Pre-processing system for minimizing application-level denial-of-service in a multi-tenant system

Pre-processing system for minimizing application-level denial-of-service in a multi-tenant system

Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of "legitimate" behavior is defined for tenant applications or application classes, pr...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Holden Russell L, McGloin Mark, Mierswa Peter Otto, Curtis John Douglas, Pieczul Olgierd S
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of "legitimate" behavior is defined for tenant applications or application classes, preferably along with actions to be taken in the event a request to execute an application is anticipated to exceed defined workflow limits. A set of application profiles are generated. Typically, a profile comprises information, such as a request defined by one or more request variables, one or more "constraints," one or more "request mappings," and one or more "actions." A constraint is a maximum permitted workload for the application. A request mapping maps a request variable to the constraint, either directly or indirectly. The profile information defines how a request is mapped to a workload to determine whether the request is in policy or, if not, what action to take.