Abstract: A server system provided according to an aspect of the present disclosure provides a shared connection pool to parallel execution entities accessing database instances of a distributed database when processing requests. A shared connection pool implies that each pool connection of the connection pool may be used for serving different execution entities requiring access to different database instances. In an embodiment, the database instances correspond to shards together implementing a distributed database, and the parallel execution entities correspond to threads.

Abstract: Techniques described herein improve database security by reducing network attack surface area in conjunction with deep input validation. In an embodiment, a database session receives one or more network packets sent via a network, the database session including a database session state that specifies one or more database privileges. The database session reads said one or more network packets into one or more request-packet-buffers, wherein said one or more request-packet-buffers include an RPC op code for a database operation. Based on the one or more database privileges associated with the user associated with the database session, the database session determines whether the RPC op code may be executed. In response to determining that the RPC op code may be executed by said database session, the RPC op code is executed. In response to determining that the op code may not be executed by said database session, the execution of the RPC op code is prevented.

Abstract: A server system provided according to an aspect of the present disclosure provides a shared connection pool to parallel execution entities accessing database instances of a distributed database when processing requests. A shared connection pool implies that each pool connection of the connection pool may be used for serving different execution entities requiring access to different database instances. In an embodiment, the database instances correspond to shards together implementing a distributed database, and the parallel execution entities correspond to threads.

Abstract: Techniques described herein improve database security by reducing network attack surface area in conjunction with deep input validation. In an embodiment, a database session receives one or more network packets sent via a network, the database session including a database session state that specifies one or more database privileges. The database session reads said one or more network packets into one or more request-packet-buffers, wherein said one or more request-packet-buffers include an RPC op code for a database operation. Based on the one or more database privileges associated with the user associated with the database session, the database session determines whether the RPC op code may be executed. In response to determining that the RPC op code may be executed by said database session, the RPC op code is executed. In response to determining that the op code may not be executed by said database session, the execution of the RPC op code is prevented.