Technical Field
This disclosure relates to secure communications and more particularly to protecting sensitive data in references to network resources.
Description of the Related Art
Providers of resources (e.g., web applications, websites, data, files, etc.) over a network (e.g., the Internet) typically use references (e.g., uniform resource locators (URLs) or uniform resource identifiers (URIs)) to identify and provide resources to various users. For example, a user may select a link on a web page that uses the reference www.host.com/resourceA to direct the browser to desired resource “resourceA” that is accessible via the host.com server. A reference may sometimes include sensitive information such as personal information (e.g., passwords or file names) and/or information about what resources a user is accessing (e.g., potentially embarrassing websites). Man-in-the-middle malicious attacks may utilize information in the references to extract customer data, for example. These attacks may read the data directly from the reference, use the reference information in replay attacks, and/or alter communications between the user and the content provider, for example.
These attacks may occur in multi-tenant database systems and system-wide solutions available to multiple tenants may be desired. Multi-tenant database systems allow users to access applications and/or data from a network source that, to the user, appears to be centralized, but might actually be distributed for backup, redundancy and/or performance reasons. An example of a multi-tenant system is a computing system that is accessible to multiple independent parties to provide those parties with application execution and/or data storage. Where there is an appearance of centralization, and network access, each subscribing party (e.g., a “tenant”) can access the system to perform application functions, including manipulating that tenant's data. Each tenant may provide content to multiple users (e.g., customers or employees) and safeguarding user data is typically important.
With a multi-tenant system, the tenants have the advantage that they need not install software, maintain backups, move data to laptops to provide portability, etc. Rather, each tenant user need only be able to access the multi-tenant system to operate the applications and access that tenant's data. One such system usable for customer relationship management is the multi-tenant system accessible to salesforce.com subscribers. With such systems, a user need only have access to a user system with network connectivity, such as a desktop computer with Internet access and a browser or other HTTP client, or other suitable Internet client.
Techniques to protect information in references to network resources are desired, in multi-tenant systems as well as various other types of systems.
This specification includes references to “one embodiment,” “some embodiments,” or “an embodiment.” The appearances of these phrases do not necessarily refer to the same embodiment. Particular features, structures, or characteristics may be combined in any suitable manner consistent with this disclosure.
Various units, circuits, or other components may be described or claimed as “configured to” perform a task or tasks. In such contexts, “configured to” is used to connote structure by indicating that the units/circuits/components include structure (e.g., circuitry) that performs the task or tasks during operation. As such, the unit/circuit/component can be said to be configured to perform the task even when the specified unit/circuit/component is not currently operational (e.g., is not on). The units/circuits/components used with the “configured to” language include hardware—for example, circuits, memory storing program instructions executable to implement the operation, etc. Reciting that a unit/circuit/component is “configured to” perform one or more tasks is expressly intended not to invoke 35 U.S.C. §112(f) for that unit/circuit/component.