Firewalls for securing customer data in a multi-tenant environment

Assignee

• Salesforce.com, Inc. · US

Inventors

• Eric Chan · Hayward, US
• Craig Weissman · San Francisco, US
• Paul Nakada · San Francisco, US
• Dave Moellenhoff · Orinda, US
• Todd McKinnon · San Francisco, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1441
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Network security is enhanced in a multi-tenant database network environment using a query plan detection module to continually poll the database system to locate and raise an alert for suspect query plans. Security also can be enhanced using a firewall system sitting between the application servers and the client systems that records user and organization information for each client request received, compares this with information included in a response from an application server, and verifies that the response is being sent to the appropriate user. Security also can be enhanced using a client-side firewall system with logic executing on the client system that verifies whether a response from an application server is being sent to the appropriate user system by comparing user and organization id information stored at the client with similar information in the response.