US 11,799,951 B1
Preventing data spillage in multi-tenant services via request and response containerization with provenance checks
Raghvendra Maloo, Sammamish, WA (US); Vivek Roy, Vancouver (CA); and Mohammad Reza Tajvidi, Vancouver (CA)
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC, Redmond, WA (US)
Filed by MICROSOFT TECHNOLOGY LICENSING, LLC, Redmond, WA (US)
Filed on Jun. 14, 2022, as Appl. No. 17/840,088.
Int. Cl. H04L 67/1014 (2022.01); H04L 67/63 (2022.01); H04L 67/51 (2022.01); G06F 9/50 (2006.01)
CPC H04L 67/1014 (2013.01) [G06F 9/5027 (2013.01); H04L 67/51 (2022.05); H04L 67/63 (2022.05)] 20 Claims
OG exemplary drawing
 
9. A non-transitory computer-readable storage medium having computer-executable instructions stored thereupon which, when executed by a processing device, cause the processing device to:
receive a request;
extract an identifier from the request;
initialize a read-only property of a request container with the identifier;
create a response container that is associated with the request container;
invoke a data access application program interface (API) with the identifier stored in the read-only property of the request container;
receive raw user data from the data access API;
store the raw user data in the response container;
generate a response that includes the raw user data stored in the response container; and
transmit the response.