Efficiently isolating malicious data requests
First Claim
1. At a computer system including at least one processor and a memory, in a computer networking environment including a plurality of computing systems, a computer-implemented method for using smart routing to limit service denials, the method comprising:
- tracking, at a tracking module of a gateway node, a tally corresponding to each of a plurality tenants, each tally tracking a level of suspicion of the corresponding tenant'"'"'s use a plurality of server nodes serviced by the gateway node, including;
each time that a server of the plurality of server nodes goes down, updating the corresponding tally for each tenant that was requesting data from said server node when said server node went down, including updating a particular tally for a particular tenant at least one time in connection with a server node going down; and
each time that a server of the plurality of server nodes is determined to be overloaded, updating the corresponding tally for each tenant that was requesting data from said server node when said server node was determined to be overloaded, including updating the particular tally for the particular tenant at least one time in connection with a server node being overloaded;
receiving, at a receiving module of the gateway node, one or more data requests from the particular tenant, the one or more data requests requesting data for an indicated service provided by the plurality of server nodes; and
determining, at a route determining module of the gateway node, how to process the received one or more data requests from the particular tenant, including;
based at least on the particular tally for the particular tenant being within a first range, determining that the particular tenant is on a malicious list, and blocking the one or more data requests;
based at least on the particular tally for the particular tenant being within a second range, determining that the particular tenant is on a suspect list, and metering the one or more data requests; and
based at least on the particular tally for the particular tenant being within a third range, determining that the particular tenant is on a good list, and permitting the one or more data requests with a lowest available level of restriction.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments are directed to efficiently routing data requests from a plurality of tenants and to using smart routing to limit service denials. In an embodiment, a gateway node receives data requests from a tenant subscriber requesting data for an indicated service. The gateway node determines which server node the received data requests are to be routed to. The determination evaluates various criteria associated with the data request. The gateway node queries the determined server node to determine the health of the server nodes and receives a reply from the determined server node indicating the server node'"'"'s current operating status. The gateway node also, based on the determined server node'"'"'s reply, routes the received data requests to the determined server node, according to the evaluated criteria.
20 Citations
20 Claims
-
1. At a computer system including at least one processor and a memory, in a computer networking environment including a plurality of computing systems, a computer-implemented method for using smart routing to limit service denials, the method comprising:
-
tracking, at a tracking module of a gateway node, a tally corresponding to each of a plurality tenants, each tally tracking a level of suspicion of the corresponding tenant'"'"'s use a plurality of server nodes serviced by the gateway node, including; each time that a server of the plurality of server nodes goes down, updating the corresponding tally for each tenant that was requesting data from said server node when said server node went down, including updating a particular tally for a particular tenant at least one time in connection with a server node going down; and each time that a server of the plurality of server nodes is determined to be overloaded, updating the corresponding tally for each tenant that was requesting data from said server node when said server node was determined to be overloaded, including updating the particular tally for the particular tenant at least one time in connection with a server node being overloaded; receiving, at a receiving module of the gateway node, one or more data requests from the particular tenant, the one or more data requests requesting data for an indicated service provided by the plurality of server nodes; and determining, at a route determining module of the gateway node, how to process the received one or more data requests from the particular tenant, including; based at least on the particular tally for the particular tenant being within a first range, determining that the particular tenant is on a malicious list, and blocking the one or more data requests; based at least on the particular tally for the particular tenant being within a second range, determining that the particular tenant is on a suspect list, and metering the one or more data requests; and based at least on the particular tally for the particular tenant being within a third range, determining that the particular tenant is on a good list, and permitting the one or more data requests with a lowest available level of restriction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer program product comprising one or more hardware storage device having stored thereon computer-executable instructions that, when executed by one or more processors of a computing system, cause the computing system to use smart routing to limit service denials, including at least the following:
-
tracking, at a tracking module of a gateway node, a tally corresponding to each of a plurality tenants, each tally tracking a level of suspicion of the corresponding tenant'"'"'s use a plurality of server nodes serviced by the gateway node, including; each time that a server of the plurality of server nodes goes down, updating the corresponding tally for each tenant that was requesting data from said server node when said server node went down, including updating a particular tally for a particular tenant at least one time in connection with a server node going down; and each time that a server of the plurality of server nodes is determined to be overloaded, updating the corresponding tally for each tenant that was requesting data from said server node when said server node was determined to be overloaded, including updating the particular tally for the particular tenant at least one time in connection with a server node being overloaded; receiving, at a receiving module of the gateway node one or more data requests from the particular tenant, the one or more data requests requesting data for an indicated service provided by the plurality of server nodes; and determining, at a route determining module of the gateway node, how to process the received one or more data requests from the particular tenant, including; based at least on the particular tally for the particular tenant being within a first range, determining that the particular tenant is on a malicious list, and blocking the one or more data requests; based at least on the particular tally for the particular tenant being within a second range, determining that the particular tenant is on a suspect list, and metering the one or more data requests; and based at least on the particular tally for the particular tenant being within a third range, determining that the particular tenant is on a good list, and permitting the one or more data requests with a lowest available level of restriction. - View Dependent Claims (18)
-
-
19. A computer system comprising the following:
-
one or more processors; system memory; one or more computer-readable storage media having stored thereon computer-executable instructions that, when executed by the one or more processors, causes the computing system to use smart routing to limit service denials, including at least the following; tracking, at a tracking module of a gateway node, a tally corresponding to each of a plurality tenants, each tally tracking a level of suspicion of the corresponding tenant'"'"'s use a plurality of server nodes serviced by the gateway node, including; each time that a server of the plurality of server nodes goes down, updating the corresponding tally for each tenant that was requesting data from said server node when said server node went down, including updating a particular tally for a particular tenant at least one time in connection with a server node going down; and each time that a server of the plurality of server nodes is determined to be overloaded, updating the corresponding tally for each tenant that was requesting data from said server node when said server node was determined to be overloaded, including updating the particular tally for the particular tenant at least one time in connection with a server node being overloaded; receiving, at a receiving module of the gateway node, one or more data requests from the particular tenant, the one or more data requests requesting data for an indicated service provided by the plurality of server nodes; and determining, at a route determining module of the gateway node, how to process the received one or more data requests from the particular tenant, including; based at least on the particular tally for the particular tenant being within a first range, determining that the particular tenant is on a malicious list, and blocking the one or more data requests; based at least on the particular tally for the particular tenant being within a second range, determining that the particular tenant is on a suspect list, and metering the one or more data requests; and based at least on the particular tally for the particular tenant being within a third range, determining that the particular tenant is on a good list, and permitting the one or more data requests with a lowest available level of restriction. - View Dependent Claims (20)
-
Specification