System and method for providing for secure network communication in a multi-tenant environment

Assignee

• Oracle International Corporation · US

Inventors

• Vadim Makhervaks · Austin, US
• Richard P. Mousseau · Stratham, US
• Bjørn Dag Johnsen · Oslo, NO
• Sumanta Chatterjee · Fremont, US
• Avneesh Pant · Fremont, US
• Jean De Lavarene · Versailles, FR
• Kant C. Patel · Fremont, US
• Bhaskar Mathur · Bengaluru, IN
• Feroz Alam Khan · Bengaluru, IN
• Sudeep Reguna · Bengaluru, IN

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A security solution provides secure communication in a multi-tenant environment which includes a connection-based fabric, storage cells holding data associated with different tenants, database servers which provide a plurality of database services using said data, application servers hosting database service consumers. The fabric is configured into partitions isolating the storage cells from the database service consumers. The application servers securely associate unique database service consumer identities with each database service consumer and all communications with the database servers. The database servers reject all communications from the application servers which do not include an identity and use an access control list to control access from the database service consumers to the database services using address resolution access control, connection establishment access control, and data exchange access control based on said access control list. DoS attack prevention can also be performed based on consumer identities included in packets.