on the second version of the database in response to the first risk level being greater than or equal to the first threshold level. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for providing protection for a plurality of data servers configured to provide data replication for a database, the method comprising using at least one processing circuit communicatively coupled to the plurality of data servers:
-
receiving records indicating respective modifications performed on a first version of the database stored in a first data server of the plurality of data servers; and for at least one of the records; determining a first risk level of the modification indicated by the record based on a first set of factors indicated in a security profile, the first set of factors being indicative of anomalous data access activity; performing the modification indicated by the record on a second version of the database, stored in a second data server of the plurality of data servers, in response to the first risk level being less than a first threshold level indicated in the security profile; and preventing the modification indicated by the record from being performed on the second version of the database in response to the first risk level being greater than or equal to the first threshold level. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification