CN102117310B - 多租户数据库系统 - Google Patents
多租户数据库系统 Download PDFInfo
- Publication number
- CN102117310B CN102117310B CN201010572116.4A CN201010572116A CN102117310B CN 102117310 B CN102117310 B CN 102117310B CN 201010572116 A CN201010572116 A CN 201010572116A CN 102117310 B CN102117310 B CN 102117310B
- Authority
- CN
- China
- Prior art keywords
- user
- server
- organizational information
- client
- tenant
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2457—Query processing with adaptation to user needs
- G06F16/24575—Query processing with adaptation to user needs using context
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computational Linguistics (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Storage Device Security (AREA)
Abstract
提供了一种多租户数据库系统。利用查询计划检测模块不断轮询数据库系统,以找出可疑查询计划并发出警报,提高了在多租户数据库网络环境下的网络安全。利用位于应用服务器与客户机系统之间的防火墙系统,其记录关于所接收的各客户机请求的用户和组织信息,比较该信息与包括在来自应用服务器的响应中的信息,并验证该响应被发送给适当的用户,也能提高安全。利用带有在客户机系统上执行的逻辑的客户机侧防火墙系统,通过比较存储在客户机处的用户和组织ID信息与响应中的类似信息,客户机侧防火墙系统验证来自应用服务器的响应被发送给适当的用户系统,也能提高安全。
Description
本申请是申请日为2006年11月30日、申请号为200680051776.X、发明名称为“用于在多租户环境中保护客户数据的系统和方法”的发明专利申请的分案申请。
本专利文档公开的一部分包括受到版权保护的材料。任何人按照出现在专利商标局的专利文件或记录中的形式对本专利文档或专利公开进行复制,版权所有人没有异议,否则,无论如何都保留所有版权。
本申请要求以在2005年12月2日提交的、美国临时申请序号为No.60/741995、题为“用于在多租户环境中保护客户数据的系统和方法”的申请为优先权,该申请公开的内容在此以引用方式全部并入本文。
技术领域
本发明一般地涉及在数据库网络系统中保护数据,更具体,涉及在多租户数据库网络系统中保护数据。
背景技术
在现代数据库系统中,一个或更多的客户可以共享数据库系统硬件和软件的不同组分。与各客户如果必须购买用于自身的硬件和软件的情况相比,这种共享硬件和软件的途径使得能以远为更低的成本提供与数据库相关的服务。在这种系统中,高度期望保证:客户数据保持安全,而且在组织中只有适当用户才能看见以及进行更新。
数据安全以物理安全开始,包括入侵检测和物理访问控制。在网络层,除了适当通过HTTP协议之外,通常使用工业标准网络防火墙来阻塞对数据中心内所有机器的访问。此外,也可以从数据中心外部对网络进行扫描,以确信网络防火墙正在阻塞所有未经授权的访问。虽然如此,仍然有用的是,提供另外的或者可选择的安全系统和方法,作为针对可能导致将错误页面或数据返回给用户的应用软件、系统及网络软件、和/或系统及网络硬件中的可能错误或缺陷的防御。
因此,期望提供系统和方法,以保证共享的硬件和软件基础结构中的任何错误或缺陷都不会导致将极其重要的客户数据交付给错误的用户。
发明内容
本发明提供用于在多租户数据库网络环境中提高系统及网络安全的系统和方法。这些系统和方法采用一种或多种技术,诸如:识别可疑查询计划;比较包括在查询中的用户和组织信息与包括在来自应用服务器的响应中的用户和组织信息,以验证响应确实发送给适当的用户;以及,通过比较存储在客户机处的用户和组织ID信息与响应中的类似信息,验证来自应用服务器的响应是否确实发送给适当的用户系统。采用这些技术中的一种或多种,可以使实施方式能在多租户环境下保护客户数据。
如在此使用的那样,在说明书中,术语多租户数据库系统指那些系统,其中数据库系统的硬件和软件的不同组分可以由一个或更多客户共享。例如,给定的应用服务器可以同时为许多客户处理请求;以及,给定的数据库表格可以为潜在的更大量的客户存储行。如在此使用的那样,在说明书中,术语查询计划指用于在数据库系统中访问信息的一组步骤。
根据一种实施方式并作为示例,查询计划检测模块轮询数据库系统,以判断任何查询计划是否为可疑查询计划,如果是则发出警报。可疑查询计划包括在多租户数据库系统中应该从不出现的那些查询计划,以及应该只在少数识别过的情况下出现的查询计划,举例来说,诸如读取多个分区的结合(join)以及散列结合(hash join)。因为在多租户数据库中各组织的数据可以被存储在单个物理数据库分区中,由用户发起的在多个分区中访问数据的任何查询都可以被视为是可疑查询计划。类似地,在使用大表格以跨越多个租户存储数据的情况下,读取表格中全部或大部分数据行的任何查询计划也都可以被视为是可疑的。为了简洁在此未列举的其他可疑查询计划也都在实施方式的设想之中。此外,取代或者除发出警报之外,实施方式还可以执行其他动作,诸如不带限制地废除可疑查询计划、延迟查询计划的执行、记录审核消息等。实施方式还可以判断特殊可疑查询计划是否为查询计划例外类的成员,如果是则可以允许执行该查询计划而不发出警报。
根据另一实施方式,服务器侧防火墙系统包括位于应用服务器与客户机系统之间的一个或多个防火墙服务器的堆叠。防火墙服务器记录关于所接收的各客户机请求的用户和组织信息,并比较该信息与包括在来自应用服务器的响应中的用户和组织信息,以验证响应确实发送给适当的用户。根据另一实施方式,客户机侧防火墙系统包括在客户机系统上执行的逻辑,该逻辑通过比较存储在客户机处的用户和组织ID信息与响应中的类似信息,验证来自应用服务器的响应是否确实发送给适当的用户系统。客户机侧防火墙对检测网络硬件和/或软件消息传送中的错误是有用的。
客户机和服务器防火墙的实施方式可以基于类似的原理:跟踪正在请求页面的用户和组织,然后保证返回给用户的页面正是实际想要提供给那个用户。在实施方式中,这些途径可以提供针对应用软件、系统软件或硬件中可能导致将错误页面返回给用户的错误或缺点的防御。
在示例客户机侧防火墙实施方式中,使用用户和组织的唯一ID(例如,在用户散列cookie中)来跟踪正在请求页面的用户。服务器防火墙利用对话ID(SID)(其分配给为鉴定过的用户直接建立的各对话)对此进行跟踪。因为SID是潜在敏感信息,可能并不希望在每个页面上返回,本实施方式中的应用服务器在被返回页面的超文本标志语言(HTML)中直接插进用户散列、以及在超文本传送协议(HTTP)标题中直接插入SID。服务器防火墙扫描各页面标题中的SID,然后在将页面返回给客户机之前除去SID。然而,在一方面,在通过客户机防火墙确认的场合,在HTML中保留用户散列。
服务器防火墙实施方式可以具有的优点在于:为每个请求运行服务器防火墙,而客户机防火墙只为支持实现防火墙的逻辑平台(例如,Java、JavaScript、ActiveX等)的客户机运行。然而,客户机防火墙实施方式可以具有的优点在于:客户机防火墙可以捕获在服务器防火墙与客户机防火墙之间网络层中的错误,这种错误用服务器防火墙则捕获不到。
本发明提供一种多租户数据库系统,包括:数据库系统,为多个租户存储数据;应用服务器,与所述数据库系统和网络可通信地耦合,所述应用服务器为至少一个客户机系统提供对所述数据库系统的网络访问;以及至少一个防火墙服务器,可通信地耦合在所述应用服务器与所述至少一个客户机系统之间。所述至少一个防火墙服务器可操作以:接收客户机请求;从所述客户机请求中提取用户和组织信息;转发所述客户机请求给所述应用服务器;以及比较包括在从所述应用服务器接收到的响应消息中的用户和组织信息与从所述客户机请求中提取出的用户和组织信息。
参考说明书的其余部分,包括附图和权利要求,将会了解本发明的其他特点和优点。下面,参照附图详细说明本发明进一步的特点和优点、以及本发明的不同实施方式的结构和操作。在附图中,相同的标号说明相同或功能类似的部分。
附图说明
下面参照附图描述根据本发明的不同实施方式,其中:
图1图示其中可以使用多租户数据库系统的环境;
图2更具体地图示图1的组元和各种互连;
图3图示根据一种实施方式的数据库查询计划检测系统200的结构;
图4图示根据一种实施方式的服务器侧防火墙系统300的结构;以及
图5图示根据本发明一种实施方式的客户机防火墙处理。
具体实施方式
根据本发明的实施方式提供了在多租户数据库网络环境中保护客户数据的系统和方法。特别地,这些系统和方法帮助确保:在多租户数据库网络系统的共享软件和硬件结构中可能出现的任何错误或缺陷,都不会导致页面或数据分送给错误的用户。在某些方面,这些系统和方法分析查询计划、并检测应该从不出现、或者只在少数明确定义的环境中出现的某些查询计划。此外,根据某些实施方式的服务器侧防火墙系统和方法,保证发送给用户的数据和页面的安全不会受到服务器侧的基础结构问题的影响。在某些方面,提供客户机侧防火墙系统和方法,用于保证发送给用户的数据和页面的安全不会受到网络层基础结构问题的影响。
安全概述
应用级的安全可以概念化为包括三个主要方面:鉴别、授权和审核。鉴别机制通常要求注册进入服务的各用户输入他们的密码。可以将此密码与存储在例如数据库中的密码进行核对,以验证用户身份。一旦验证之后,为此用户创建对话,并将对话ID(SID)分配给该对话,SID可以包括诸如用户ID、组织ID、客户机IP地址、以及过期时间等信息。此外,可以对SID进行加密,以避免恶意黑客改变其内容。
SID通常作为超文本传输协议(HTTP)cookie返回给用户,用于利用浏览器的客户机访问;或者作为串数据字段返回给用户,用于借助应用程序设计接口(API)的客户机访问。在各后续请求中,客户机返回包含该SID的这种cookie或数据字段。当处理请求时,应用服务器首先读取SID、解密SID,以验证SID未被篡改,以及,验证该SID未过期并且该用户还被授权从专用IP地址访问系统。对于在SID被设置为过期之前(例如,15分钟)发生在窗口内的任何请求,应用服务器可以通过以更迟的过期时间创建新SID来“延长对话的寿命”。
一旦应用知道用户的身份以及用户所属的组织(来自例如上述SID机制),授权机制通常包括基于用户简档对不同特征和功能的实施适当访问的应用。应用还基于为该组织配置的任何数据共享准则实施适当的数据行访问。
审核机制通常包括这样的应用,例如,基于来自SID的用户ID和组织ID,记录用户注册日期时间以及他们在系统上执行的动作。该信息可以用于各种审核行为。
下面,参照示例的实施方式,在一个或更多的鉴别、授权和审核方面,说明用于对应用安全提供改进的机制和方法。
系统概述
图1图示一种其中可以使用多租户数据库系统的环境。如图1(以及图2中更为详细)所示,用户系统12可以经由网络14与多租户数据库系统(MTS)16相互作用。这些用户系统12的用户可以是处于不同能力的用户,而特定用户系统12的能力可以由关于当前用户的许可(许可等级)完全确定。例如,在销售人员使用特定用户系统12与MTS 16相互作用的情况下,用户系统具有分配给该销售人员的能力。然而,当管理人员使用该用户系统与MTS 16相互作用时,该用户系统具有分配给该管理人员的能力。在具有层次角色模型的系统中,处于一种许可等级的用户,可以具有对可由更低许可等级用户访问的应用、数据和数据库信息的访问,但不能具有对可由处于更高许可等级的用户访问的某些应用、数据库信息和数据的访问。因此,对于访问和修改应用及数据库信息而言,不同的用户具有不同的能力,这取决于用户安全或许可等级。
网络14可以是LAN(局域网)、WAN(广域网)、无线网、点对点网、星型网、令牌环形网、集线器网或其他适当的结构。作为目前使用的最通用类型的网络是TCP/IP(传输控制协议和网际协议)网络,诸如网络的全球互联网经常以字母“I”称为“因特网”,这将在本文的许多示例中使用。然而,应当理解,本发明可以使用的网络并不局限于此,尽管TCP/IP是目前首选的协议。
用户系统12可以使用TCP/IP与MTS 16通信,以及,在更高的网络层,使用其他通用网际协议进行通信,诸如HTTP、FTP、AFS、WAP等。在使用HTTP的示例中,用户系统12可以包括通常称为“浏览器”的HTTP客户机程序,用于向MTS 16处的HTTP服务器发送HTTP消息、以及接收来自MTS 16处的HTTP服务器的消息。这种HTTP服务器可以实现为MTS 16与网络14之间的唯一的网络接口,但也可以还使用其他技术或被取代。在有些实现中,MTS 16与网络14之间的接口包括负荷共享功能,诸如循环复用HTTP请求分配器,以便在多个服务器之间平衡负荷并均匀分配到来的HTTP请求。优选的是,多个服务器中的每一个都具有对MTS数据的访问,至少对访问该服务器的用户而言。
在一方面,图1中示出的系统实现了基于web的客户关系管理(CRM)系统。例如,在一方面,MTS 16包括应用服务器,配置用来实现并执行CRM软件应用,以及向和从用户系统12提供相关的数据、代码、表单、网页和其他信息;以及,用来将相关的数据、对象和网页内容存储至数据库系统,并且从数据库系统检索相关的数据、对象和网页内容。采用多租户系统,关于多个租户的数据可以存储在相同的物理数据库对象中,然而,通常将租户数据排列成使一个租户的数据与其他租户的数据保持逻辑上的独立,因而一个租户不能访问其他租户的数据,除非这种数据是明显共享的。在某些方面,系统16实现不同于或除CRM应用之外的应用。例如,系统16可以提供租户对多宿主(标准和定制)应用包括CRM应用的访问。
用于MTS 16的部件的一种排列示于图1中,包括:网络接口20;存储器22,用于租户数据;存储器24,用于系统数据,对于MTS 16和可能的多个租户来说可访问;程序代码26,用于实现MTS 16的各种功能;以及处理空间28,用于执行MTS系统处理和租户特定处理,诸如运行作为应用宿主服务一部分的应用。在MTS 16上可以执行的另外处理包括数据库索引处理。
示于图1系统中的几个部件包括在此无需详细说明的常规公知的部件。例如,各用户系统12可以包括桌面个人计算机、工作站、膝上型电脑、PDA、蜂窝电话、或者任何一种无线访问协议(WAP)使能设备、或者能够与因特网或其他网络连接直接或间接接口的任何其他计算设备。用户系统12通常运行HTTP客户机程序,例如浏览程序,诸如Microsoft’s Internet Explorerbrowser、Netscape’s Navigator browser、Opera’s browser、或在蜂窝电话、PDA或其他无线设备等情况下的WAP使能浏览器,允许用户系统12的用户(例如多租户数据库系统的订户)对其在网络14上从MTS 16能得到的信息、页面及应用进行访问、处理及查看。各用户系统12通常还包括一个或更多的用户接口装置,诸如键盘、鼠标、触摸屏、手写笔等,用来与显示器上(例如,监视器屏幕、LCD显示器等)由浏览器提供的图形用户接口(GUI)、连同由MTS 16或其他系统或服务器提供的页面、表单、应用和其他信息一起进行交互。例如,可以使用用户接口装置访问由MTS 16宿主的数据和应用,以及对所存储的数据执行搜索等等,或者,允许用户与可能呈现给用户的不同GUI页面进行交互。
如上所述,本发明适合于与因特网一起使用,因特网指网络的特定全球互联网。然而,应当理解,可以使用其他网络代替因特网,诸如内联网、外联网、虚拟个人网(VPN)、非基于TCP/IP的网络、以及LAN或WAN等。
根据一种实施方式,各用户系统12及其所有部件是操作者使用诸如浏览器的应用可配置的,这些应用包括使用诸如Intel Pentium处理器等的中央处理单元的计算机代码运行。类似地,MTS 16(以及不只存在一个情况下MTS的另外实例)和所有它们的部件,可以是操作者使用应用可配置的,应用包括使用诸如Intel Pentium处理器等、或多处理器单元的中央处理单元的计算机代码运行。用于操作和配置MTS 16以互通消息以及处理网页、应用和其他数据以及如这里所描述的媒体内容的计算机代码,优选地被下载并存储在硬盘上,不过,整个程序代码或其部分,也可以存储在任何其他如所公知的易失性存储器或非易失性存储器介质或装置中,例如ROM和RAM,或者提供在任何能够存储程序代码的介质上,诸如压缩光盘(CD)介质、数字通用光盘(DVD)介质、软盘等。另外,整个程序代码或其部分,可以例如在因特网上传输从软件源下载,或者从如公知的从其他服务器下载,或者如公知的使用任何通讯介质和协议(例如,TCP/IP、HTTP、HTTPS、以太网等)在如所公知的任何其他常规网络连接(例如,外联网、VPN、LAN等)上传输。同样值得赞许的是,用于实现本发明的方面的计算机代码可以实现为在客户机系统和/或服务器或服务器系统上可以执行的任何编程语言,例如,诸如:C、C++、HTML、任何其他标志语言、Java、JavaScript、ActiveX、任何其他脚本语言如VBScript、以及如公知的许多其他编程语言。
根据一种实施方式,各MTS 16被配置用于向用户(客户机)系统12提供网页、表单、应用、数据和媒体内容,以支持由作为MTS 16租户的用户系统12进行的访问。同样,MTS 16提供安全机制,以保持各租户数据隔离,除非该数据被共享。如果使用不只一个MTS,它们可以位置上彼此接近(例如,在位于单栋建筑物或校园内的服务器站),或者,它们可以分布于彼此遥远的位置(例如,一台或多台服务器位于城市A,而一台或多台服务器位于城市B)。在这里使用时,各MTS可以包括一台或多台逻辑上和/或物理上连接但局部分布或者跨越一个或更多地理位置的服务器。另外,术语“服务器”意思包括计算机系统,如本领域公知的,计算机系统包括处理硬件及处理空间、以及相关的存储系统和数据库应用(例如,OODBMS或RDBMS)。还应当理解,“服务器系统”和“服务器”在这里经常可互换使用。类似地,这里所描述的数据库可以实现为单数据库、分布式数据库、分布式数据库的集合、带有在线冗余或离线备份或其他冗余等的数据库,以及可以包括分布式数据库或存储网络以及相关的处理智能。
图2更具体地图示MTS 16的部件和各种互连。在本示例中,网络接口实现为一个或多个HTTP应用服务器100。还示出系统处理空间102,包括个别租户处理空间104、系统数据库106、租户数据库108、以及租户管理处理空间110。租户数据库108可以分成个别租户存储区112,其可以是物理排列或逻辑排列。在各租户存储区112内,可以为各用户类似地配给用户存储区114。例如,用户最近使用(MRU)项目的副本可以存储至用户存储区114。类似地,用于作为一个租户的整个组织的MRU项目的副本也可以存储至租户存储区112。
还应当理解,经由不同的网络连接,各应用服务器100能可通信地耦合至数据库系统,例如系统数据库106和租户数据库108。例如,服务器1001可以经由因特网连接,另一服务器100N-1可以经由直接网络链接耦合,而另一服务器100N则可以经由另外不同的网络连接进行耦合。传输控制协议和网际协议(TCP/IP)是用于服务器100与数据库系统之间通信的典型协议,然而,本领域技术人员易于理解,也可以使用其他传输协议,以根据所使用的网络互连来优化系统。
在某些方面,各应用服务器100配置成处理关于与作为一个租户的任何组织相关联的任何一个用户的请求。因为希望的是,能因任何原因在任何时间添加应用服务器到服务器组中或从服务器组中去除应用服务器,优选的是,对于用户和/或组织不存在任何对于特定的应用服务器100的服务器仿射性(affinity)。所以,在一种实施方式中,将实现负荷平衡功能(例如,F5Big-IP负荷平衡器)的接口系统(例如,参见图4)可通信地耦合在服务器100与用户系统12之间,以分配对服务器100的请求。在一方面,负荷平衡器使用最小连接算法将用户请求路由向服务器100。也可以使用负荷平衡算法的其他示例,诸如循环复用和观测响应时间。例如,在某些方面,来自同一用户的三个连续请求可能命中三个不同的服务器100,而来自不同用户的三个请求则可能命中同一服务器100。按照这种方式,MTS 16是多租户的,其中MTS 16处理跨越完全不同的用户和组织的不同对象、数据和应用的存贮以及对它们的访问。
