CN109688162A - A kind of data of multi-tenant divide library method and system - Google Patents
A kind of data of multi-tenant divide library method and system Download PDFInfo
- Publication number
- CN109688162A CN109688162A CN201910124100.8A CN201910124100A CN109688162A CN 109688162 A CN109688162 A CN 109688162A CN 201910124100 A CN201910124100 A CN 201910124100A CN 109688162 A CN109688162 A CN 109688162A
- Authority
- CN
- China
- Prior art keywords
- user
- tenant
- blocker
- data
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000012795 verification Methods 0.000 claims abstract description 36
- 230000005856 abnormality Effects 0.000 claims description 18
- 238000005516 engineering process Methods 0.000 abstract description 10
- 238000002955 isolation Methods 0.000 abstract description 4
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/148—Migration or transfer of sessions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of data of multi-tenant to divide library method and system, belongs to computer field of cloud computer technology, realizes that user logs in and seesion validity check by using verification blocker is logged in;User Status legitimacy verifies are realized by using User Status blocker;Tenant's state legitimacy verifies are realized by using tenant's state blocker;Data access security verification is realized by using secure access blocker.A kind of data of multi-tenant divide library to realize system, it is characterised in that including logging in verification blocker, User Status blocker, tenant's state blocker and secure access blocker.The present invention can guarantee the data isolation and safety of each tenant, keep different blockers mutually indepedent, meet the requirement for logging in validity, User Status legitimacy, tenant's state normality and data access security, the user access control suitable for SaaS system simultaneously.
Description
Technical field
The present invention relates to computer field of cloud computer technology, specifically a kind of data of multi-tenant divide library implementation method
And system.
Background technique
Multi-tenant technology (English: multi-tenancy technology) or multiple leasing techniques, are a kind of software
Architecture technology, it is to share identical system or program assembly in the environment of how realization in multi-user inquiring into, and still
It can ensure that the isolation of data between each user.
In multi-tenant technology, tenant (tenant) refers to the client using system or computer calculation resources, but is renting more
In the technology of family, tenant includes all data that can recognize in systems as designated user.It is based on supplier used in tenant
Application system or calculation resources for developing or building etc., application system designed by supplier can accommodate several above users
Used under the same environment, in order to allow multiple users the same application program of environment capacity and computing environment on use,
Then application program has to be specifically designed with computing environment, in addition to system platform can be allowed to can permit and meanwhile allow more parts it is identical
Application program operation is outer, protects the privacy of tenant data and safety is also one of the key of multi-tenant technology.
Multi-tenant technology is one of the core technology of SaaS application, and the main problem that it is studied is system under multi-tenant environment
Or the multiplying question of application component, it is important to ensure the legitimacy of each tenant's user access control.
Summary of the invention
Technical assignment of the invention be against the above deficiency place, provide a kind of multi-tenant data point library implementation method and
The data point library of multi-tenant may be implemented in system, guarantees the data isolation and safety of each tenant.
The technical solution adopted by the present invention to solve the technical problems is:
A kind of data of multi-tenant divide library implementation method, by using log in verification blocker realize user log in and
Seesion validity check;User Status legitimacy verifies are realized by using User Status blocker;By using tenant's shape
State blocker realizes tenant's state legitimacy verifies;Data access security verification is realized by using secure access blocker.
Keep different blockers mutually indepedent, while meeting and logging in validity, User Status legitimacy, tenant's state normality and data
The requirement of access security.
Preferably, logging in verification blocker submits data to verify access, such as username and password etc.;And it is right
Seesion value is verified, and is judged whether there is and overtime.
Further, configuration registry verifies blocker in web.xml file in the project
AuthenticationFilter logs in verification blocker and first determines whether request type, is that logging request or data access are asked
It asks;
When logging request, data are submitted to verify access, such as user name, password etc., if verification does not pass through
Return to login page;
When data access request, the session value of the jsession field in header in request is verified, is judged
Whether there is and time-out, if there is no or session time-out, then jump to login page.
Preferably, User Status blocker verifies the lock state of user;Whether user information is carried out comprehensively
Verification, such as subscriber mailbox;It is verified to whether user carries out tenant's binding;School is carried out to whether user carries out real-name authentication
It tests.
