US 11,921,856 B1
Restricted replication for protection of replicated databases
Mehdi Salour, Campbell, CA (US); and Raghu Rengarajan, Campbell, CA (US)
Assigned to 8x8, Inc., Campbell, CA (US)
Filed by 8x8, Inc., Campbell, CA (US)
Filed on Sep. 1, 2021, as Appl. No. 17/464,131.
Application 17/464,131 is a continuation of application No. 16/057,297, filed on Aug. 7, 2018, granted, now 11,120,132, issued on Sep. 14, 2021.
Application 16/057,297 is a continuation of application No. 14/936,365, filed on Nov. 9, 2015, granted, now 10,043,026, issued on Aug. 7, 2018.
Int. Cl. G06F 21/56 (2013.01); G06F 11/14 (2006.01); G06F 16/182 (2019.01); G06F 21/55 (2013.01); H04L 9/40 (2022.01); H04L 67/306 (2022.01)
CPC G06F 21/566 (2013.01) [G06F 11/1458 (2013.01); G06F 16/1844 (2019.01); G06F 21/55 (2013.01); G06F 21/554 (2013.01); G06F 21/56 (2013.01); G06F 21/568 (2013.01); H04L 63/1425 (2013.01); H04L 67/306 (2013.01); G06F 11/1461 (2013.01); G06F 2201/84 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A computing system communicatively coupled to a plurality of data servers including a first data server to store a first version of a database and a second data server to store a second version of the database, the computing system comprising:
at least one processing circuit for detecting and/or preventing a data destructive attack by:
receiving indication of a deviation of a set of factors relative to a baseline which represents an expected level and/or type of data transaction, the set of factors being associated with a data transaction request (“the requested data transaction”), to be performed by the first data server, including a modification with respect to a first version of a database stored in the first data server and further being associated with relatively anomalous data access activity with respect to the baseline, wherein the set of factors includes a plurality of factors from among a group including: size of data transactions, frequency of data transactions, historical pattern of data transactions, authentication metrics of a user initiating the data transaction, and whether the requested data transaction matches a predetermined profile, wherein the anomalous data access activity includes an indication of possible malicious activity,
determining a risk level of the data transaction request based on the deviation of the set of factors, wherein the risk level is based on a set of criteria which is to be adjusted based on data provided via a user interface configured to facilitate communications of an alert from the at least one processing circuit to an authorized user and communications by the authorized user for adjusting the set of criteria,
performing the modification indicated by a record on the second version of the database in response to the risk level being less than a threshold level indicated in a security profile, and
preventing the modification indicated by the record from being performed on the second version of the database in response to the risk level being greater than or equal to the threshold level.