作为存储的示例,一个租户可能是雇用了销售力量的公司,其中各销售人员使用MTS 16以管理他们的销售处理。因此,用户可能维持合同数据、订货至交货时间数据(leads data)、客户跟踪数据、性能数据、目标和进展数据等所有可应用于该用户的个人销售处理(例如,在租户数据库108中)。在优选的MTS安排中,由于要访问、查看、修改、报告、传输、计算等的所有该数据和应用,都可以借助于具有不比网络访问多任何内容的用户系统进行维持和访问,所以,用户从许多不同用户系统的任何一个都可以管理其销售成就和周转周期。例如,如果销售人员正在访问在其接待室里具有因特网入口的客户,销售人员在等待客户到达接待室的同时,可以获得关于此客户的关键更新。
尽管各用户的数据可以与其他用户的数据隔离而与各用户的雇主无关,但有些数据可以是由作为一个租户的给定组织的多个用户或所有用户共享或可访问的组织范围内的数据。因此,可能有一些数据结构由MTS 16进行管理,将其定位于租户级;同时,另外的数据结构则可以在用户级进行管理。因为MTS可以支持包括可能是竞争对手的多个租户,所以MTS应当具有安全协议,其保持数据、应用以及应用使用分离。此外,因为许多租户将选择对MTS进行访问,而不是维持它们自己的系统,所以,冗余、及时和备份是附加的重要功能,而且需要在MTS中实现。
除了用户特定数据和租户特定数据之外,MTS 16还能维持可以由多个租户或其他数据使用的系统级数据。这种系统级数据可以包括可在租户之中共享的工业报告、新闻、记录等。
在某些方面,客户机系统12与应用服务器100通信,以请求并更新来自MTS 16的系统级和租户级数据,这可能需要对数据库系统106和/或数据库系统108的一次或更多次查询。MTS 16(例如,MTS 16中的应用服务器100)自动生成设计以访问期望信息的一个或更多的SQL陈述(SQL查询)。数据库系统108可以生成从数据库中访问所请求数据的查询计划。
各数据库通常可以被视为对象的集合,诸如一组逻辑表格,包括符合预定类别的数据。“表格”是数据对象的一个代表,以及在此使用以简化根据本发明的对象和客户对象的概念性描述。应当理解“表格”和“对象”在这里可以互换使用。各表格通常包含一个或更多的数据类别,逻辑上排列成可视模式的列或字段。表格的各行或记录包含由字段定义的关于各类别的数据实例。例如,CRM数据库可以包括以关于诸如姓名、地址、电话号码、传真号码等基本合同信息的字段描述客户的表格。另一表格可以描述定购单,其包括关于诸如客户、产品、销售价格、日期等信息的字段。在有些多租户系统中,可以提供适合于所有租户使用的标准实体表格。对于CRM数据库应用而言,这样的标准实体可以包括用于帐目、合同、订货至交货时间和机会数据,各自包含预定义的字段。应当理解,“实体”在这里也可以与“对象”和“表格”互换使用。
在有些多租户数据库系统中,可以允许租户创建并存储定制对象,或者可以允许他们定制标准实体或对象,例如通过创建用于标准对象的客户字段,包括定制索引字段。2004年4月2日提交的名称为“Custom Entitiesand Fields In a Multi-Tenant Database System”美国专利申请系列号为No.10/817161专利申请讲授了用于在多租户数据库系统中创建定制对象以及定制标准对象的系统和方法,该申请以引用的方式在此并入本文。例如,在某些方面,所有的定制实体数据行存储在单一的多租户物理表格中,其可以包括每个组织的多个逻辑表格。对客户透明的是,他们的多个“表格”实际上存储在一个大表格中或者他们的数据可以与其他客户的数据存储在相同的表格中。
在多租户数据库系统中,所有客户可以共享运行系统的硬件和软件的不同组分。例如,给定的应用服务器可以同时处理关于数以百计客户的请求。以及,给定的数据库表格可以存储来自数以千计客户的行。在这种系统中,高度期望保证客户数据保持安全,并且只有组织中的适当用户可以看见以及进行更新。尽管可以实现常规的数据安全,诸如入侵检测和物理访问控制、以及工业标准网络防火墙,但仍然有用的是提供另外的或可选的安全系统和方法,作为针对可能导致将错误页面或数据返回给用户的应用软件、系统和网络软件和/或系统和网络硬件中的错误和缺陷的防范。
安全特征
图3图示根据一种实施方式的数据库查询计划检测系统200。在一方面,图3的数据库查询计划检测系统实现在图1的多租户数据库系统16中。如图所示,数据库查询计划检测系统200包括可与数据库系统220(例如,图2的系统数据库106和/或租户数据库108)通信地耦合的数据库查询计划检测模块210。数据库查询计划检测模块210执行定期查询数据库220以检索并分析查询计划的处理。在某些方面,数据库查询计划检测模块210实现在如图所示的独立装置诸如独立的服务器或计算机系统中,尽管其值得赞许,或者也可以将其实现在应用服务器100或数据库服务器中。
在典型的多租户数据库方案中,某些查询计划应该从不出现,而另外的查询计划只在少数鉴别过的环境中出现。这些可能包括读取多个分区的结合(join)和散列结合。例如,因为各组织的数据可以存储在单个物理数据库分区中,所以,由用户发起的访问多个分区中数据的任何查询都是可疑的。类似地,在使用大表格存储跨越多个租户的数据的情况下,读取表格中全部或者大部分数据行的任何查询计划也是可疑的。
在一方面,数据库查询计划检测模块执行独立于数据库运行的后台处理,并经常轮询关于正在使用数据库的查询计划的数据库,以查找任何非预期的或可疑的计划。如果它检测到任何不适当的或可疑的查询计划,在一方面,模块判断该可疑计划是否归入例外,例如执行系统整理任务的查询计划,如若不然,模块记录信息并发出适当警报。如果该计划归入例外,则可以允许其继续进行。在产品服务以及在开发和测试期间都运行此查询计划检测模块是有益的,以便检测可能导致由错误客户访问错误数据的任何代码或基础结构问题。
可疑的其他查询计划的实例,包括涉及全表格扫描、合并结合笛卡儿坐标(merge join Cartesian)或“分区散列全部(Partition Hash All)”查询或类似操作的任何一种计划。在“分区散列全部”查询执行步骤或类似情况下,数据库可能将整个分区读进存储器,并对其进行组织用于全面访问。这意味着查询将跨越物理分区进行扫描。执行任何全表格扫描的查询计划,可能是不包括组织过滤器的查询的象征。对于一个典型的多租户数据库方案而言,给定组织的行通常只是数据库表格的较低百分比。如果数据库正在执行“不使用索引”的全表格扫描,这表示查询很可能遗漏了组织ID过滤器。合并结合笛卡儿坐标是一种特定计划,其说明数据库(例如,由美国加利福尼亚州Redwood Shores市的Oracle公司提供的数据库)正在试图通过将来自两个表格的所有数据读进用于查询的存储器来优化查询,该查询将在该表格中访问高百分比的行。所有这些计划在少数情况下可能是有效的,因此,在一方面,它们将出现在“例外”清单中。
图4图示根据一种实施方式的服务器侧防火墙系统300。在一方面,图4的防火墙系统与图1的多租户数据库系统16一起实现。如图所示,防火墙系统300包括可与应用服务器100通信耦合的一个或多个防火墙服务器310。此处,出现了包括一个或多个负荷平衡服务器的负荷平衡系统305,防火墙服务器310位于负荷平衡系统305与应用服务器100之间。然而,应当理解,防火墙服务器310的功能也可以在负荷平衡系统305中或者在应用服务器100中实现。然而,优选的是,防火墙服务器功能与应用服务器分开,以及防火墙服务器在与应用服务器不同的硬件和软件平台上运行。这使得影响一个系统(例如应用服务器系统或者防火墙服务器系统)的任何基础结构问题更少可能影响另一个。类似地,希望的是,负荷平衡系统305在与防火墙服务器310不同的硬件和软件平台上运行。
在一方面,如图4所示,防火墙系统300包括与应用服务器100分开的一个或多个服务器310的堆叠,其呈现UI并执行事务逻辑。这些防火墙服务器310的目的是在负荷平衡系统305与应用服务器100之间(或者,在不存在任何负荷平衡功能的情况下,则是在网络14与应用服务器100之间)中继请求。对于它们中继的各请求,各防火墙服务器310执行以下步骤:
1)记录在从客户机12接收的请求中的SID(或者客户机散列);以及
2)将该请求转发给应用服务器100。
在某些方面,在负荷平衡器与防火墙服务器之间,它们可以是一对一、一对多、多对多的对应。也就是,一个负荷平衡服务器可以配置成寻址一个或多个特定防火墙服务器,或者它可以寻址任何防火墙服务器。类似地,在防火墙服务器与应用服务器之间,也可以是一对一、一对多、或者多对多对应。
当应用服务器100响应所接收到的客户机请求时,它通常为响应添加包含SID(或者带有用户ID或组织ID信息的客户机散列)的响应标题。防火墙服务器310接收该响应消息,提取SID(或者客户机散列),并比较在该响应中的SID(或者客户机散列)中的信息与由客户机最初发出的SID中的信息。如果它们不同,防火墙服务器就知道存在某种错误,并以错误代码响应于该客户机,而不是以错误页面响应于该客户机。它记录此错误并发出适当警报,例如,通过向系统管理员发送通知。如果信息匹配,则防火墙服务器310可以从页面体和/或从HTTP标题中除去SID,并将响应转发给请求的客户机。
图5图示根据一种实施方式的示例性客户机防火墙处理。在典型操作中,客户机系统通过向MTS 16发送注册请求发起对话,该请求由应用服务器100接收。在响应中,应用服务器发送注册响应返回给请求的客户机系统12。在一方面,该响应包括注册页面;当注册进入时,页面“frontdoor.jsp”总是用户命中的第一页。此页面运行(客户机上的)一个简单的注册脚本,以验证该客户机支持确认逻辑。这点是重要的,因为客户机防火墙依赖于客户机侧确认逻辑处理。在一方面,在JavaScript中实现确认逻辑,以及,注册脚本验证该客户机支持JavaScript。如果客户机不支持JavaScript(或者,在其中实现防火墙的任何客户机逻辑平台),应用程序仍能工作但不带防火墙。
在一方面,当用户注册进入时,“frontdoor.jsp”页面设置SID cookie。如果它是在SID过期之前(例如,15分钟)的窗口内请求的首页,服务中的任何其它页面可以设置SID cookie。当设置SID cookie时,也就设置称为“用户散列”的另一cookie。该cookie包含唯一地识别给定的用户和组织的字母数字串。
必须使用客户机逻辑(诸如JavaScript)而不是HTTP cookie标题,来设置SID和用户散列cookie。这使客户机防火墙逻辑能够在设置SID或用户散列cookie之前确认该页面确切打算供该客户机使用。如果使用标准的HTTP标题设置cookie,则浏览器将在客户机防火墙代码运行之前设置SID和用户散列cookie,而导致检查无用。
回到图5,在用户注册进入系统之后,可以向系统发出请求或查询。应用服务器100接收并处理该请求,并发送响应消息返回给请求的客户机。在一方面,对于发回给客户机的各页面,应用服务器100包括用户ID和组织ID的散列,其用于为之产生页面的用户和组织。它还将基于客户机的逻辑(例如,JavaScript)包括入每一页面。当被客户机接收到时,客户机逻辑执行并确认为之产生页面的用户ID和组织ID与做出最初请求的用户ID和组织ID是相同的。在一方面,此逻辑对存储在客户机(例如,在SID和/或用户散列cookie中)的用户ID及组织ID与随页面返回的ID进行比较。用于此客户机侧逻辑的JavaScript源代码的示例如下:
<script language=““JavaScript1.2”src=“/js/session.js”></script>
<script>
var hvch=needsClientHash(′sid_Client′,′0000000cBXH00000000062′,′65.118.120.94′,
′/servlet/servlet.ClientHashValidator?ResponseRequestedURL=%2F0033000000DCGGg′
);
</script>
下面提供用于功能“needsClientHash”和其他相关JavaScript功能的JavaScript源代码的示例:
function putClientHash(name,value,domain,path){
document.cookie=name+′=′+value+
((domain)?′;domain=′+domain:″)+
((path)?′;path=′+path:′;path=/′);
}
function getClientHash(name){
var dc=document.cookie;
var prefix=name+′=′;
var begin=dc.indexOf(′;′+prefix);
if(begin==-1){
begin=dc.indexOf(prefix);
if(begin!=0)return null;
}else{
Begin+=2;
}
var end=document.cookie.indexOf(′;′,begin);
if(end==-1){
end=dc.length;
}
return unescape(dc.substring(begin+prefix.length,end));
}
function needsClientHash(hashName,hashValue,clientSrc,nextPage){
var clientHash=getClientHash(hashName);
var needsClientHash=clientHash==haseValue;
if(!needsClientHash){
var currLoc=unescape(window.location.href);
var index=currLoc.indexOf(hash value,0);
needsClientHash=index>-1;
}
If(!needsClientHash){
window.location.href=nextPage+′&winLoc=′+window.location+′&c=′+
clientHash+′&s=′+hashValue+′&cs=′+clientSrc;
}
return needsClientHash;
}
与服务器防火墙的实施方式类似,如果客户机防火墙检测到页面被传送给错误的用户或组织,防火墙立即从应用程序中注销该用户,并发出适当的警报。
应当理解,客户机防火墙确认逻辑可以使用其他的客户机编程逻辑实现。例如,它可以使用Java或ActiveX cookie程序等。例如,如果实现成ActiveX插件程序,发送给客户机的各页面可以包括对ActiveX插件程序的调用,以执行确认逻辑。
尽管利用示例并根据特殊实施方式对本发明进行了说明,但应当理解本发明并不局限于所公开的实施方式。相反,打算覆盖对本领域技术人员而言显而易见的不同修改和类似装置。因此,所附权利要求的范围应当与最宽解释一致,以便包括所有这种修改和类似装置。
Claims (10)
1.一种多租户数据库系统,包括:
数据库系统,为多个租户存储数据;
应用服务器,与所述数据库系统和网络可通信地耦合,所述应用服务器为至少一个客户机系统提供对所述数据库系统的网络访问;以及
至少一个防火墙服务器,可通信地耦合在所述应用服务器与所述至少一个客户机系统之间,所述至少一个防火墙服务器可操作以:
鉴别所述多个租户其中一租户之身分;
接收来自鉴别过的租户之客户机请求;
从所述客户机请求中提取用户和组织信息;
转发所述客户机请求给所述应用服务器;
比较包括在从所述应用服务器接收到的响应消息中的用户和组织信息与从所述客户机请求中提取出的用户和组织信息;以及
当所接收的用户和组织信息与所提取的用户和组织信息匹配时,将包括所接收的用户和组织信息的对话ID(SID)从来自所述应用服务器的响应消息的标题中移除。
2.根据权利要求1所述的多租户数据库系统,其中,所述用户和组织信息包括在对话ID(SID)cookie和串数据字段的至少一个之中,以及其中,所述客户机请求和所述响应消息各自包括所述对话ID(SID)cookie和所述串数据字段中的至少一个。
3.根据权利要求1所述的多租户数据库系统,其中,所述防火墙服务器从包括作为所述响应消息一部分的页面体中除去所述用户和组织信息的部分,并将所述响应消息转发给所述客户机系统。
4.根据权利要求1所述的多租户数据库系统,其中,当所述响应中的所述用户和组织信息与所提取的用户和组织信息不匹配时,所述防火墙服务器发出警报。
5.根据权利要求1所述的多租户数据库系统,其中,当所述响应中的所述用户和组织信息与所提取的用户和组织信息不匹配时,所述防火墙服务器响应于所述客户机请求生成并发送错误代码。
6.根据权利要求1所述的多租户数据库系统,其中,当所述响应中的所述用户和组织信息与所提取的用户和组织信息不匹配时,所述防火墙服务器响应于所述客户机请求将所述客户机系统从所述应用服务器中注销。
7.根据权利要求1所述的多租户数据库系统,其中,当所述响应中的所述用户和组织信息与所提取的用户和组织信息不匹配时,所述防火墙服务器记录错误信息。
8.根据权利要求1所述的多租户数据库系统,其中,所述防火墙服务器使用所述用户和组织信息的唯一ID来跟踪请求页面的用户的身份。
9.根据权利要求1所述的多租户数据库系统,其中,所述防火墙服务器提取包括在所述响应消息中的所述用户和组织信息。
10.根据权利要求1所述的多租户数据库系统,其中,所述防火墙服务器从所述响应消息的HTML标题中提取所述用户和组织信息。
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US74199505P | 2005-12-02 | 2005-12-02 | |
US60/741,995 | 2005-12-02 | ||
US11/585,527 | 2006-10-23 | ||
US11/585,527 US8069153B2 (en) | 2005-12-02 | 2006-10-23 | Systems and methods for securing customer data in a multi-tenant environment |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200680051776.XA Division CN101336433B (zh) | 2005-12-02 | 2006-11-30 | 用于在多租户环境中保护客户数据的系统和方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102117310A CN102117310A (zh) | 2011-07-06 |
CN102117310B true CN102117310B (zh) | 2014-05-21 |
Family
ID=38092864
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200680051776.XA Active CN101336433B (zh) | 2005-12-02 | 2006-11-30 | 用于在多租户环境中保护客户数据的系统和方法 |
CN201010572116.4A Active CN102117310B (zh) | 2005-12-02 | 2006-11-30 | 多租户数据库系统 |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200680051776.XA Active CN101336433B (zh) | 2005-12-02 | 2006-11-30 | 用于在多租户环境中保护客户数据的系统和方法 |
Country Status (5)
Country | Link |
---|---|
US (4) | US8069153B2 (zh) |
EP (2) | EP3629210B1 (zh) |
JP (1) | JP5065287B2 (zh) |
CN (2) | CN101336433B (zh) |
WO (1) | WO2007064958A2 (zh) |
Families Citing this family (129)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7529728B2 (en) * | 2003-09-23 | 2009-05-05 | Salesforce.Com, Inc. | Query optimization in a multi-tenant database system |
US8543566B2 (en) | 2003-09-23 | 2013-09-24 | Salesforce.Com, Inc. | System and methods of improving a multi-tenant database query using contextual knowledge about non-homogeneously distributed tenant data |
US7779039B2 (en) | 2004-04-02 | 2010-08-17 | Salesforce.Com, Inc. | Custom entities and fields in a multi-tenant database system |
US7665063B1 (en) | 2004-05-26 | 2010-02-16 | Pegasystems, Inc. | Integration of declarative rule-based processing with procedural programming |
US8335704B2 (en) | 2005-01-28 | 2012-12-18 | Pegasystems Inc. | Methods and apparatus for work management and routing |
US7424431B2 (en) * | 2005-07-11 | 2008-09-09 | Stragent, Llc | System, method and computer program product for adding voice activation and voice control to a media player |
JP5395434B2 (ja) | 2005-09-09 | 2014-01-22 | セールスフォース ドット コム インコーポレイティッド | マルチテナントデータベース環境において、オンデマンドアプリケーションをエクスポートし、公表し、ブラウズし、インストールするためのシステムおよび方法 |
US8069153B2 (en) | 2005-12-02 | 2011-11-29 | Salesforce.Com, Inc. | Systems and methods for securing customer data in a multi-tenant environment |
US8924335B1 (en) | 2006-03-30 | 2014-12-30 | Pegasystems Inc. | Rule-based user interface conformance methods |
US8250525B2 (en) | 2007-03-02 | 2012-08-21 | Pegasystems Inc. | Proactive performance management for multi-user enterprise software systems |
US8095618B2 (en) * | 2007-03-30 | 2012-01-10 | Microsoft Corporation | In-memory caching of shared customizable multi-tenant data |
US8019812B2 (en) * | 2007-04-13 | 2011-09-13 | Microsoft Corporation | Extensible and programmable multi-tenant service architecture |
US20090025005A1 (en) * | 2007-07-20 | 2009-01-22 | Creighton University | Resource assignment system |
JP2009070015A (ja) * | 2007-09-12 | 2009-04-02 | Hitachi Electronics Service Co Ltd | アプリケーション利用サービス提供システム |
US8117242B1 (en) | 2008-01-18 | 2012-02-14 | Boadin Technology, LLC | System, method, and computer program product for performing a search in conjunction with use of an online application |
US8117225B1 (en) | 2008-01-18 | 2012-02-14 | Boadin Technology, LLC | Drill-down system, method, and computer program product for focusing a search |
US8645423B2 (en) * | 2008-05-02 | 2014-02-04 | Oracle International Corporation | Method of partitioning a database |
US9791993B2 (en) | 2008-05-08 | 2017-10-17 | Salesforce.Com, Inc | System, method and computer program product for creating a re-usable component utilizing a multi-tenant on-demand database service |
US20090282045A1 (en) * | 2008-05-09 | 2009-11-12 | Business Objects, S.A. | Apparatus and method for accessing data in a multi-tenant database according to a trust hierarchy |
US9361366B1 (en) | 2008-06-03 | 2016-06-07 | Salesforce.Com, Inc. | Method and system for controlling access to a multi-tenant database system using a virtual portal |
US8473518B1 (en) | 2008-07-03 | 2013-06-25 | Salesforce.Com, Inc. | Techniques for processing group membership data in a multi-tenant database system |
US8131458B1 (en) | 2008-08-22 | 2012-03-06 | Boadin Technology, LLC | System, method, and computer program product for instant messaging utilizing a vehicular assembly |
US8078397B1 (en) | 2008-08-22 | 2011-12-13 | Boadin Technology, LLC | System, method, and computer program product for social networking utilizing a vehicular assembly |
US8073590B1 (en) | 2008-08-22 | 2011-12-06 | Boadin Technology, LLC | System, method, and computer program product for utilizing a communication channel of a mobile device by a vehicular assembly |
US8190692B1 (en) | 2008-08-22 | 2012-05-29 | Boadin Technology, LLC | Location-based messaging system, method, and computer program product |
US8265862B1 (en) | 2008-08-22 | 2012-09-11 | Boadin Technology, LLC | System, method, and computer program product for communicating location-related information |
US8473469B1 (en) | 2008-08-25 | 2013-06-25 | Salesforce.Com, Inc. | Techniques for implementing batch processing in a multi-tenant on-demand database system |
US8407205B2 (en) * | 2008-09-11 | 2013-03-26 | Salesforce.Com, Inc. | Automating sharing data between users of a multi-tenant database service |
CN101777047A (zh) * | 2009-01-08 | 2010-07-14 | 国际商业机器公司 | 多租户环境下访问数据库的系统、设备和方法 |
US8296321B2 (en) | 2009-02-11 | 2012-10-23 | Salesforce.Com, Inc. | Techniques for changing perceivable stimuli associated with a user interface for an on-demand database service |
US8843435B1 (en) | 2009-03-12 | 2014-09-23 | Pegasystems Inc. | Techniques for dynamic data processing |
US8468492B1 (en) | 2009-03-30 | 2013-06-18 | Pegasystems, Inc. | System and method for creation and modification of software applications |
US20100286992A1 (en) * | 2009-05-08 | 2010-11-11 | Microsoft Corporation | Integration of Third-Party Business Applications with Hosted Multi-Tenant Business Software System |
BRPI1013062A2 (pt) | 2009-05-19 | 2016-04-05 | Security First Corp | sistemas e métodos para proteger dados na nuvem |
US8626729B2 (en) * | 2009-09-28 | 2014-01-07 | Oracle International Corporation | Database index monitoring system |
US10482425B2 (en) | 2009-09-29 | 2019-11-19 | Salesforce.Com, Inc. | Techniques for managing functionality changes of an on-demand database system |
US10229157B2 (en) | 2009-10-05 | 2019-03-12 | Salesforce.Com, Inc. | Implementing composite custom indices in a multi-tenant database |
GB2474300B (en) * | 2009-10-12 | 2012-05-30 | Hewlett Packard Development Co | Method and system for printing |
US8443366B1 (en) | 2009-12-11 | 2013-05-14 | Salesforce.Com, Inc. | Techniques for establishing a parallel processing framework for a multi-tenant on-demand database system |
US8776067B1 (en) | 2009-12-11 | 2014-07-08 | Salesforce.Com, Inc. | Techniques for utilizing computational resources in a multi-tenant on-demand database system |
US20110179025A1 (en) * | 2010-01-21 | 2011-07-21 | Kryptonite Systems Inc | Social and contextual searching for enterprise business applications |
US20110219050A1 (en) * | 2010-03-04 | 2011-09-08 | Kryptonite Systems, Inc. | Portability of personal and social information in a multi-tenant environment |
CN102200977B (zh) * | 2010-03-23 | 2014-10-29 | 国际商业机器公司 | 多租户环境下扩展数据库表的方法和系统 |
US8977675B2 (en) | 2010-03-26 | 2015-03-10 | Salesforce.Com, Inc. | Methods and systems for providing time and date specific software user interfaces |
US9189090B2 (en) * | 2010-03-26 | 2015-11-17 | Salesforce.Com, Inc. | Techniques for interpreting signals from computer input devices |
US8646048B2 (en) * | 2010-03-31 | 2014-02-04 | saleforce.com, inc | System, method and computer program product for authenticating and authorizing an external entity |
US20110246504A1 (en) * | 2010-04-01 | 2011-10-06 | Salesforce.Com, Inc. | System, method and computer program product for performing one or more actions based on a comparison of data associated with a client to one or more criteria |
US9189367B2 (en) * | 2010-04-20 | 2015-11-17 | Salesforce.Com, Inc. | Methods and systems for debugging bytecode in an on-demand service environment |
US9411907B2 (en) * | 2010-04-26 | 2016-08-09 | Salesforce.Com, Inc. | Method and system for performing searches in a multi-tenant database environment |
US8595181B2 (en) | 2010-05-03 | 2013-11-26 | Salesforce.Com, Inc. | Report preview caching techniques in a multi-tenant database |
US8977739B2 (en) | 2010-05-03 | 2015-03-10 | Salesforce.Com, Inc. | Configurable frame work for testing and analysis of client-side web browser page performance |
US8930327B2 (en) | 2010-05-04 | 2015-01-06 | Salesforce.Com, Inc. | Method and system for scrubbing information from heap dumps |
US8972431B2 (en) | 2010-05-06 | 2015-03-03 | Salesforce.Com, Inc. | Synonym supported searches |
US8549359B2 (en) | 2010-05-12 | 2013-10-01 | Salesforce.Com, Inc. | Method and system for identifying errors in code |
US9407603B2 (en) | 2010-06-25 | 2016-08-02 | Salesforce.Com, Inc. | Methods and systems for providing context-based outbound processing application firewalls |
US9350705B2 (en) * | 2010-06-25 | 2016-05-24 | Salesforce.Com, Inc. | Methods and systems for providing a token-based application firewall correlation |
US8819632B2 (en) | 2010-07-09 | 2014-08-26 | Salesforce.Com, Inc. | Techniques for distributing information in a computer network related to a software anomaly |
CN106452737A (zh) * | 2010-08-11 | 2017-02-22 | 安全第公司 | 用于安全多租户数据存储的系统和方法 |
CA2808124A1 (en) | 2010-08-12 | 2012-02-16 | Don Martin | Systems and methods for secure remote storage of data |
US9069901B2 (en) | 2010-08-19 | 2015-06-30 | Salesforce.Com, Inc. | Software and framework for reusable automated testing of computer software systems |
US8661084B1 (en) * | 2010-08-27 | 2014-02-25 | Okta, Inc. | Metadata based platform for accessing and managing multiple heterogeneous information services |
US8577915B2 (en) * | 2010-09-10 | 2013-11-05 | Veveo, Inc. | Method of and system for conducting personalized federated search and presentation of results therefrom |
US9015493B2 (en) | 2010-09-16 | 2015-04-21 | Microsoft Technology Licensing, Llc | Multitenant-aware protection service |
US8935427B2 (en) | 2010-09-23 | 2015-01-13 | Microsoft Corporation | Providing virtual networks using multi-tenant relays |
US8700906B2 (en) | 2011-01-14 | 2014-04-15 | Microsoft Corporation | Secure computing in multi-tenant data centers |
US8880487B1 (en) * | 2011-02-18 | 2014-11-04 | Pegasystems Inc. | Systems and methods for distributed rules processing |
US10666732B2 (en) * | 2011-03-21 | 2020-05-26 | Iplcontent, Llc | Systems and methods to provide digital amenities for local access |
EP4106301A1 (en) * | 2011-03-30 | 2022-12-21 | Amazon Technologies, Inc. | Frameworks and interfaces for offload device-based packet processing |
US8774213B2 (en) | 2011-03-30 | 2014-07-08 | Amazon Technologies, Inc. | Frameworks and interfaces for offload device-based packet processing |
US10324946B2 (en) * | 2011-06-23 | 2019-06-18 | Salesforce.Com Inc. | Methods and systems for caching data shared between organizations in a multi-tenant database system |
US8782762B2 (en) | 2011-08-17 | 2014-07-15 | International Business Machines Corporation | Building data security in a networked computing environment |
CN103036856A (zh) * | 2011-10-09 | 2013-04-10 | 镇江金软计算机科技有限责任公司 | 基于saas应用的多租户系统实现 |
US8819210B2 (en) | 2011-12-06 | 2014-08-26 | Sap Portals Israel Ltd | Multi-tenant infrastructure |
US10467058B2 (en) | 2011-12-20 | 2019-11-05 | Microsoft Technology Licensing, Llc | Sandboxing for multi-tenancy |
US8938444B2 (en) * | 2011-12-29 | 2015-01-20 | Teradata Us, Inc. | Techniques for external application-directed data partitioning in data exporting from a database management system |
US9195936B1 (en) | 2011-12-30 | 2015-11-24 | Pegasystems Inc. | System and method for updating or modifying an application without manual coding |
JP6098169B2 (ja) * | 2012-02-01 | 2017-03-22 | 株式会社リコー | 情報処理システム、情報処理装置、プログラム及び認証方法 |
CN104067258A (zh) * | 2012-04-26 | 2014-09-24 | 惠普发展公司,有限责任合伙企业 | 平台运行时间抽象 |
US10049131B2 (en) * | 2012-07-02 | 2018-08-14 | Salesforce.Com, Inc. | Computer implemented methods and apparatus for determining user access to custom metadata |
US9495403B2 (en) * | 2012-09-14 | 2016-11-15 | Salesforce.Com, Inc. | Method and system for cleaning data in a customer relationship management system |
US9875467B2 (en) * | 2012-10-05 | 2018-01-23 | Oracle International Corporation | Business intelligence report provider |
US8875166B2 (en) | 2012-11-08 | 2014-10-28 | Sharp Laboratories Of America, Inc. | Method and cloud security framework for implementing tenant license verification |
US20140222696A1 (en) * | 2013-02-07 | 2014-08-07 | Navia.Com, Llc | Peer to peer network for display of real estate information |
US10157228B2 (en) * | 2013-02-22 | 2018-12-18 | Mitel Networks Corporation | Communication system including a confidence level for a contact type and method of using same |
CN104077530A (zh) | 2013-03-27 | 2014-10-01 | 国际商业机器公司 | 用于评估数据访问语句的安全性的方法和装置 |
US9298521B1 (en) * | 2013-04-29 | 2016-03-29 | Seagate Technology Llc | Command sets and functions |
US9411973B2 (en) * | 2013-05-02 | 2016-08-09 | International Business Machines Corporation | Secure isolation of tenant resources in a multi-tenant storage system using a security gateway |
CN104348777B (zh) * | 2013-07-24 | 2019-04-09 | 腾讯科技(深圳)有限公司 | 一种移动终端对第三方服务器的访问控制方法及系统 |
US9471353B1 (en) * | 2014-03-21 | 2016-10-18 | Amazon Technologies, Inc. | Isolating tenants executing in multi-tenant software containers |
US9754122B1 (en) | 2014-03-21 | 2017-09-05 | Amazon Technologies, Inc. | Isolating tenants executing in multi-tenant software containers |
US9703611B1 (en) | 2014-03-21 | 2017-07-11 | Amazon Technologies, Inc. | Isolating resources for utilization by tenants executing in multi-tenant software containers |
WO2015163924A1 (en) | 2014-04-25 | 2015-10-29 | Hewlett-Packard Development Company, L.P. | Data management in a distributed computing environment |
US10296753B2 (en) * | 2014-08-26 | 2019-05-21 | Salesforce.Com, Inc. | Permission comparator |
US10469396B2 (en) | 2014-10-10 | 2019-11-05 | Pegasystems, Inc. | Event processing with enhanced throughput |
US9923965B2 (en) | 2015-06-05 | 2018-03-20 | International Business Machines Corporation | Storage mirroring over wide area network circuits with dynamic on-demand capacity |
US10177993B2 (en) | 2015-11-25 | 2019-01-08 | International Business Machines Corporation | Event-based data transfer scheduling using elastic network optimization criteria |
US10581680B2 (en) | 2015-11-25 | 2020-03-03 | International Business Machines Corporation | Dynamic configuration of network features |
US10216441B2 (en) | 2015-11-25 | 2019-02-26 | International Business Machines Corporation | Dynamic quality of service for storage I/O port allocation |
US9923784B2 (en) | 2015-11-25 | 2018-03-20 | International Business Machines Corporation | Data transfer using flexible dynamic elastic network service provider relationships |
US9923839B2 (en) | 2015-11-25 | 2018-03-20 | International Business Machines Corporation | Configuring resources to exploit elastic network capability |
US10057327B2 (en) | 2015-11-25 | 2018-08-21 | International Business Machines Corporation | Controlled transfer of data over an elastic network |
US10057273B1 (en) * | 2016-03-30 | 2018-08-21 | EMC IP Holding Company LLC | System and method for ensuring per tenant mutual exclusion of data and administrative entities with low latency and high scale |
US10698599B2 (en) | 2016-06-03 | 2020-06-30 | Pegasystems, Inc. | Connecting graphical shapes using gestures |
US10698647B2 (en) | 2016-07-11 | 2020-06-30 | Pegasystems Inc. | Selective sharing for collaborative application usage |
US10305861B2 (en) | 2016-08-29 | 2019-05-28 | Microsoft Technology Licensing, Llc. | Cross-tenant data leakage isolation |
US10841337B2 (en) | 2016-11-28 | 2020-11-17 | Secureworks Corp. | Computer implemented system and method, and computer program product for reversibly remediating a security risk |
JP6419143B2 (ja) * | 2016-12-20 | 2018-11-07 | 株式会社ミロク情報サービス | 共通プログラム、データベース管理装置、及びデータベース管理方法 |
US10558641B2 (en) | 2017-04-21 | 2020-02-11 | Microsoft Technology Licensing, Llc | Trigger system for databases using proxy |
US20190102841A1 (en) * | 2017-10-04 | 2019-04-04 | Servicenow, Inc. | Mapping engine configurations with task managed workflows and grid user interfaces |
US10735470B2 (en) | 2017-11-06 | 2020-08-04 | Secureworks Corp. | Systems and methods for sharing, distributing, or accessing security data and/or security applications, models, or analytics |
US10594713B2 (en) | 2017-11-10 | 2020-03-17 | Secureworks Corp. | Systems and methods for secure propagation of statistical models within threat intelligence communities |
US10671283B2 (en) * | 2018-01-31 | 2020-06-02 | Salesforce.Com, Inc. | Systems, methods, and apparatuses for implementing intelligently suggested keyboard shortcuts for web console applications |
US10785238B2 (en) | 2018-06-12 | 2020-09-22 | Secureworks Corp. | Systems and methods for threat discovery across distinct organizations |
US11003718B2 (en) | 2018-06-12 | 2021-05-11 | Secureworks Corp. | Systems and methods for enabling a global aggregated search, while allowing configurable client anonymity |
US11048488B2 (en) | 2018-08-14 | 2021-06-29 | Pegasystems, Inc. | Software code optimizer and method |
US20200177509A1 (en) * | 2018-12-04 | 2020-06-04 | Forcepoint Llc | System and method for anycast load balancing for distribution system |
US10922229B2 (en) | 2019-03-11 | 2021-02-16 | Microsoft Technology Licensing, Llc | In-memory normalization of cached objects to reduce cache memory footprint |
US11310268B2 (en) | 2019-05-06 | 2022-04-19 | Secureworks Corp. | Systems and methods using computer vision and machine learning for detection of malicious actions |
US11418524B2 (en) | 2019-05-07 | 2022-08-16 | SecureworksCorp. | Systems and methods of hierarchical behavior activity modeling and detection for systems-level security |
US11381589B2 (en) | 2019-10-11 | 2022-07-05 | Secureworks Corp. | Systems and methods for distributed extended common vulnerabilities and exposures data management |
US11522877B2 (en) | 2019-12-16 | 2022-12-06 | Secureworks Corp. | Systems and methods for identifying malicious actors or activities |
CN111752906B (zh) * | 2019-12-30 | 2023-12-05 | 北京沃东天骏信息技术有限公司 | 请求响应方法、装置和系统、计算机系统和可读存储介质 |
US11567945B1 (en) | 2020-08-27 | 2023-01-31 | Pegasystems Inc. | Customized digital content generation systems and methods |
