| CPC H04L 9/3213 (2013.01) [H04L 9/0643 (2013.01); H04L 9/0869 (2013.01)] | 12 Claims |
|
1. A method for monitoring requests in data clusters, comprising:
obtaining, by a security management module of a data cluster, a session registration request from a client;
in response to obtaining the session registration request:
generating an alphanumeric value;
converting current system time to coordinated universal time (UTC);
obtaining a static parameter associated with the client;
generating a token using the alphanumeric value, the UTC, and the static parameter, wherein the token is generated by applying the alphanumeric value, the UTC, and the static parameter to a cross-site request forgery (CSRF) algorithm;
generating session information and storing the session information in a database;
sending a session registration acknowledgement to the client, wherein the session registration acknowledgement comprises the token in the body of the session registration acknowledgement;
obtaining, after sending the session registration acknowledgement, a plurality of Transmission Control Protocol (TCP) requests from the client;
in response to obtaining each of the TCP requests:
making a first determination that no structural abnormalities were detected in the TCP request;
in response to the first determination:
making a second determination that the request is associated with a valid session identifier by comparing a request session identifier included in the TCP request and the session information included in the database;
in response to the second determination:
making a third determination that the request includes the token; and
in response to the third determination:
servicing the TCP request in the data cluster.
|