Further, in web.xml file in the project, User Status blocker is configured
UserInfoStatusFilter,
User, which locks, to be intercepted, and is inquired redis database, is judged that user's lock state field is jumped if user is locked
It goes to user's abnormality and reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if user's binding mailbox etc. is necessary
Information is not complete, then jumps to user's abnormality and remind interface;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is not
Tenant is bound, then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user is not
Real-name authentication is carried out, then jumps to user's real-name authentication interface.
Preferably, tenant's state blocker verifies the lock state of tenant, the period of service of tenant is verified,
Judge it whether within the period of service.
Further, in web.xml file in the project, tenant's state blocker is configured
TenantInfoStatusFilter,
Tenant, which locks, to be intercepted, and redis database is inquired, the lock state of tenant where judging user, if tenant has locked
It is fixed, then it jumps to tenant's abnormality and reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if not
In the period of service, then jumps to tenant and continue to pay dues and remind interface.
Preferably, secure access blocker verifies its safety according to user's access frequency, is accessed according to user
Resource cost amount its safety is verified.
Further, in web.xml file in the project, configuration secure access blocker SecurityFilter,
High-frequency access interception, when each user initiates data access, record access number, when in user's stipulated time
When the request number of times of (in such as 10 minutes) is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption works as user
When request total number resource in stipulated time (in such as 10 minutes) is more than tenant's configuration limits, then jumps to secure access and remind
Interface.
The invention also discloses a kind of data of multi-tenant, and library to be divided to realize system, including logs in verification blocker, Yong Huzhuan
State blocker, tenant's state blocker and secure access blocker,
Log in verification blocker to access submit data (such as username and password) verified, to seesion value into
Row verification judges whether there is and overtime;It is logged in and seesion validity check for user;
Configuration registry verifies blocker AuthenticationFilter in web.xml file in the project, logs in school
It tests blocker and first determines whether request type, be logging request or data access request;
It when logging request, submits data to verify access, such as user name, password, is returned if verification does not pass through
Return login page;
When data access request, the session value of the jsession field in header in request is verified, is judged
Whether there is and time-out, if there is no or session time-out, then jump to login page;
User Status blocker verifies the lock state of user, whether is verified (example comprehensively to user information
Such as subscriber mailbox), whether carry out tenant's binding to user and verify, real-name authentication whether is carried out to user verify, use
In User Status legitimacy verifies;
In web.xml file in the project, User Status blocker UserInfoStatusFilter, Yong Husuo are configured
It is fixed to intercept, redis database is inquired, user's lock state field is judged, if user is locked, jumps to user's exception shape
State reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if user's binding mailbox etc. is necessary
Information is not complete, then jumps to user's abnormality and remind interface;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is not
Tenant is bound, then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user is not
Real-name authentication is carried out, then jumps to user's real-name authentication interface;
Tenant's state blocker verifies the lock state of tenant, verifies to the period of service of tenant, judges it
Whether in server, it to be used for tenant's state legitimacy verifies;
In web.xml file in the project, tenant's state blocker TenantInfoStatusFilter, tenant are configured
Locking intercepts, and inquires redis database, and the lock state of tenant jumps to rent if tenant is locked where judging user
Family abnormality reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if not
In the period of service, then jumps to tenant and continue to pay dues and remind interface;
Blocker is had secure access to, its safety is verified according to user's access frequency, the resource accessed according to user
Consumption verifies its safety, is used for data access security verification;
In web.xml file in the project, configuration secure access blocker SecurityFilter,
High-frequency access interception, when each user initiates data access, record access number, when in user's stipulated time
When request number of times is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption works as user
When request total number resource in stipulated time is more than tenant's configuration limits, then jumps to secure access and remind interface.
Compared to the prior art a kind of data of multi-tenant of the invention divide library method and system, have beneficial below
Effect:
The data point library that multi-tenant can be realized by this method guarantees the data isolation and safety of each tenant, is suitable for
The user access control of SaaS system, it is mutually indepedent using different blockers, it can meet simultaneously and log in validity, Yong Huzhuan
The requirement of state legitimacy, tenant's state normal shape and data access security.
This method can realize effective control of user's access by configuring by filter filter principle with code logic
System, the access control of realization increase the control ability based on amount of access and the SaaS period of service, that is, ensure that the efficient of blocker
Property increase safety again, while this method and system and the loose coupling of SaaS product can easily and fast carry out transplanting.
Detailed description of the invention
Fig. 1 is the schematic diagram of the data point library implementation method of multi-tenant of the invention.
Specific embodiment
A kind of data of multi-tenant divide library implementation method, by using log in verification blocker realize user log in and
Seesion validity check;User Status legitimacy verifies are realized by using User Status blocker;By using tenant's shape
State blocker realizes tenant's state legitimacy verifies;Data access security verification is realized by using secure access blocker.
Verification blocker is logged in,
Data can be submitted to verify access, such as user name, password;
Session value can be verified, be judged whether there is and overtime;
User Status blocker,
The lock state of user can be verified;
Whether user information can be verified comprehensively, such as subscriber mailbox;
Tenant's binding whether can be carried out to user to verify;
Real-name authentication whether can be carried out to user to verify;
Tenant's state blocker,
The lock state of tenant can be verified;
The period of service of tenant can be verified, judge it whether within the period of service;
Blocker is had secure access to,
The frequency that can be accessed according to user, verifies its safety;
The resource cost amount that can be accessed according to user, verifies its safety.
Blocker design is realized with coding, is completed by following steps:
1, verification blocker is logged in
In web.xml file in the project, configuration registry verifies blocker AuthenticationFilter, logs in school
It tests blocker and first determines whether request type, be logging request or data access request.
When logging request, data are submitted to verify access, such as user name, password are returned if verification does not pass through
Return login page;
When data access request, the session value of the jsession field in header in request is verified, is judged
It whether there is and overtime.If there is no or session time-out, then jump to login page.
2, User Status blocker
In web.xml file in the project, configuration registry verifies blocker UserInfoStatusFilter.
2.1, user, which locks, intercepts.Redis database is inquired, judges user's lock state field, if user is locked,
It then jumps to user's abnormality and reminds interface.
2.2, user information does not intercept entirely.Redis database is inquired, judges user information, if user binds mailbox etc.
Necessary information is not complete, then jumps to user's abnormality and remind interface.
2.3, the unbound tenant of user intercepts.Redis database is inquired, judges whether user has bound tenant, if with
The unbound tenant in family then jumps to user's abnormality and reminds interface.
2.4, the unverified interception of user.Redis database is inquired, judges whether user has carried out real name verification, if with
Family does not carry out real-name authentication, then jumps to user's real-name authentication interface.
3, tenant's state blocker
In web.xml file in the project, configuration registry verifies blocker TenantInfoStatusFilter.
3.1, tenant, which locks, intercepts.Redis database is inquired, the lock state of tenant where judging user, if tenant
It is locked, then it jumps to tenant's abnormality and reminds interface.
3.2, tenant's service exceeds the time limit to intercept.Redis database is inquired, the period of service state of tenant where judging user, such as
Fruit then jumps to tenant and continues to pay dues and remind interface not in the period of service.
4, blocker is had secure access to
In web.xml file in the project, configuration registry verifies blocker SecurityFilter.
4.1, high-frequency access interception.When each user initiates data access, record access number, when in user 10 minutes
Request number of times be more than tenant's configuration limits when, then jump to secure access remind interface.
4.2, Gao Ziyuan access interception.When each user initiates data access, the number of resources of record access function consumption, when
When request total number resource in user 10 minutes is more than tenant's configuration limits, then jumps to secure access and remind interface.
This method logic is realized specific as follows:
User logs in unified intercept and rectifies and improves:
Web.xml, this filter is after all filters.