US11588834B2 (en) | 2020-09-03 | 2023-02-21 | Secureworks Corp. | Systems and methods for identifying attack patterns or suspicious activity in client networks |
US11528294B2 (en) | 2021-02-18 | 2022-12-13 | SecureworksCorp. | Systems and methods for automated threat detection |
US12034751B2 (en) | 2021-10-01 | 2024-07-09 | Secureworks Corp. | Systems and methods for detecting malicious hands-on-keyboard activity via machine learning |
US12067414B2 (en) | 2021-11-04 | 2024-08-20 | International Business Machines Corporation | Data swap prevention in distributed computing environments based on mapping among global user identification, correlation identification and thread identification |
US12015623B2 (en) | 2022-06-24 | 2024-06-18 | Secureworks Corp. | Systems and methods for consensus driven threat intelligence |
KR20240121109A (ko) * | 2023-02-01 | 2024-08-08 | 리벨리온 주식회사 | 컨피덴셜 컴퓨팅 방법 및 시스템 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6088796A (en) * | 1998-08-06 | 2000-07-11 | Cianfrocca; Francis | Secure middleware and server control system for querying through a network firewall |
US20050065925A1 (en) * | 2003-09-23 | 2005-03-24 | Salesforce.Com, Inc. | Query optimization in a multi-tenant database system |
Family Cites Families (218)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5649104A (en) | 1993-03-19 | 1997-07-15 | Ncr Corporation | System for allowing user of any computer to draw image over that generated by the host computer and replicating the drawn image to other computers |
US5608872A (en) | 1993-03-19 | 1997-03-04 | Ncr Corporation | System for allowing all remote computers to perform annotation on an image and replicating the annotated image on the respective displays of other comuters |
US7991347B1 (en) | 1994-04-07 | 2011-08-02 | Data Innovation Llc | System and method for accessing set of digital data at a remote site |
US5577188A (en) | 1994-05-31 | 1996-11-19 | Future Labs, Inc. | Method to provide for virtual screen overlay |
US7181758B1 (en) | 1994-07-25 | 2007-02-20 | Data Innovation, L.L.C. | Information distribution and processing system |
US5546576A (en) * | 1995-02-17 | 1996-08-13 | International Business Machines Corporation | Query optimizer system that detects and prevents mutating table violations of database integrity in a query before execution plan generation |
GB2300991B (en) | 1995-05-15 | 1997-11-05 | Andrew Macgregor Ritchie | Serving signals to browsing clients |
US5715450A (en) | 1995-09-27 | 1998-02-03 | Siebel Systems, Inc. | Method of selecting and presenting data from a database using a query language to a user of a computer system |
US5831610A (en) | 1996-02-23 | 1998-11-03 | Netsuite Development L.P. | Designing networks |
US5821937A (en) | 1996-02-23 | 1998-10-13 | Netsuite Development, L.P. | Computer method for updating a network design |
US6604117B2 (en) | 1996-03-19 | 2003-08-05 | Siebel Systems, Inc. | Method of maintaining a network of partially replicated database system |
US5873096A (en) | 1997-10-08 | 1999-02-16 | Siebel Systems, Inc. | Method of maintaining a network of partially replicated database system |
US5822747A (en) * | 1996-08-23 | 1998-10-13 | Tandem Computers, Inc. | System and method for optimizing database queries |
US5875296A (en) * | 1997-01-28 | 1999-02-23 | International Business Machines Corporation | Distributed file system web server user authentication with cookies |
AU6654798A (en) | 1997-02-26 | 1998-09-18 | Siebel Systems, Inc. | Method of determining visibility to a remote database client of a plurality of database transactions using a networked proxy server |
WO1998038587A1 (en) | 1997-02-26 | 1998-09-03 | Siebel Systems, Inc. | Method of using a cache to determine the visibility to a remote database client of a plurality of database transactions |
AU6336698A (en) | 1997-02-26 | 1998-09-29 | Siebel Systems, Inc. | Distributed relational database |
WO1998038583A1 (en) | 1997-02-26 | 1998-09-03 | Siebel Systems, Inc. | Method of determining visibility to a remote database client of a plurality of database transactions having variable visibility strengths |
WO1998038586A1 (en) | 1997-02-26 | 1998-09-03 | Siebel Systems, Inc. | Method of determining the visibility to a remote databaseclient of a plurality of database transactions using simplified visibility rules |
AU6183798A (en) | 1997-02-27 | 1998-09-29 | Siebel Systems, Inc. | Method of migrating to a successive level of a software distribution incorporating local modifications |
WO1998040805A2 (en) | 1997-02-27 | 1998-09-17 | Siebel Systems, Inc. | Method of synchronizing independently distributed software and database schema |
AU6669198A (en) | 1997-02-28 | 1998-09-18 | Siebel Systems, Inc. | Partially replicated distributed database with multiple levels of remote clients |
US6226745B1 (en) * | 1997-03-21 | 2001-05-01 | Gio Wiederhold | Information sharing system and method with requester dependent sharing and security rules |
US6766454B1 (en) * | 1997-04-08 | 2004-07-20 | Visto Corporation | System and method for using an authentication applet to identify and authenticate a user in a computer network |
US6144638A (en) * | 1997-05-09 | 2000-11-07 | Bbn Corporation | Multi-tenant unit |
US6169534B1 (en) | 1997-06-26 | 2001-01-02 | Upshot.Com | Graphical user interface for customer information management |
US6560461B1 (en) | 1997-08-04 | 2003-05-06 | Mundi Fomukong | Authorized location reporting paging system |
US5918159A (en) | 1997-08-04 | 1999-06-29 | Fomukong; Mundi | Location reporting satellite paging system with optional blocking of location reporting |
US9197599B1 (en) * | 1997-09-26 | 2015-11-24 | Verizon Patent And Licensing Inc. | Integrated business system for web based telecommunications management |
US20020059095A1 (en) | 1998-02-26 | 2002-05-16 | Cook Rachael Linette | System and method for generating, capturing, and managing customer lead information over a computer network |
US6732111B2 (en) | 1998-03-03 | 2004-05-04 | Siebel Systems, Inc. | Method, apparatus, system, and program product for attaching files and other objects to a partially replicated database |
US6772229B1 (en) | 2000-11-13 | 2004-08-03 | Groupserve, Inc. | Centrifugal communication and collaboration method |
US6161149A (en) | 1998-03-13 | 2000-12-12 | Groupserve, Inc. | Centrifugal communication and collaboration method |
US5963953A (en) | 1998-03-30 | 1999-10-05 | Siebel Systems, Inc. | Method, and system for product configuration |
US6212524B1 (en) * | 1998-05-06 | 2001-04-03 | E.Piphany, Inc. | Method and apparatus for creating and populating a datamart |
US6289384B1 (en) * | 1998-06-05 | 2001-09-11 | I2 Technologies, Inc. | System and method for event notification through a firewall |
US6353818B1 (en) * | 1998-08-19 | 2002-03-05 | Ncr Corporation | Plan-per-tuple optimizing of database queries with user-defined functions |
WO2000013122A1 (en) | 1998-08-27 | 2000-03-09 | Upshot Corporation | A method and apparatus for network-based sales force management |
US6470453B1 (en) * | 1998-09-17 | 2002-10-22 | Cisco Technology, Inc. | Validating connections to a network system |
US6480850B1 (en) * | 1998-10-02 | 2002-11-12 | Ncr Corporation | System and method for managing data privacy in a database management system including a dependently connected privacy data mart |
US6587854B1 (en) * | 1998-10-05 | 2003-07-01 | Oracle Corporation | Virtually partitioning user data in a database system |
US7281003B2 (en) * | 1998-10-05 | 2007-10-09 | Oracle International Corporation | Database fine-grained access control |
US6813617B2 (en) * | 1998-10-05 | 2004-11-02 | Oracle International Corporation | Dynamic generation of optimizer hints |
US6728960B1 (en) | 1998-11-18 | 2004-04-27 | Siebel Systems, Inc. | Techniques for managing multiple threads in a browser environment |
US6393605B1 (en) | 1998-11-18 | 2002-05-21 | Siebel Systems, Inc. | Apparatus and system for efficient delivery and deployment of an application |
US6601087B1 (en) | 1998-11-18 | 2003-07-29 | Webex Communications, Inc. | Instant document sharing |
EP1163604A4 (en) | 1998-11-30 | 2002-01-09 | Siebel Systems Inc | ASSIGNMENT MANAGER |
AU2035600A (en) | 1998-11-30 | 2000-06-19 | Siebel Systems, Inc. | Development tool, method, and system for client server appications |
JP2002531899A (ja) | 1998-11-30 | 2002-09-24 | シーベル システムズ,インコーポレイティド | プロセス監視用の状態モデル |
EP1196882A1 (en) | 1998-11-30 | 2002-04-17 | Siebel Systems, Inc. | Smart scripting call centers |
US6438549B1 (en) * | 1998-12-03 | 2002-08-20 | International Business Machines Corporation | Method for storing sparse hierarchical data in a relational database |
US7356482B2 (en) | 1998-12-18 | 2008-04-08 | Alternative Systems, Inc. | Integrated change management unit |
US6513046B1 (en) * | 1999-12-15 | 2003-01-28 | Tangis Corporation | Storing and recalling information to augment human memories |
