IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 9888010 B1

PDFFull Text
Date of Patent:
Feb. 06, 2018

Filed:

Jun. 28, 2017

System and method for providing an integrated firewall for secure network communication in a multi-tenant environment

Applicant:

Oracle International Corporation, Redwood Shores, CA (US);

Inventors:

Vadim Makhervaks, Bellevue, WA (US);

Richard Mousseau, Stratham, NH (US);

Bjørn Dag Johnsen, Oslo, NO;

Sumanta Chatterjee, Fremont, CA (US);

Avneesh Pant, Redwood City, CA (US);

Jean De Lavarene, Versailles, FR;

Kant C. Patel, Fremont, CA (US);

Bhaskar Mathur, Bangalore, IN;

Feroz Alam Khan, Bangalore, IN;

Sudeep Vatsanath Reguna, Bangalore, IN;

Assignee:

ORACLE INTERNATIONAL CORPORATION, Redwood Shores, CA (US);

Attorney:

Tucker Ellis LLP

Primary Examiner:

Beemnet Dada

Assistant Examiner:

Stephen Gundry

Int. Cl.
CPC ...
H04L 29/06 (2006.01);
U.S. Cl.
CPC ...
H04L 63/101 (2013.01); H04L 63/0236 (2013.01); H04L 63/0254 (2013.01); H04L 63/1458 (2013.01); H04L 63/20 (2013.01);
Abstract

An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list. The integrated firewall enables direct connection of database servers and application servers via an InfiniBand network providing without requiring a separate intermediary firewall appliance or security node.

Find Patent Forward Citations

Loading…