It is as follows to authenticate filter core code:
User Status filter core code is as follows:
Tenant's state filter core code is as follows:
It is as follows to have secure access to core code:
A kind of data of multi-tenant divide library to realize system, including log in verification blocker, User Status blocker, Zu Huzhuan
State blocker and secure access blocker,
Log in verification blocker to access submit data (such as username and password) verified, to seesion value into
Row verification judges whether there is and overtime;It is logged in and seesion validity check for user;
Configuration registry verifies blocker AuthenticationFilter in web.xml file in the project, logs in school
It tests blocker and first determines whether request type, be logging request or data access request;
It when logging request, submits data to verify access, such as user name, password, is returned if verification does not pass through
Return login page;
When data access request, the session value of the jsession field in header in request is verified, is judged
Whether there is and time-out, if there is no or session time-out, then jump to login page;
User Status blocker verifies the lock state of user, whether is verified (example comprehensively to user information
Such as subscriber mailbox), whether carry out tenant's binding to user and verify, real-name authentication whether is carried out to user verify, use
In User Status legitimacy verifies;
In web.xml file in the project, User Status blocker UserInfoStatusFilter, Yong Husuo are configured
It is fixed to intercept, redis database is inquired, user's lock state field is judged, if user is locked, jumps to user's exception shape
State reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if user's binding mailbox etc. is necessary
Information is not complete, then jumps to user's abnormality and remind interface;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is not
Tenant is bound, then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user is not
Real-name authentication is carried out, then jumps to user's real-name authentication interface;
Tenant's state blocker verifies the lock state of tenant, verifies to the period of service of tenant, judges it
Whether in server, it to be used for tenant's state legitimacy verifies;
In web.xml file in the project, tenant's state blocker TenantInfoStatusFilter, tenant are configured
Locking intercepts, and inquires redis database, and the lock state of tenant jumps to rent if tenant is locked where judging user
Family abnormality reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if not
In the period of service, then jumps to tenant and continue to pay dues and remind interface;
Blocker is had secure access to, its safety is verified according to user's access frequency, the resource accessed according to user
Consumption verifies its safety, is used for data access security verification;
In web.xml file in the project, configuration secure access blocker SecurityFilter,
High-frequency access interception, when each user initiates data access, record access number, when in user's stipulated time
When request number of times is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption works as user
When request total number resource in stipulated time is more than tenant's configuration limits, then jumps to secure access and remind interface.
The technical personnel in the technical field can readily realize the present invention with the above specific embodiments,.But it answers
Work as understanding, the present invention is not limited to above-mentioned specific embodiments.On the basis of the disclosed embodiments, the technical field
Technical staff can arbitrarily combine different technical features, to realize different technical solutions.
Except for the technical features described in the specification, it all is technically known to those skilled in the art.
Claims (10)
1. a kind of data of multi-tenant divide library implementation method, it is characterised in that realize that user steps on by using verification blocker is logged in
Record and seesion validity check;User Status legitimacy verifies are realized by using User Status blocker;By using rent
Family state blocker realizes tenant's state legitimacy verifies;Data access safety school is realized by using secure access blocker
It tests.
2. a kind of data of multi-tenant according to claim 1 divide library method and system, it is characterised in that log in school
It tests blocker and submits data to verify access, including username and password;And seesion value is verified, judgement is
No presence and time-out.
3. a kind of data of multi-tenant according to claim 2 divide library implementation method, it is characterised in that configuration registry verification
Blocker logs in verification blocker and first determines whether request type, is logging request or data access request;
It when logging request, submits data to verify access, returns to login page if verification does not pass through;
When data access request, the session value of the jsession field in header in request is verified, is judged whether
In the presence of and time-out, if there is no or session time-out, then jump to login page.
4. a kind of data of multi-tenant according to claim 1 divide library implementation method, it is characterised in that User Status intercepts
Whether device verifies the lock state of user, verify comprehensively to user information, whether carries out tenant's binding to user
It is verified, is verified to whether user carries out real-name authentication.
5. a kind of data of multi-tenant according to claim 4 divide library implementation method, it is characterised in that configuration User Status
Blocker,
User, which locks, to be intercepted, and is inquired redis database, is judged that user's lock state field jumps to if user is locked
User's abnormality reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if the necessary information of user is not complete, jumps
Interface is reminded to user's abnormality;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is unbound
Tenant then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user does not carry out
Real-name authentication then jumps to user's real-name authentication interface.
6. a kind of data of multi-tenant according to claim 1 divide library implementation method, it is characterised in that tenant's state intercepts
Whether device verifies the lock state of tenant, verify to the period of service of tenant, judge it within the period of service.
7. a kind of data of multi-tenant according to claim 6 divide library implementation method, it is characterised in that configuration tenant's state
Blocker,
Tenant, which locks, to be intercepted, and redis database is inquired, the lock state of tenant where judging user, if tenant is locked,
It jumps to tenant's abnormality and reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if do not taken
The business phase then jumps to tenant and continues to pay dues and reminds interface.
8. a kind of data of multi-tenant according to claim 1 divide library implementation method, it is characterised in that secure access intercepts
Device verifies its safety according to user's access frequency, carries out school to its safety according to the resource cost amount that user accesses
It tests.
9. a kind of data of multi-tenant according to claim 8 divide library implementation method, it is characterised in that configuration secure access
Blocker,
High-frequency access interception, when each user initiates data access, record access number, the request within user's stipulated time
When number is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption, when user provides
When request total number resource in time is more than tenant's configuration limits, then jumps to secure access and remind interface.
10. a kind of data of multi-tenant divide library to realize system, it is characterised in that including logging in verification blocker, User Status intercepts
Device, tenant's state blocker and secure access blocker,
Log in verification blocker and submit data to be verified, verify to seesion value access, logged in for user and
Seesion validity check;
Whether User Status blocker verifies the lock state of user, verifies comprehensively, to user to user information
Whether carry out tenant's binding to verify, whether carry out user real-name authentication and verify, is used for User Status legitimacy school
It tests;
Tenant's state blocker verifies the lock state of tenant, verifies to the period of service of tenant, is used for tenant's shape
State legitimacy verifies;
Blocker is had secure access to, its safety is verified according to user's access frequency, the resource cost accessed according to user
Amount verifies its safety, is used for data access security verification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910124100.8A CN109688162B (en) | 2019-02-19 | 2019-02-19 | Multi-tenant database implementation method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910124100.8A CN109688162B (en) | 2019-02-19 | 2019-02-19 | Multi-tenant database implementation method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109688162A true CN109688162A (en) | 2019-04-26 |
CN109688162B CN109688162B (en) | 2021-12-21 |
Family
ID=66196514
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910124100.8A Active CN109688162B (en) | 2019-02-19 | 2019-02-19 | Multi-tenant database implementation method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109688162B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111245822A (en) * | 2020-01-08 | 2020-06-05 | 北京松果电子有限公司 | Remote procedure call processing method and device and computer storage medium |
CN111491012A (en) * | 2020-03-27 | 2020-08-04 | 北京尚医智信健康管理有限公司 | SaaS multi-tenant data isolation access method and device, electronic equipment and storage medium |
CN114726632A (en) * | 2022-04-14 | 2022-07-08 | 天工信创(广州)信息科技有限公司 | Login method, device, storage medium and processor |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102104607A (en) * | 2011-03-10 | 2011-06-22 | 易程(苏州)软件股份有限公司 | Method, device and system for controlling safety of service access |
CN103036856A (en) * | 2011-10-09 | 2013-04-10 | 镇江金软计算机科技有限责任公司 | Multi-tenant system achievement based on software as a service (SAAS) application |
CN103532981A (en) * | 2013-10-31 | 2014-01-22 | 中国科学院信息工程研究所 | Identity escrow and authentication cloud resource access control system and method for multiple tenants |
US9083770B1 (en) * | 2013-11-26 | 2015-07-14 | Snapchat, Inc. | Method and system for integrating real time communication features in applications |
CN106878335A (en) * | 2017-03-28 | 2017-06-20 | 武汉斗鱼网络科技有限公司 | A kind of method and system for login authentication |
CN107172038A (en) * | 2017-05-11 | 2017-09-15 | 深信服科技股份有限公司 | A kind of information processing method and safety service platform for being used to provide security service |
CN109040066A (en) * | 2018-08-01 | 2018-12-18 | 杭州安恒信息技术股份有限公司 | A kind of interconnection method and device of cloud security management platform and cloud security product |
-
2019
- 2019-02-19 CN CN201910124100.8A patent/CN109688162B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102104607A (en) * | 2011-03-10 | 2011-06-22 | 易程(苏州)软件股份有限公司 | Method, device and system for controlling safety of service access |
CN103036856A (en) * | 2011-10-09 | 2013-04-10 | 镇江金软计算机科技有限责任公司 | Multi-tenant system achievement based on software as a service (SAAS) application |