US6321238B1 (en) * | 1998-12-28 | 2001-11-20 | Oracle Corporation | Hybrid shared nothing/shared disk database system |
EP1157344B1 (en) * | 1999-02-26 | 2002-11-20 | America Online, Inc. | Proxy server augmenting a client request with user profile data |
US20020072951A1 (en) | 1999-03-03 | 2002-06-13 | Michael Lee | Marketing support database management method, system and program product |
US6574635B2 (en) | 1999-03-03 | 2003-06-03 | Siebel Systems, Inc. | Application instantiation based upon attributes and values stored in a meta data repository, including tiering of application layers objects and components |
US6446035B1 (en) * | 1999-05-05 | 2002-09-03 | Xerox Corporation | Finding groups of people based on linguistically analyzable content of resources accessed |
US8095413B1 (en) | 1999-05-07 | 2012-01-10 | VirtualAgility, Inc. | Processing management information |
US7698160B2 (en) | 1999-05-07 | 2010-04-13 | Virtualagility, Inc | System for performing collaborative tasks |
US6842758B1 (en) * | 1999-07-30 | 2005-01-11 | Computer Associates Think, Inc. | Modular method and system for performing database queries |
US6401125B1 (en) * | 1999-08-05 | 2002-06-04 | Nextpage, Inc. | System and method for maintaining state information between a web proxy server and its clients |
US6823384B1 (en) * | 1999-10-15 | 2004-11-23 | James Wilson | Methods and apparatus for securely collecting customer service agent data in a multi-tenant environment |
US6621834B1 (en) | 1999-11-05 | 2003-09-16 | Raindance Communications, Inc. | System and method for voice transmission over network protocols |
US6535909B1 (en) | 1999-11-18 | 2003-03-18 | Contigo Software, Inc. | System and method for record and playback of collaborative Web browsing session |
US6324568B1 (en) | 1999-11-30 | 2001-11-27 | Siebel Systems, Inc. | Method and system for distributing objects over a network |
US6324648B1 (en) * | 1999-12-14 | 2001-11-27 | Gte Service Corporation | Secure gateway having user identification and password authentication |
US6654032B1 (en) | 1999-12-23 | 2003-11-25 | Webex Communications, Inc. | Instant sharing of documents on a remote server |
DE20021691U1 (de) * | 2000-01-20 | 2001-04-12 | Lutz, Franz, 86657 Bissingen | Isolierglasscheibe mit integrierter Rolloeinrichtung |
CA2442592C (en) * | 2000-03-29 | 2009-12-22 | Transcept Opencell, Inc. | Operations and maintenance architecture for multiprotocol distributed system |
US7266502B2 (en) | 2000-03-31 | 2007-09-04 | Siebel Systems, Inc. | Feature centric release manager method and system |
US6721724B1 (en) * | 2000-03-31 | 2004-04-13 | Microsoft Corporation | Validating multiple execution plans for database queries |
US6336137B1 (en) | 2000-03-31 | 2002-01-01 | Siebel Systems, Inc. | Web client-server system and method for incompatible page markup and presentation languages |
US6732100B1 (en) * | 2000-03-31 | 2004-05-04 | Siebel Systems, Inc. | Database access method and system for user role defined access |
US6577726B1 (en) | 2000-03-31 | 2003-06-10 | Siebel Systems, Inc. | Computer telephony integration hotelling method and system |
US6820082B1 (en) * | 2000-04-03 | 2004-11-16 | Allegis Corporation | Rule based database security system and method |
US6434550B1 (en) | 2000-04-14 | 2002-08-13 | Rightnow Technologies, Inc. | Temporal updates of relevancy rating of retrieved information in an information search system |
US6842748B1 (en) | 2000-04-14 | 2005-01-11 | Rightnow Technologies, Inc. | Usage based strength between related information in an information retrieval system |
US7730072B2 (en) | 2000-04-14 | 2010-06-01 | Rightnow Technologies, Inc. | Automated adaptive classification system for knowledge networks |
US6665655B1 (en) | 2000-04-14 | 2003-12-16 | Rightnow Technologies, Inc. | Implicit rating of retrieved information in an information search system |
US7831616B2 (en) * | 2000-04-27 | 2010-11-09 | Webfeat, Inc. | Systems and methods for managing database authentication and sessions |
US7096219B1 (en) * | 2000-05-10 | 2006-08-22 | Teleran Technologies, Inc. | Method and apparatus for optimizing a data access customer service system |
US6678672B1 (en) * | 2000-05-31 | 2004-01-13 | Ncr Corporation | Efficient exception handling during access plan execution in an on-line analytic processing system |
US6763501B1 (en) | 2000-06-09 | 2004-07-13 | Webex Communications, Inc. | Remote document serving |
AU6771901A (en) * | 2000-07-05 | 2002-01-14 | Ernst And Young Llp | Method and apparatus for providing computer services |
US7047202B2 (en) * | 2000-07-13 | 2006-05-16 | Amit Jaipuria | Method and apparatus for optimizing networking potential using a secured system for an online community |
US20020059204A1 (en) * | 2000-07-28 | 2002-05-16 | Harris Larry R. | Distributed search system and method |
JP4356226B2 (ja) * | 2000-09-12 | 2009-11-04 | ソニー株式会社 | サーバ装置、配信システム、配信方法、及び端末装置 |
GB2367387A (en) * | 2000-09-27 | 2002-04-03 | Int Computers Ltd | Personal data protection |
KR100365357B1 (ko) | 2000-10-11 | 2002-12-18 | 엘지전자 주식회사 | 무선통신 단말기의 데이터 통신 방법 |
JP2002123548A (ja) * | 2000-10-12 | 2002-04-26 | Sony Corp | 情報提供システム、情報画像管理サーバ、クライアント、並びに情報画像管理プログラムを記録した記録媒体 |
US7080101B1 (en) * | 2000-12-01 | 2006-07-18 | Ncr Corp. | Method and apparatus for partitioning data for storage in a database |
JP2002183036A (ja) * | 2000-12-14 | 2002-06-28 | Isao:Kk | コミュニケーションシステム、コミュニケーション情報処理装置、情報端末装置、コミュニケーション方法、および、記録媒体 |
US20020107910A1 (en) * | 2001-02-02 | 2002-08-08 | Yan Zhao | Client/server two-way communication system framework under HTTP protocol |
US7581230B2 (en) | 2001-02-06 | 2009-08-25 | Siebel Systems, Inc. | Adaptive communication application programming interface |
USD454139S1 (en) | 2001-02-20 | 2002-03-05 | Rightnow Technologies | Display screen for a computer |
US7185364B2 (en) * | 2001-03-21 | 2007-02-27 | Oracle International Corporation | Access system interface |
US6757690B2 (en) * | 2001-03-26 | 2004-06-29 | International Business Machines Corporation | Method and system for monitoring and securing data access in a database system |
US6829655B1 (en) | 2001-03-28 | 2004-12-07 | Siebel Systems, Inc. | Method and system for server synchronization with a computing device via a companion device |
US7363388B2 (en) | 2001-03-28 | 2008-04-22 | Siebel Systems, Inc. | Method and system for direct server synchronization with a computing device |
US7174514B2 (en) | 2001-03-28 | 2007-02-06 | Siebel Systems, Inc. | Engine to present a user interface based on a logical structure, such as one for a customer relationship management system, across a web site |
JP4448623B2 (ja) * | 2001-03-29 | 2010-04-14 | セイコーエプソン株式会社 | デジタルコンテンツ提供システム,デジタルコンテンツ提供方法,サーバ装置及びデジタルコンテンツ提供プログラム |
US20030206192A1 (en) | 2001-03-31 | 2003-11-06 | Mingte Chen | Asynchronous message push to web browser |
US20030018705A1 (en) | 2001-03-31 | 2003-01-23 | Mingte Chen | Media-independent communication server |
US6732095B1 (en) | 2001-04-13 | 2004-05-04 | Siebel Systems, Inc. | Method and apparatus for mapping between XML and relational representations |
US7020645B2 (en) * | 2001-04-19 | 2006-03-28 | Eoriginal, Inc. | Systems and methods for state-less authentication |
US20020157020A1 (en) * | 2001-04-20 | 2002-10-24 | Coby Royer | Firewall for protecting electronic commerce databases from malicious hackers |
US7761288B2 (en) | 2001-04-30 | 2010-07-20 | Siebel Systems, Inc. | Polylingual simultaneous shipping of software |
US6782383B2 (en) | 2001-06-18 | 2004-08-24 | Siebel Systems, Inc. | System and method to implement a persistent and dismissible search center frame |
US6711565B1 (en) | 2001-06-18 | 2004-03-23 | Siebel Systems, Inc. | Method, apparatus, and system for previewing search results |
US6728702B1 (en) | 2001-06-18 | 2004-04-27 | Siebel Systems, Inc. | System and method to implement an integrated search center supporting a full-text search and query on a database |
US6763351B1 (en) | 2001-06-18 | 2004-07-13 | Siebel Systems, Inc. | Method, apparatus, and system for attaching search results |
US20030004971A1 (en) | 2001-06-29 | 2003-01-02 | Gong Wen G. | Automatic generation of data models and accompanying user interfaces |
US7266840B2 (en) * | 2001-07-12 | 2007-09-04 | Vignette Corporation | Method and system for secure, authorized e-mail based transactions |
US7904454B2 (en) * | 2001-07-16 | 2011-03-08 | International Business Machines Corporation | Database access security |
US7130852B2 (en) * | 2001-07-27 | 2006-10-31 | Silicon Valley Bank | Internal security system for a relational database system |
US7299496B2 (en) * | 2001-08-14 | 2007-11-20 | Illinois Institute Of Technology | Detection of misuse of authorized access in an information retrieval system |
US20030046587A1 (en) * | 2001-09-05 | 2003-03-06 | Satyam Bheemarasetti | Secure remote access using enterprise peer networks |
US6826582B1 (en) | 2001-09-28 | 2004-11-30 | Emc Corporation | Method and system for using file systems for content management |
US7761535B2 (en) | 2001-09-28 | 2010-07-20 | Siebel Systems, Inc. | Method and system for server synchronization with a computing device |
CA2357937A1 (en) * | 2001-09-28 | 2003-03-28 | Ibm Canada Limited-Ibm Canada Limitee | Database diagnostic system and method |
US6993712B2 (en) | 2001-09-28 | 2006-01-31 | Siebel Systems, Inc. | System and method for facilitating user interaction in a browser environment |
US6978445B2 (en) | 2001-09-28 | 2005-12-20 | Siebel Systems, Inc. | Method and system for supporting user navigation in a browser environment |
US6724399B1 (en) | 2001-09-28 | 2004-04-20 | Siebel Systems, Inc. | Methods and apparatus for enabling keyboard accelerators in applications implemented via a browser |
US7962565B2 (en) | 2001-09-29 | 2011-06-14 | Siebel Systems, Inc. | Method, apparatus and system for a mobile web client |
US8359335B2 (en) | 2001-09-29 | 2013-01-22 | Siebel Systems, Inc. | Computing system and method to implicitly commit unsaved data for a world wide web application |
US6901595B2 (en) | 2001-09-29 | 2005-05-31 | Siebel Systems, Inc. | Method, apparatus, and system for implementing a framework to support a web-based application |
US7146617B2 (en) | 2001-09-29 | 2006-12-05 | Siebel Systems, Inc. | Method, apparatus, and system for implementing view caching in a framework to support web-based applications |
US7289949B2 (en) | 2001-10-09 | 2007-10-30 | Right Now Technologies, Inc. | Method for routing electronic correspondence based on the level and type of emotion contained therein |
US6801903B2 (en) * | 2001-10-12 | 2004-10-05 | Ncr Corporation | Collecting statistics in a database system |
TW548592B (en) * | 2001-10-22 | 2003-08-21 | Taiwan Semiconductor Mfg | System and method for single login of application program |
CN100392626C (zh) * | 2001-11-20 | 2008-06-04 | 森维公司 | 网络化设备的访问和控制系统 |
DE60130902T2 (de) * | 2001-11-23 | 2008-07-17 | Protegrity Research & Development | Verfahren zum Erkennen des Eindringens in ein Datenbanksystem |
US7062502B1 (en) | 2001-12-28 | 2006-06-13 | Kesler John N | Automated generation of dynamic data entry user interface for relational database management systems |
US6804330B1 (en) | 2002-01-04 | 2004-10-12 | Siebel Systems, Inc. | Method and system for accessing CRM data via voice |
US7076795B2 (en) * | 2002-01-11 | 2006-07-11 | International Business Machiness Corporation | System and method for granting access to resources |
US7058890B2 (en) | 2002-02-13 | 2006-06-06 | Siebel Systems, Inc. | Method and system for enabling connectivity to a data system |
US6845452B1 (en) * | 2002-03-12 | 2005-01-18 | Reactivity, Inc. | Providing security for external access to a protected computer network |
US7672853B2 (en) | 2002-03-29 | 2010-03-02 | Siebel Systems, Inc. | User interface for processing requests for approval |
US7131071B2 (en) | 2002-03-29 | 2006-10-31 | Siebel Systems, Inc. | Defining an approval process for requests for approval |
JP2003296213A (ja) * | 2002-04-03 | 2003-10-17 | Sony Corp | 情報授受方法および情報授受システム |
US20030233582A1 (en) * | 2002-04-09 | 2003-12-18 | Ram Pemmaraju | Methods and apparatus for a computer network firewall which can be configured dynamically via an authentication mechanism |
US6976023B2 (en) * | 2002-04-23 | 2005-12-13 | International Business Machines Corporation | System and method for managing application specific privileges in a content management system |
US6850949B2 (en) | 2002-06-03 | 2005-02-01 | Right Now Technologies, Inc. | System and method for generating a dynamic interface via a communications network |
US7373336B2 (en) * | 2002-06-10 | 2008-05-13 | Koninklijke Philips Electronics N.V. | Content augmentation based on personal profiles |
US7594181B2 (en) | 2002-06-27 | 2009-09-22 | Siebel Systems, Inc. | Prototyping graphical user interfaces |
US8639542B2 (en) | 2002-06-27 | 2014-01-28 | Siebel Systems, Inc. | Method and apparatus to facilitate development of a customer-specific business process model |
US7437720B2 (en) | 2002-06-27 | 2008-10-14 | Siebel Systems, Inc. | Efficient high-interactivity user interface for client-server applications |
US7281139B2 (en) * | 2002-07-11 | 2007-10-09 | Sun Microsystems, Inc. | Authenticating legacy service via web technology |
US20040010489A1 (en) | 2002-07-12 | 2004-01-15 | Rightnow Technologies, Inc. | Method for providing search-specific web pages in a network computing environment |
US20040034635A1 (en) * | 2002-08-15 | 2004-02-19 | Czarnecki David Anthony | Method and system for identifying and matching companies to business event information |
US7251787B2 (en) | 2002-08-28 | 2007-07-31 | Siebel Systems, Inc. | Method and apparatus for an integrated process modeller |
US20040044909A1 (en) * | 2002-09-04 | 2004-03-04 | Mirza Absar Ahmed | Method and system for accessing an object behind a firewall |
US6928554B2 (en) * | 2002-10-31 | 2005-08-09 | International Business Machines Corporation | Method of query return data analysis for early warning indicators of possible security exposures |
CN100365612C (zh) * | 2003-01-14 | 2008-01-30 | 松下电器产业株式会社 | 内容使用管理的系统、装置及方法、内容使用装置及方法 |
US7099858B2 (en) * | 2003-01-30 | 2006-08-29 | International Business Machines Corporation | Data management system that provides intelligent access plan caching |
US9448860B2 (en) | 2003-03-21 | 2016-09-20 | Oracle America, Inc. | Method and architecture for providing data-change alerts to external applications via a push service |
WO2004086197A2 (en) | 2003-03-24 | 2004-10-07 | Siebel Systems, Inc. | Custom common object |
US7904340B2 (en) | 2003-03-24 | 2011-03-08 | Siebel Systems, Inc. | Methods and computer-readable medium for defining a product model |
WO2004086198A2 (en) | 2003-03-24 | 2004-10-07 | Siebel Systems, Inc. | Common common object |
US8762415B2 (en) | 2003-03-25 | 2014-06-24 | Siebel Systems, Inc. | Modeling of order data |
US20040193656A1 (en) * | 2003-03-28 | 2004-09-30 | Pizzo Michael J. | Systems and methods for caching and invalidating database results and derived objects |
US7685515B2 (en) | 2003-04-04 | 2010-03-23 | Netsuite, Inc. | Facilitating data manipulation in a browser-based user interface of an enterprise business application |
US7412455B2 (en) | 2003-04-30 | 2008-08-12 | Dillon David M | Software framework that facilitates design and implementation of database applications |
US7620655B2 (en) | 2003-05-07 | 2009-11-17 | Enecto Ab | Method, device and computer program product for identifying visitors of websites |
US7146363B2 (en) * | 2003-05-20 | 2006-12-05 | Microsoft Corporation | System and method for cardinality estimation based on query execution feedback |
US7409336B2 (en) | 2003-06-19 | 2008-08-05 | Siebel Systems, Inc. | Method and system for searching data based on identified subset of categories and relevance-scored text representation-category combinations |
US20040260659A1 (en) | 2003-06-23 | 2004-12-23 | Len Chan | Function space reservation system |
US7237227B2 (en) | 2003-06-30 | 2007-06-26 | Siebel Systems, Inc. | Application user interface template with free-form layout |
US7406714B1 (en) * | 2003-07-01 | 2008-07-29 | Symantec Corporation | Computer code intrusion detection system based on acceptable retrievals |
CA2533167A1 (en) * | 2003-07-22 | 2005-01-27 | Kinor Technologies Inc. | Information access using ontologies |
US20050108526A1 (en) * | 2003-08-11 | 2005-05-19 | Gavin Robertson | Query server system security and privacy access profiles |
US7694314B2 (en) | 2003-08-28 | 2010-04-06 | Siebel Systems, Inc. | Universal application network architecture |
US7509311B2 (en) * | 2003-08-29 | 2009-03-24 | Microsoft Corporation | Use of statistics on views in query optimization |
US7171413B2 (en) * | 2003-08-29 | 2007-01-30 | International Business Machines Corporation | Two phase intermediate query security using access control |
US7664798B2 (en) * | 2003-09-04 | 2010-02-16 | Oracle International Corporation | Database performance baselines |
US8983934B2 (en) * | 2003-09-06 | 2015-03-17 | Oracle International Corporation | SQL tuning base |
US7779039B2 (en) * | 2004-04-02 | 2010-08-17 | Salesforce.Com, Inc. | Custom entities and fields in a multi-tenant database system |
US7171398B2 (en) * | 2003-10-16 | 2007-01-30 | International Business Machines Corporation | Outer and exception join to inner join normalization |
US8775412B2 (en) * | 2004-01-08 | 2014-07-08 | International Business Machines Corporation | Method and system for a self-healing query access plan |
US7353279B2 (en) * | 2004-01-08 | 2008-04-01 | Hughes Electronics Corporation | Proxy architecture for providing quality of service(QoS) reservations |
