Patent · US Active

Pre-processing system for minimizing application-level denial-of-service in a multi-tenant system

US9444838B2 · kind B2 · utility

2Cited by

6References

14Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Mark Alexander McGloin · Dublin, IE
John D. Curtis · Milford, US
Peter Otto Mierswa · Sterling, US
Russell L. Holden · Boxborough, US
Olgierd Stanislaw Pieczul · Dublin, IE

Key dates

Filing date	Jul 21, 2014
Grant date	Sep 13, 2016
Priority date	—
Expiry date	Aug 29, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/141
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for tenant applications or application classes, preferably along with actions to be taken in the event a request to execute an application is anticipated to exceed defined workflow limits. A set of application profiles are generated. Typically, a profile comprises information, such as a request defined by one or more request variables, one or more “constraints,” one or more “request mappings,” and one or more “actions.” A constraint is a maximum permitted workload for the application. A request mapping maps a request variable to the constraint, either directly or indirectly. The profile information defines how a request is mapped to a workload to determine whether the request is in policy or, if not, what action to take.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.