CN103118011B - The method protecting customer data in multi-tenant environment - Google Patents
The method protecting customer data in multi-tenant environment Download PDFInfo
- Publication number
- CN103118011B CN103118011B CN201310011059.6A CN201310011059A CN103118011B CN 103118011 B CN103118011 B CN 103118011B CN 201310011059 A CN201310011059 A CN 201310011059A CN 103118011 B CN103118011 B CN 103118011B
- Authority
- CN
- China
- Prior art keywords
- data
- user
- app
- encryption
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of method protecting customer data in multi-tenant environment, use the mode that high in the clouds encryption storage+terminal deciphering calculates;Data store on the server, but store in the way of encryption;Key is saved in user's hands;The process of data is at user terminal, and encryption and decryption carries out preventing penetration attack the most on the server.The method protecting customer data in the multi-tenant environment of the present invention, has and can improve the safety of customer data under multi-tenant environment, it is possible to meet the advantages such as use demand disclosed in part data confidentiality another part data simultaneously.
Description
Technical field
A kind of method that the present invention relates to protect customer data in multi-tenant environment.
Background technology
The cloud computing mode of rising in recent years has become as industrial quarters and the focus of academia concern.For storage resource, cloud computing carries out centralized management resource, and one or more clients can be with shared memory systems hardware and software.The approach of this shared hardware and software, can be with far below the independently purchased software and hardware of user at double, it is provided that storage service.Many tenants are that is multiple tenant shares an example, and the existing isolation of data of tenant has again shared, thus the problem solving data storage.Analyzing from framework aspect, it is exactly Multi-Tenant pattern that SaaS (SoftwareasaService, and software i.e. service) is different from the important difference of conventional art.
In traditional multi-tenant architecture (as shown in Figure 3), each tenant uses different virtual mappings or application program, accesses the data base isolated by physics or logical course, and data, during transmission, are encrypted by the way of HTTPS.In traditional multi-tenant architecture, many tenants are in the flow process accessed by APP (Application, application program) as shown in Figure 4.In traditional multi-tenant architecture, there are following three kinds of main schemes in many tenants on the data store.
1) self contained data base.This is the first scheme, one data base of i.e. one tenant, and the user data isolation level of this scheme is the highest, and safety is best, but cost is the highest.Its advantage is: provide independent data base for different tenants, contributes to simplifying the extension design of data model, meets the unique need of different tenant;If there is fault, recover data fairly simple.Its shortcoming is: increases the installation quantity of data base, brings the increase of maintenance cost and acquisition cost therewith.This scheme and traditional client, a sets of data, a set of deployment are similar, and difference is only that software unified plan is in operator there.If faced by is the tenant of the highest data isolation rank of needs such as bank, hospital, can select this pattern, improve the price rented.Relatively low if fixed a price, product walks route at a low price, and this scheme is typically unaffordable for operator.
2) shared data bank, isolated data framework.This is first scheme, and the most multiple or all tenants share Database (data base), but mono-Schema of a Tenant.Its advantage is: provides the isolation of a certain degree of logical data for the tenant that security requirement is higher, is not completely isolated;Each data base can support more tenant's quantity.Its shortcoming is: if there is fault, and data recover relatively difficult, because recovering data base will involve the data of other tenants;If needed across tenant's statistical data, there is certain difficulty.
3) shared data bank, shares data framework.This is that the third scheme, i.e. tenant share same Database, same Schema, but is distinguished the data of tenant in table by TenantID.This is the pattern that degree of share is the highest, isolation level is minimum.Its advantage is: safeguard and acquisition cost is minimum, it is allowed to tenant's quantity that each data base supports is most.Its shortcoming is: isolation level is minimum, and safety is minimum, needs to strengthen the exploitation amount to safety when designing and developing;Data backup and resume is the most difficult, needs by table backup-and-restore one by one.
The problem that the scheme of prior art mainly solves transmission safety at secure context, the storage of DB data is then ensured to integrity and the privacy of data with suitable isolation, but whole system yet suffers from following shortcoming: 1) be capable of identify that for APP and process, data in DB with stored in clear;2) many APP run at same station server, there is the possibility maliciously being permeated, stealing data;3) in the case of usemame/password is cracked, the data in DB can not only be checked, it is also possible to the data in amendment DB.
Under traditional many tenants pattern, user data is saved in data center DB, APP process for convenience, and its data preserved are not encrypted, and the most APP run at same station server, there is the possibility maliciously being permeated, stealing data;In the case of usemame/password is cracked, the data in DB not only can be gone beyond one's commission use, it is also possible to by unauthorized update.
Summary of the invention
The present invention is for avoiding weak point present in above-mentioned prior art, it is provided that the method protecting customer data in multi-tenant environment, to improve the safety of customer data under multi-tenant environment.
The invention provides the method protecting customer data in multi-tenant environment.
The method protecting customer data in multi-tenant environment, it uses the mode that high in the clouds encryption storage+terminal deciphering calculates;Data store on the server, but store in the way of encryption;Key is saved in user's hands;The process of data is at user terminal, and encryption and decryption carries out preventing penetration attack the most on the server.Key in user's hands preserves in the way of USB, can not derive;The method allowing user be manually entered password can also be used, password is protected.
The feature protecting the method for customer data in the multi-tenant environment of the present invention lies also in:
Tenant includes following step in the process accessed by APP:
A. user submits access request to APP;
User is authenticated by b.APP, and user is by after certification, and APP orients DB data base according to user profile;
C.APP does not processes data in service end, and server end only processes the unrelated part of data and this result passback user;APP is sent to subscription client the program being used for processing data, needs user data to be processed also issue subscription client in the way of encryption;
D. in the client of user, the user data received is decrypted by user, then calls the program obtained from server end, processes data;
E. the data-independent part result that the result of data will be sent by the client of user with server end, presents to user jointly;
F. in the client of user, Crypted password preserves with the form of usb;APP, in decrypting process, preferentially obtains the password of USB;
If g. user has amendment to data, being then encrypted in client, encrypted data sends server end, and is saved in user DB.
In described step b, if user is new user, then a new DB data base is opened up in application.
Compared with the prior art, the present invention has the beneficial effect that:
The method protecting customer data in the multi-tenant environment of the present invention; use server end preservation, the mode of client end encryption and decryption under multi-tenant environment; use asymmetric algorithm to meet safety and open demand simultaneously; improve the safety of customer data under multi-tenant environment; also part data confidentiality can be met, use demand disclosed in another part data.
The method protecting customer data in the multi-tenant environment of the present invention, has and can improve the safety of customer data under multi-tenant environment, it is possible to meet the advantages such as use demand disclosed in part data confidentiality another part data simultaneously.
Accompanying drawing explanation
Fig. 1 be the present invention multi-tenant environment in protect the multi-tenant data schematic diagram of method of customer data.
Fig. 2 be the present invention multi-tenant environment in protect the tenant of method of customer data by APP browsing process figure.
Fig. 3 is many tenants application model of the prior art.
Fig. 4 is that the tenant of the many tenants application model in Fig. 3 is by APP browsing process figure.
Below by way of detailed description of the invention, and the invention will be further described to combine accompanying drawing.
Detailed description of the invention
See Fig. 1, the method protecting customer data in multi-tenant environment, use the mode that high in the clouds encryption storage+terminal deciphering calculates;Data store on the server, but store in the way of encryption;Key is saved in user's hands;The process of data is at user terminal, and encryption and decryption carries out preventing penetration attack the most on the server.Key in user's hands preserves in the way of USB, can not derive;The method allowing user be manually entered password can also be used, password is protected.
As in figure 2 it is shown, tenant includes following step in the process accessed by APP:
A. user submits access request to APP;
User is authenticated by b.APP, and user is by after certification, and APP orients DB data base according to user profile;If user is new user, then a new DB data base is opened up in application;
C.APP does not processes data in service end, and server end only processes the unrelated part of data (such as frame part) and this result passback user;APP is sent to subscription client the program being used for processing data, needs user data to be processed (these data are encryptions) also issue subscription client in the way of encryption;Sendaisle uses traditional cipher mode, such as SSL mode;
D. in the client of user, the user data received is decrypted by user, then calls the program obtained from server end, processes data;
E. data-independent part (such as the frame part) result that the result of data will be sent by the client of user with server end, presents to user jointly;
F. in order to preferably ensure safety and the universality of cloud client, in the client of user, Crypted password suggestion preserves with the form of usb;APP, in decrypting process, preferentially obtains the password of USB;The method allowing user be manually entered password can also be used.The store method of password is an ingredient of native system, but is not the essential part of native system.