US8375048B1 (en) * | 2004-01-20 | 2013-02-12 | Microsoft Corporation | Query augmentation |
US7327258B2 (en) * | 2004-02-04 | 2008-02-05 | Guardian Mobile Monitoring Systems | System for, and method of, monitoring the movements of mobile items |
US7661141B2 (en) * | 2004-02-11 | 2010-02-09 | Microsoft Corporation | Systems and methods that optimize row level database security |
US20050203881A1 (en) * | 2004-03-09 | 2005-09-15 | Akio Sakamoto | Database user behavior monitor system and method |
US7487149B2 (en) * | 2004-03-10 | 2009-02-03 | Oracle International Corporation | Method and apparatus for providing query-level security in a database system |
US20050203921A1 (en) * | 2004-03-11 | 2005-09-15 | Newman Aaron C. | System for protecting database applications from unauthorized activity |
US7739262B2 (en) * | 2004-03-19 | 2010-06-15 | Microsoft Corporation | Enforcing currency and consistency constraints in database query processing |
US7606792B2 (en) * | 2004-03-19 | 2009-10-20 | Microsoft Corporation | System and method for efficient evaluation of a query that invokes a table valued function |
US7200595B2 (en) * | 2004-03-29 | 2007-04-03 | Microsoft Corporation | Systems and methods for fine grained access control of data stored in relational databases |
US7353219B2 (en) * | 2004-05-28 | 2008-04-01 | International Business Machines Corporation | Determining validity ranges of query plans based on suboptimality |
KR100690764B1 (ko) * | 2004-06-08 | 2007-03-09 | 엘지전자 주식회사 | 아이엠피에스 클라이언트의 상태정보 동기화 방법 |
US20050289098A1 (en) * | 2004-06-24 | 2005-12-29 | International Business Machines Corporation | Dynamically selecting alternative query access plans |
US7480718B2 (en) * | 2004-06-28 | 2009-01-20 | International Business Machines Corporation | Method for providing single sign-on user names for Web cookies in a multiple user information directory environment |
US8346761B2 (en) * | 2004-08-05 | 2013-01-01 | International Business Machines Corporation | Method and system for data mining for automatic query optimization |
US7653665B1 (en) * | 2004-09-13 | 2010-01-26 | Microsoft Corporation | Systems and methods for avoiding database anomalies when maintaining constraints and indexes in presence of snapshot isolation |
US7363299B2 (en) * | 2004-11-18 | 2008-04-22 | University Of Washington | Computing probabilistic answers to queries |
US8131744B2 (en) * | 2004-12-17 | 2012-03-06 | International Business Machines Corporation | Well organized query result sets |
US7693863B2 (en) * | 2004-12-20 | 2010-04-06 | Claria Corporation | Method and device for publishing cross-network user behavioral data |
US9886492B2 (en) * | 2004-12-22 | 2018-02-06 | Teradata Us, Inc. | Self-adjusting database-query optimizer |
US20060247944A1 (en) * | 2005-01-14 | 2006-11-02 | Calusinski Edward P Jr | Enabling value enhancement of reference data by employing scalable cleansing and evolutionarily tracked source data tags |
US20060235831A1 (en) * | 2005-01-14 | 2006-10-19 | Adinolfi Ronald E | Multi-source multi-tenant entitlement enforcing data repository and method of operation |
US7882100B2 (en) * | 2005-01-24 | 2011-02-01 | Sybase, Inc. | Database system with methodology for generating bushy nested loop join trees |
GB0502383D0 (en) * | 2005-02-04 | 2005-03-16 | Nokia Corp | User identities |
US7444331B1 (en) * | 2005-03-02 | 2008-10-28 | Symantec Corporation | Detecting code injection attacks against databases |
US7860842B2 (en) * | 2005-03-16 | 2010-12-28 | Oracle International Corporation | Mechanism to detect and analyze SQL injection threats |
US7810142B2 (en) * | 2005-03-21 | 2010-10-05 | International Business Machines Corporation | Auditing compliance with a hippocratic database |
JP4615344B2 (ja) * | 2005-03-24 | 2011-01-19 | 株式会社日立製作所 | データ処理システム及びデータベースの管理方法 |
US7765200B2 (en) * | 2005-03-25 | 2010-07-27 | International Business Machines Corporation | SQL query problem determination tool |
US8086615B2 (en) * | 2005-03-28 | 2011-12-27 | Oracle International Corporation | Security data redaction |
US7558796B1 (en) * | 2005-05-19 | 2009-07-07 | Symantec Corporation | Determining origins of queries for a database intrusion detection system |
JP4545647B2 (ja) * | 2005-06-17 | 2010-09-15 | 富士通株式会社 | 攻撃検知・防御システム |
US7774361B1 (en) * | 2005-07-08 | 2010-08-10 | Symantec Corporation | Effective aggregation and presentation of database intrusion incidents |
US7970788B2 (en) * | 2005-08-02 | 2011-06-28 | International Business Machines Corporation | Selective local database access restriction |
US8484232B2 (en) * | 2005-11-22 | 2013-07-09 | International Business Machines Corporation | Method, computer arrangement, computer program and computer program product for checking for the presence of control statements in a data value |
US8069153B2 (en) | 2005-12-02 | 2011-11-29 | Salesforce.Com, Inc. | Systems and methods for securing customer data in a multi-tenant environment |
US8082301B2 (en) | 2006-11-10 | 2011-12-20 | Virtual Agility, Inc. | System for supporting collaborative activity |
US8719287B2 (en) | 2007-08-31 | 2014-05-06 | Business Objects Software Limited | Apparatus and method for dynamically selecting componentized executable instructions at run time |
-
2006
- 2006-10-23 US US11/585,527 patent/US8069153B2/en active Active
- 2006-11-30 CN CN200680051776.XA patent/CN101336433B/zh active Active
- 2006-11-30 EP EP19170409.7A patent/EP3629210B1/en active Active
- 2006-11-30 EP EP06838856.0A patent/EP1958099B1/en active Active
- 2006-11-30 WO PCT/US2006/046128 patent/WO2007064958A2/en active Application Filing
- 2006-11-30 JP JP2008543519A patent/JP5065287B2/ja active Active
- 2006-11-30 CN CN201010572116.4A patent/CN102117310B/zh active Active
-
2011
- 2011-11-01 US US13/286,461 patent/US8620876B2/en active Active
-
2012
- 2012-06-20 US US13/528,749 patent/US8799320B2/en active Active
- 2012-06-20 US US13/528,744 patent/US8788532B2/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6088796A (en) * | 1998-08-06 | 2000-07-11 | Cianfrocca; Francis | Secure middleware and server control system for querying through a network firewall |
US20050065925A1 (en) * | 2003-09-23 | 2005-03-24 | Salesforce.Com, Inc. | Query optimization in a multi-tenant database system |
Also Published As
Publication number | Publication date |
---|---|
CN101336433B (zh) | 2015-07-15 |
EP3629210B1 (en) | 2022-05-11 |
US8799320B2 (en) | 2014-08-05 |
US20120047570A1 (en) | 2012-02-23 |
US20120260341A1 (en) | 2012-10-11 |
CN102117310A (zh) | 2011-07-06 |
EP3629210A2 (en) | 2020-04-01 |
JP5065287B2 (ja) | 2012-10-31 |
US8620876B2 (en) | 2013-12-31 |
US20070130130A1 (en) | 2007-06-07 |
US20120259839A1 (en) | 2012-10-11 |
EP1958099A2 (en) | 2008-08-20 |
EP1958099A4 (en) | 2013-07-10 |
WO2007064958A3 (en) | 2008-06-12 |
US8069153B2 (en) | 2011-11-29 |
JP2009518713A (ja) | 2009-05-07 |
WO2007064958A2 (en) | 2007-06-07 |
US8788532B2 (en) | 2014-07-22 |
EP1958099B1 (en) | 2019-04-24 |
WO2007064958B1 (en) | 2008-07-31 |
EP3629210A3 (en) | 2020-07-29 |
CN101336433A (zh) | 2008-12-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102117310B (zh) | 多租户数据库系统 | |
US12034760B2 (en) | Method and system for tracking fraudulent activity | |
CN105868635B (zh) | 用于应对恶意软件的方法和装置 | |
US8732472B2 (en) | System and method for verification of digital certificates | |
US9098539B2 (en) | System, method and computer program product for enabling access to a resource of a multi-tenant on-demand database service utilizing a token | |
US6463418B1 (en) | Secure and stateful electronic business transaction system | |
US6006334A (en) | Method and system for authentication over a distributed service to limit password compromise | |
US11997204B2 (en) | Authenticating computing system requests across tenants of a multi-tenant database system | |
WO2020006300A1 (en) | Authenticating computing system requests with an unknown destination across tenants of a multi-tenant system | |
CN103179106A (zh) | 对未授权的访问请求使用假肯定响应的网络安全 | |
CN109792439A (zh) | 用于威胁检测的动态策略注入和访问可视化 | |
CN108108973A (zh) | 业务风险控制方法及装置 | |
US10931650B1 (en) | Apparatus and method for building, extending and managing interactions between digital identities and digital identity applications | |
CN105391689A (zh) | 网络钓鱼通知服务 | |
JP4445941B2 (ja) | 顧客データベース管理装置及び顧客データベース管理プログラム | |
KR20010008276A (ko) | 전자상거래 및 정보공유를 지원하는 개인웹서버 시스템 | |
CN118364489A (zh) | 一种权限验证方法、装置、设备及存储介质 | |
CN114266070A (zh) | 一种数据安全防护方法、装置、设备及存储介质 | |
Aladib et al. | Online Properties Auction System (OPAS) Domain | |
Steinebach et al. | 1.1 Hidden Services |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder |
Address after: California, USA Patentee after: Shuo Power Co. Address before: California, USA Patentee before: SALESFORCE.COM, Inc. |
|
CP01 | Change in the name or title of a patent holder |