CROSS-TENANT DATA LEAKAGE ISOLATION
First Claim
1. A method for cross-tenant data leakage isolation in a multi-tenant database, comprising:
- monitoring, by a proxy device, traffic flows between a server executing at least one cloud-based application and the multi-tenant database, wherein the proxy device is connected between the server and the multi-tenant database;
capturing, by the proxy device, at least a response from the multi-tenant database, wherein the response includes returned data;
analyzing the response to determine if the returned data relates to a global-tenant table;
upon determining that the returned data relates to the global-tenant table, modifying the response to designate at least one tenant-specific table name that the returned data belongs to; and
sending the modified response to the server.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for cross-tenant data leakage isolation in a multi-tenant database are provided. The method includes monitoring, by a proxy device, traffic flows between a server executing at least one cloud-based application and the multi-tenant database, wherein the proxy device is connected between the server and the multi-tenant database; capturing, by the proxy device, at least a response from the multi-tenant database, wherein the response includes returned data; analyzing the response to determine if the returned data relates to a global-tenant table; upon determining that the returned data relates to the global-tenant table, modifying the response to designate at least one tenant-specific table name that the returned data belongs to; and sending the modified response to the server.
8 Citations
19 Claims
-
1. A method for cross-tenant data leakage isolation in a multi-tenant database, comprising:
-
monitoring, by a proxy device, traffic flows between a server executing at least one cloud-based application and the multi-tenant database, wherein the proxy device is connected between the server and the multi-tenant database; capturing, by the proxy device, at least a response from the multi-tenant database, wherein the response includes returned data; analyzing the response to determine if the returned data relates to a global-tenant table; upon determining that the returned data relates to the global-tenant table, modifying the response to designate at least one tenant-specific table name that the returned data belongs to; and sending the modified response to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory computer readable medium having stored thereon instructions for causing one or more processing units to execute a process for cross-tenant data leakage isolation in a multi-tenant database, the process comprising:
-
monitoring, by a proxy device, traffic flows between a server executing at least one cloud-based application and the multi-tenant database, wherein the proxy device is connected between the server and the multi-tenant database; capturing, by the proxy device, at least a response from the multi-tenant database, wherein the response including returned data; analyzing the response to determine if the returned data relates to a global-tenant table; upon determining that the returned data relates to the global-tenant table, modifying the response to designate at least one tenant-specific table name that the returned data belongs to; and sending the modified response to the server.
-
-
11. A proxy device for cross-tenant data leakage isolation in a multi-tenant database, the proxy device is connected between a server executing a cloud-based application and the multi-tenant database, comprising:
-
a processing circuitry; and a memory, the memory containing instructions that, when executed by the processing circuitry, configure the proxy device to; monitor, by a proxy device, traffic flows between a server executing at least one cloud-based application and the multi-tenant database, wherein the proxy device is connected between the server and the multi-tenant database; capture, by the proxy device, at least a response from the multi-tenant database, wherein the response including returned data; analyze the response to determine if the returned data relates to a global-tenant table; modify the response to designate at least one tenant-specific table name that the returned data belongs to, upon determining that the returned data relates to the global-tenant table; and send the modified response to the server. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
Specification