If g. user has amendment (including the amendment operations such as increase, deletion) to data, being then encrypted in client, encrypted data sends server end, and is saved in user DB.
The data of certain customers need to a certain degree to disclose, and as a example by Dropbox, the data of user are saved in server end, do not allow other people to revise, but allow other people to watch, or part data allow other people to watch, then need using rivest, shamir, adelman encryption.
When user's registration for the first time, user needs to generate a pair public-key cryptography (publickey) and private cipher key (privatekey), provides public-key cryptography to server end, and is preserved by server end, and user preserves private cipher key.User can mention the amendment to double secret key at any time.Owing to private key confidentiality is high, it is recommended that use usb to preserve, and be set to derive.
During user's data modification disclosed to needs, processing procedure is slightly changed, and uses public-key cryptography during deciphering, uses private cipher key during encryption.For need not disclosed data, then using the mode of public key encryption, during deciphering, using private cipher key.
Being authorized to the user watched, its flow process watching data is as follows: 1) user being authorized to watch submits access request to APP;2) after by certification and scope check, the object that APP accesses according to request, obtain the data that DB data base preserves;3) APP obtains data owner and is saved in the public-key cryptography of server end, and uses public-key cryptography to be decrypted data.The subscription client that data after deciphering are sent to be authorized to watch by server end presents to user.
Claims (2)
1. the method protecting customer data in multi-tenant environment, is characterized in that, uses the mode that high in the clouds encryption storage+terminal deciphering calculates;Data store on the server, but store in the way of encryption;Key is saved in user's hands;The process of data is at user terminal, and encryption and decryption carries out preventing penetration attack the most on the server;
Tenant includes following step in the process accessed by APP:
A. user submits access request to APP;
User is authenticated by b.APP, and user is by after certification, and APP orients DB data base according to user profile;
C.APP does not processes data in service end, and server end only processes the unrelated part of data and this result passback user;APP is sent to subscription client the program being used for processing data, needs user data to be processed also issue subscription client in the way of encryption;
D. in the client of user, the user data received is decrypted by user, then calls the program obtained from server end, processes data;
E. the data-independent part result that the result of data will be sent by the client of user with server end, presents to user jointly;
F. in the client of user, Crypted password preserves with the form of usb;APP, in decrypting process, preferentially obtains the password of USB;
If g. user has amendment to data, being then encrypted in client, encrypted data sends server end, and is saved in user DB;
During user's data modification disclosed to needs, during deciphering, use public-key cryptography, during encryption, use private cipher key;For need not disclosed data, then using the mode of public key encryption, during deciphering, using private cipher key;
Being authorized to the user watched, its flow process watching data is as follows: 1) user being authorized to watch submits access request to APP;2) after by certification and scope check, the object that APP accesses according to request, obtain the data that DB data base preserves;3) APP obtains data owner and is saved in the public-key cryptography of server end, and uses public-key cryptography to be decrypted data;The subscription client that data after deciphering are sent to be authorized to watch by server end presents to user.