CN103532981A (en) * | 2013-10-31 | 2014-01-22 | 中国科学院信息工程研究所 | Identity escrow and authentication cloud resource access control system and method for multiple tenants |
US9083770B1 (en) * | 2013-11-26 | 2015-07-14 | Snapchat, Inc. | Method and system for integrating real time communication features in applications |
CN106878335A (en) * | 2017-03-28 | 2017-06-20 | 武汉斗鱼网络科技有限公司 | A kind of method and system for login authentication |
CN107172038A (en) * | 2017-05-11 | 2017-09-15 | 深信服科技股份有限公司 | A kind of information processing method and safety service platform for being used to provide security service |
CN109040066A (en) * | 2018-08-01 | 2018-12-18 | 杭州安恒信息技术股份有限公司 | A kind of interconnection method and device of cloud security management platform and cloud security product |
Non-Patent Citations (3)
Title |
---|
尹学渊等: "《虚拟化IaaS 环境安全域与访问控制模型研究》", 《小型微型计算机系统》 * |
袁雪波: "《基于OpenStack的多租户数据安全保护技术研究》", 《中国优秀硕士学位论文全文数据库》 * |
邓献文: "《基于多租户技术的人事共享服务中心系统的研究与实现》", 《中国优秀硕士论文库全文库 信息科技辑》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111245822A (en) * | 2020-01-08 | 2020-06-05 | 北京松果电子有限公司 | Remote procedure call processing method and device and computer storage medium |
CN111491012A (en) * | 2020-03-27 | 2020-08-04 | 北京尚医智信健康管理有限公司 | SaaS multi-tenant data isolation access method and device, electronic equipment and storage medium |
CN114726632A (en) * | 2022-04-14 | 2022-07-08 | 天工信创(广州)信息科技有限公司 | Login method, device, storage medium and processor |
CN114726632B (en) * | 2022-04-14 | 2024-04-05 | 广州鑫景信息科技服务有限公司 | Login method, login equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109688162B (en) | 2021-12-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8904549B2 (en) | Server system, control method, and storage medium for securely executing access to data of a tenant | |
US9529993B2 (en) | Policy-driven approach to managing privileged/shared identity in an enterprise | |
CN105871838B (en) | A kind of log-in control method and customer center platform of third party's account | |
CN104320423B (en) | Single-sign-on lightweight implementation method based on Cookie | |
CN105429999B (en) | Unified single sign-on system based on cloud platform | |
US8006294B2 (en) | System and method for single sign-on | |
CN109309683A (en) | The method and system of client identity verifying based on token | |
CN108243183A (en) | Integrated control method, system and the computer equipment of gate system | |
CN109688162A (en) | A kind of data of multi-tenant divide library method and system | |
CN111314340B (en) | Authentication method and authentication platform | |
CN107172054A (en) | A kind of purview certification method based on CAS, apparatus and system | |
DE112012002741T5 (en) | Identity and authentication procedures for the security of a cloud computing platform | |
CN105516160B (en) | A kind of domain management object map device and unified single sign-on system | |
CN110417820A (en) | Processing method, device and the readable storage medium storing program for executing of single-node login system | |
CN105162775A (en) | Logging method and device of virtual machine | |
CN107770192A (en) | Identity authentication method and computer-readable recording medium in multisystem | |
CN109831322B (en) | Multi-system account permission centralized management method, equipment and storage medium | |
CN100498816C (en) | Reference monitor implementing method of high safety grade operating system | |
CN103975567B (en) | Two-factor authentication method and virtual machine facility | |
CN106656927A (en) | Method and device for enabling Linux account to be added to AD domain | |
CN109547432A (en) | Multisystem verification method and device, storage medium and electronic equipment | |
CN109962892A (en) | A kind of authentication method and client, server logging in application | |
CN105162774A (en) | Virtual machine login method and device used for terminal | |
CN101567785B (en) | Method, system and entity for authenticating notes in network service | |
CN105991610A (en) | Method and device for logging into application server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20211129 Address after: No. 1036, Shandong high tech Zone wave road, Ji'nan, Shandong Applicant after: Inspur Genersoft Co.,Ltd. Address before: 250100 No. 2877 Kehang Road, Sun Village Town, Jinan High-tech District, Shandong Province Applicant before: SHANDONG INSPUR GENESOFT INFORMATION TECHNOLOGY Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |