Firewalls for securing customer data in a multi-tenant environment
First Claim
1. A multi-tenant database system, comprising:
- a database system to store data for multiple tenants, wherein each of the tenants represents an organization having a respective organization identifier (ID);
an application server communicably coupled to the database system and to a network, the application server providing network access to the database system for a client system via the network; and
a firewall server communicably coupled between the application server and the client system, the firewall server operable to;
receive a client request for a page from the client system, the client request being associated with a user of the client system, the client request including a user ID corresponding to the user, an organization ID corresponding to one of the tenants, and a client IP address corresponding to the client system;
extract the user ID and the organization ID from the client request;
record the extracted user ID and the extracted organization ID;
forward the client request to the application server;
receive a response message from the application server, the response message including the page and a received user ID and a received organization ID added by the application server when responding to the client request;
compare the received user ID and the received organization ID included in the response message received from the application server with the recorded user ID and the recorded organization ID extracted from the client request, to determine whether the received user ID matches the recorded user ID and whether the received organization ID matches the recorded organization ID; and
when the received user ID matches the recorded user ID and the received organization ID matches the recorded organization ID;
remove the received user ID and the received organization ID from the response message; and
forward the response message to the client system.
0 Assignments
0 Petitions
Accused Products
Abstract
Network security is enhanced in a multi-tenant database network environment using a query plan detection module to continually poll the database system to locate and raise an alert for suspect query plans. Security also can be enhanced using a firewall system sitting between the application servers and the client systems that records user and organization information for each client request received, compares this with information included in a response from an application server, and verifies that the response is being sent to the appropriate user. Security also can be enhanced using a client-side firewall system with logic executing on the client system that verifies whether a response from an application server is being sent to the appropriate user system by comparing user and organization id information stored at the client with similar information in the response.
-
Citations
9 Claims
-
1. A multi-tenant database system, comprising:
-
a database system to store data for multiple tenants, wherein each of the tenants represents an organization having a respective organization identifier (ID); an application server communicably coupled to the database system and to a network, the application server providing network access to the database system for a client system via the network; and a firewall server communicably coupled between the application server and the client system, the firewall server operable to; receive a client request for a page from the client system, the client request being associated with a user of the client system, the client request including a user ID corresponding to the user, an organization ID corresponding to one of the tenants, and a client IP address corresponding to the client system; extract the user ID and the organization ID from the client request; record the extracted user ID and the extracted organization ID; forward the client request to the application server; receive a response message from the application server, the response message including the page and a received user ID and a received organization ID added by the application server when responding to the client request; compare the received user ID and the received organization ID included in the response message received from the application server with the recorded user ID and the recorded organization ID extracted from the client request, to determine whether the received user ID matches the recorded user ID and whether the received organization ID matches the recorded organization ID; and when the received user ID matches the recorded user ID and the received organization ID matches the recorded organization ID; remove the received user ID and the received organization ID from the response message; and forward the response message to the client system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification