12,299,163 - Method and computer program product for detecting and preventing successful attacks at endpoints in a validation architecture system
Abstract:Actions are performed on data in databases of a multi-node system. Each node includes an indicia engine and each node has access to a respectively associated database. Each of the databases has a first subset of data that match each other and which are kept in synchronization with each other. At least one of the databases has a second subset of data that intentionally does not match a subset of data in at least one of the other databases and which is not kept in synchronization with the at least one of the other databases. In operation, each node receives a plurality of matching requests to perform an action on data in the database associated with each node. The indicia engine at each node computes, for each of the matching requests, indicia of results of the action performed on data in the database associated with each node. The indicia computed at each node for each of the matching requests is sent to a comparator and the comparator outputs a result of a comparison of the indicia for each of the matching requests. A first follow-up action is performed when the result of the comparison shows a match. The match indicates that the action was performed only on the first subset of data in the database associated with each node that match each other and which are kept in synchronization with each other. A second follow-up action is performed when the result of the comparison shows a mismatch. The mismatch indicates that the action was performed at least in part on the second subset of data in the database associated with one of the nodes that intentionally does not match a subset of data in at least one of the other databases and which is not kept in synchronization with the at least one of the other databases.