The method protecting customer data in multi-tenant environment the most according to claim 1, is characterized in that, in described step b, if user is new user, then a new DB data base is opened up in application.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310011059.6A CN103118011B (en) | 2013-01-12 | 2013-01-12 | The method protecting customer data in multi-tenant environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310011059.6A CN103118011B (en) | 2013-01-12 | 2013-01-12 | The method protecting customer data in multi-tenant environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103118011A CN103118011A (en) | 2013-05-22 |
| CN103118011B true CN103118011B (en) | 2016-08-03 |
Family
ID=48416285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310011059.6A Active CN103118011B (en) | 2013-01-12 | 2013-01-12 | The method protecting customer data in multi-tenant environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103118011B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763355B (en) * | 2014-01-07 | 2017-02-01 | 天地融科技股份有限公司 | Cloud data uploading and access control method |
| CN105446828B (en) * | 2014-09-30 | 2019-05-31 | 北京金山云网络技术有限公司 | A kind of DB Backup, restoration methods, apparatus and system |
| CN113342827A (en) * | 2021-07-01 | 2021-09-03 | 广东电网有限责任公司 | Power grid data storage method, storage medium and system based on multi-tenant technology |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102467421A (en) * | 2010-11-19 | 2012-05-23 | 深圳市金蝶友商电子商务服务有限公司 | Tenant-data-based processing method and computer |
| CN102833346A (en) * | 2012-09-06 | 2012-12-19 | 上海海事大学 | Storage metadata based security protection system and method for cloud sensitive data |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2952778B1 (en) * | 2009-11-17 | 2011-12-23 | Thales Sa | SECURE DATA TRANSMISSION METHOD AND ENCRYPTION AND ENCRYPTION SYSTEM FOR SUCH TRANSMISSION |
-
2013
- 2013-01-12 CN CN201310011059.6A patent/CN103118011B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102467421A (en) * | 2010-11-19 | 2012-05-23 | 深圳市金蝶友商电子商务服务有限公司 | Tenant-data-based processing method and computer |
| CN102833346A (en) * | 2012-09-06 | 2012-12-19 | 上海海事大学 | Storage metadata based security protection system and method for cloud sensitive data |
Non-Patent Citations (1)
| Title |
|---|
| 云计算密钥管理框架研究;孙磊,戴紫珊,郭锦娣;《电信科学》;20100930(第9期);第71页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103118011A (en) | 2013-05-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6941146B2 (en) | Data security service | |
| CN103618728B (en) | A kind of encryption attribute method at more mechanism centers | |
| US9473467B2 (en) | Customer controlled data privacy protection in public cloud | |
| CN102685093B (en) | A kind of identity authorization system based on mobile terminal and method | |
| US10469253B2 (en) | Methods and apparatus for migrating keys | |
| US9020149B1 (en) | Protected storage for cryptographic materials | |
| TWI724555B (en) | Key management method, security chip, business server and information system | |
| CN104618096B (en) | Protect method, equipment and the TPM key administrative center of key authorization data | |
| CN108701094A (en) | The safely storage and distribution sensitive data in application based on cloud | |
| CN103561034A (en) | Secure file sharing system | |
| CN102724215A (en) | Method for storing user key safely and improving data security of cloud platform based on user login password | |
| CN106027503A (en) | Cloud storage data encryption method based on TPM | |
| US9954828B1 (en) | Protection of data stored in the cloud | |
| CN105407119A (en) | Cloud computing system and method thereof | |
| WO2016130406A3 (en) | Protecting sensitive data security | |
| CN101924739A (en) | Method for encrypting, storing and retrieving software certificate and private key | |
| Tajadod et al. | Microsoft and Amazon: A comparison of approaches to cloud security | |
| CN202455386U (en) | Safety system for cloud storage | |
| Vegesna | Investigations on Different Security Techniques for Data Protection in Cloud Computing using Cryptography Schemes | |
| CN107453880A (en) | A kind of cloud secure storage method of data and system | |
| CN103118011B (en) | The method protecting customer data in multi-tenant environment | |
| CN107181589B (en) | Bastion machine private key management method and device | |
| WO2016086787A1 (en) | Data security encryption method and device | |
| CN104184736B (en) | A kind of method and system realizing secure cloud and calculate | |
| CN106790145B (en) | A kind of cloud Data Hosting system and cloud Data Hosting method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200821 Address after: Room 1103, B1 / F, Hefei Innovation Industrial Park, 800 Wangjiang West Road, hi tech Zone, Hefei City, Anhui Province Patentee after: Anhui tengling Technology Co., Ltd Address before: 230088 building B1, building 11, animation and service outsourcing industry base, hi tech Zone, Anhui, Hefei Patentee before: Hefei Huayun Communication Technology Co.,Ltd. |