CN109688162A - A kind of data of multi-tenant divide library method and system - Google Patents

A kind of data of multi-tenant divide library method and system Download PDF

Info

Publication number
CN109688162A
CN109688162A CN201910124100.8A CN201910124100A CN109688162A CN 109688162 A CN109688162 A CN 109688162A CN 201910124100 A CN201910124100 A CN 201910124100A CN 109688162 A CN109688162 A CN 109688162A
Authority
CN
China
Prior art keywords
user
tenant
blocker
data
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910124100.8A
Other languages
Chinese (zh)
Other versions
CN109688162B (en
Inventor
宋伟伟
张冬霞
邵辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur General Software Co Ltd
Original Assignee
Shandong Inspur Genersoft Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Inspur Genersoft Information Technology Co Ltd filed Critical Shandong Inspur Genersoft Information Technology Co Ltd
Priority to CN201910124100.8A priority Critical patent/CN109688162B/en
Publication of CN109688162A publication Critical patent/CN109688162A/en
Application granted granted Critical
Publication of CN109688162B publication Critical patent/CN109688162B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/148Migration or transfer of sessions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a kind of data of multi-tenant to divide library method and system, belongs to computer field of cloud computer technology, realizes that user logs in and seesion validity check by using verification blocker is logged in;User Status legitimacy verifies are realized by using User Status blocker;Tenant's state legitimacy verifies are realized by using tenant's state blocker;Data access security verification is realized by using secure access blocker.A kind of data of multi-tenant divide library to realize system, it is characterised in that including logging in verification blocker, User Status blocker, tenant's state blocker and secure access blocker.The present invention can guarantee the data isolation and safety of each tenant, keep different blockers mutually indepedent, meet the requirement for logging in validity, User Status legitimacy, tenant's state normality and data access security, the user access control suitable for SaaS system simultaneously.

Description

A kind of data of multi-tenant divide library method and system
Technical field
The present invention relates to computer field of cloud computer technology, specifically a kind of data of multi-tenant divide library implementation method And system.
Background technique
Multi-tenant technology (English: multi-tenancy technology) or multiple leasing techniques, are a kind of software Architecture technology, it is to share identical system or program assembly in the environment of how realization in multi-user inquiring into, and still It can ensure that the isolation of data between each user.
In multi-tenant technology, tenant (tenant) refers to the client using system or computer calculation resources, but is renting more In the technology of family, tenant includes all data that can recognize in systems as designated user.It is based on supplier used in tenant Application system or calculation resources for developing or building etc., application system designed by supplier can accommodate several above users Used under the same environment, in order to allow multiple users the same application program of environment capacity and computing environment on use, Then application program has to be specifically designed with computing environment, in addition to system platform can be allowed to can permit and meanwhile allow more parts it is identical Application program operation is outer, protects the privacy of tenant data and safety is also one of the key of multi-tenant technology.
Multi-tenant technology is one of the core technology of SaaS application, and the main problem that it is studied is system under multi-tenant environment Or the multiplying question of application component, it is important to ensure the legitimacy of each tenant's user access control.
Summary of the invention
Technical assignment of the invention be against the above deficiency place, provide a kind of multi-tenant data point library implementation method and The data point library of multi-tenant may be implemented in system, guarantees the data isolation and safety of each tenant.
The technical solution adopted by the present invention to solve the technical problems is:
A kind of data of multi-tenant divide library implementation method, by using log in verification blocker realize user log in and Seesion validity check;User Status legitimacy verifies are realized by using User Status blocker;By using tenant's shape State blocker realizes tenant's state legitimacy verifies;Data access security verification is realized by using secure access blocker. Keep different blockers mutually indepedent, while meeting and logging in validity, User Status legitimacy, tenant's state normality and data The requirement of access security.
Preferably, logging in verification blocker submits data to verify access, such as username and password etc.;And it is right Seesion value is verified, and is judged whether there is and overtime.
Further, configuration registry verifies blocker in web.xml file in the project AuthenticationFilter logs in verification blocker and first determines whether request type, is that logging request or data access are asked It asks;
When logging request, data are submitted to verify access, such as user name, password etc., if verification does not pass through Return to login page;
When data access request, the session value of the jsession field in header in request is verified, is judged Whether there is and time-out, if there is no or session time-out, then jump to login page.
Preferably, User Status blocker verifies the lock state of user;Whether user information is carried out comprehensively Verification, such as subscriber mailbox;It is verified to whether user carries out tenant's binding;School is carried out to whether user carries out real-name authentication It tests.
Further, in web.xml file in the project, User Status blocker is configured UserInfoStatusFilter,
User, which locks, to be intercepted, and is inquired redis database, is judged that user's lock state field is jumped if user is locked It goes to user's abnormality and reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if user's binding mailbox etc. is necessary Information is not complete, then jumps to user's abnormality and remind interface;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is not Tenant is bound, then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user is not Real-name authentication is carried out, then jumps to user's real-name authentication interface.
Preferably, tenant's state blocker verifies the lock state of tenant, the period of service of tenant is verified, Judge it whether within the period of service.
Further, in web.xml file in the project, tenant's state blocker is configured TenantInfoStatusFilter,
Tenant, which locks, to be intercepted, and redis database is inquired, the lock state of tenant where judging user, if tenant has locked It is fixed, then it jumps to tenant's abnormality and reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if not In the period of service, then jumps to tenant and continue to pay dues and remind interface.
Preferably, secure access blocker verifies its safety according to user's access frequency, is accessed according to user Resource cost amount its safety is verified.
Further, in web.xml file in the project, configuration secure access blocker SecurityFilter,
High-frequency access interception, when each user initiates data access, record access number, when in user's stipulated time When the request number of times of (in such as 10 minutes) is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption works as user When request total number resource in stipulated time (in such as 10 minutes) is more than tenant's configuration limits, then jumps to secure access and remind Interface.
The invention also discloses a kind of data of multi-tenant, and library to be divided to realize system, including logs in verification blocker, Yong Huzhuan State blocker, tenant's state blocker and secure access blocker,
Log in verification blocker to access submit data (such as username and password) verified, to seesion value into Row verification judges whether there is and overtime;It is logged in and seesion validity check for user;
Configuration registry verifies blocker AuthenticationFilter in web.xml file in the project, logs in school It tests blocker and first determines whether request type, be logging request or data access request;
It when logging request, submits data to verify access, such as user name, password, is returned if verification does not pass through Return login page;
When data access request, the session value of the jsession field in header in request is verified, is judged Whether there is and time-out, if there is no or session time-out, then jump to login page;
User Status blocker verifies the lock state of user, whether is verified (example comprehensively to user information Such as subscriber mailbox), whether carry out tenant's binding to user and verify, real-name authentication whether is carried out to user verify, use In User Status legitimacy verifies;
In web.xml file in the project, User Status blocker UserInfoStatusFilter, Yong Husuo are configured It is fixed to intercept, redis database is inquired, user's lock state field is judged, if user is locked, jumps to user's exception shape State reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if user's binding mailbox etc. is necessary Information is not complete, then jumps to user's abnormality and remind interface;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is not Tenant is bound, then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user is not Real-name authentication is carried out, then jumps to user's real-name authentication interface;
Tenant's state blocker verifies the lock state of tenant, verifies to the period of service of tenant, judges it Whether in server, it to be used for tenant's state legitimacy verifies;
In web.xml file in the project, tenant's state blocker TenantInfoStatusFilter, tenant are configured Locking intercepts, and inquires redis database, and the lock state of tenant jumps to rent if tenant is locked where judging user Family abnormality reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if not In the period of service, then jumps to tenant and continue to pay dues and remind interface;
Blocker is had secure access to, its safety is verified according to user's access frequency, the resource accessed according to user Consumption verifies its safety, is used for data access security verification;
In web.xml file in the project, configuration secure access blocker SecurityFilter,
High-frequency access interception, when each user initiates data access, record access number, when in user's stipulated time When request number of times is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption works as user When request total number resource in stipulated time is more than tenant's configuration limits, then jumps to secure access and remind interface.
Compared to the prior art a kind of data of multi-tenant of the invention divide library method and system, have beneficial below Effect:
The data point library that multi-tenant can be realized by this method guarantees the data isolation and safety of each tenant, is suitable for The user access control of SaaS system, it is mutually indepedent using different blockers, it can meet simultaneously and log in validity, Yong Huzhuan The requirement of state legitimacy, tenant's state normal shape and data access security.
This method can realize effective control of user's access by configuring by filter filter principle with code logic System, the access control of realization increase the control ability based on amount of access and the SaaS period of service, that is, ensure that the efficient of blocker Property increase safety again, while this method and system and the loose coupling of SaaS product can easily and fast carry out transplanting.
Detailed description of the invention
Fig. 1 is the schematic diagram of the data point library implementation method of multi-tenant of the invention.
Specific embodiment
A kind of data of multi-tenant divide library implementation method, by using log in verification blocker realize user log in and Seesion validity check;User Status legitimacy verifies are realized by using User Status blocker;By using tenant's shape State blocker realizes tenant's state legitimacy verifies;Data access security verification is realized by using secure access blocker.
Verification blocker is logged in,
Data can be submitted to verify access, such as user name, password;
Session value can be verified, be judged whether there is and overtime;
User Status blocker,
The lock state of user can be verified;
Whether user information can be verified comprehensively, such as subscriber mailbox;
Tenant's binding whether can be carried out to user to verify;
Real-name authentication whether can be carried out to user to verify;
Tenant's state blocker,
The lock state of tenant can be verified;
The period of service of tenant can be verified, judge it whether within the period of service;
Blocker is had secure access to,
The frequency that can be accessed according to user, verifies its safety;
The resource cost amount that can be accessed according to user, verifies its safety.
Blocker design is realized with coding, is completed by following steps:
1, verification blocker is logged in
In web.xml file in the project, configuration registry verifies blocker AuthenticationFilter, logs in school It tests blocker and first determines whether request type, be logging request or data access request.
When logging request, data are submitted to verify access, such as user name, password are returned if verification does not pass through Return login page;
When data access request, the session value of the jsession field in header in request is verified, is judged It whether there is and overtime.If there is no or session time-out, then jump to login page.
2, User Status blocker
In web.xml file in the project, configuration registry verifies blocker UserInfoStatusFilter.
2.1, user, which locks, intercepts.Redis database is inquired, judges user's lock state field, if user is locked, It then jumps to user's abnormality and reminds interface.
2.2, user information does not intercept entirely.Redis database is inquired, judges user information, if user binds mailbox etc. Necessary information is not complete, then jumps to user's abnormality and remind interface.
2.3, the unbound tenant of user intercepts.Redis database is inquired, judges whether user has bound tenant, if with The unbound tenant in family then jumps to user's abnormality and reminds interface.
2.4, the unverified interception of user.Redis database is inquired, judges whether user has carried out real name verification, if with Family does not carry out real-name authentication, then jumps to user's real-name authentication interface.
3, tenant's state blocker
In web.xml file in the project, configuration registry verifies blocker TenantInfoStatusFilter.
3.1, tenant, which locks, intercepts.Redis database is inquired, the lock state of tenant where judging user, if tenant It is locked, then it jumps to tenant's abnormality and reminds interface.
3.2, tenant's service exceeds the time limit to intercept.Redis database is inquired, the period of service state of tenant where judging user, such as Fruit then jumps to tenant and continues to pay dues and remind interface not in the period of service.
4, blocker is had secure access to
In web.xml file in the project, configuration registry verifies blocker SecurityFilter.
4.1, high-frequency access interception.When each user initiates data access, record access number, when in user 10 minutes Request number of times be more than tenant's configuration limits when, then jump to secure access remind interface.
4.2, Gao Ziyuan access interception.When each user initiates data access, the number of resources of record access function consumption, when When request total number resource in user 10 minutes is more than tenant's configuration limits, then jumps to secure access and remind interface.
This method logic is realized specific as follows:
User logs in unified intercept and rectifies and improves:
Web.xml, this filter is after all filters.
It is as follows to authenticate filter core code:
User Status filter core code is as follows:
Tenant's state filter core code is as follows:
It is as follows to have secure access to core code:
A kind of data of multi-tenant divide library to realize system, including log in verification blocker, User Status blocker, Zu Huzhuan State blocker and secure access blocker,
Log in verification blocker to access submit data (such as username and password) verified, to seesion value into Row verification judges whether there is and overtime;It is logged in and seesion validity check for user;
Configuration registry verifies blocker AuthenticationFilter in web.xml file in the project, logs in school It tests blocker and first determines whether request type, be logging request or data access request;
It when logging request, submits data to verify access, such as user name, password, is returned if verification does not pass through Return login page;
When data access request, the session value of the jsession field in header in request is verified, is judged Whether there is and time-out, if there is no or session time-out, then jump to login page;
User Status blocker verifies the lock state of user, whether is verified (example comprehensively to user information Such as subscriber mailbox), whether carry out tenant's binding to user and verify, real-name authentication whether is carried out to user verify, use In User Status legitimacy verifies;
In web.xml file in the project, User Status blocker UserInfoStatusFilter, Yong Husuo are configured It is fixed to intercept, redis database is inquired, user's lock state field is judged, if user is locked, jumps to user's exception shape State reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if user's binding mailbox etc. is necessary Information is not complete, then jumps to user's abnormality and remind interface;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is not Tenant is bound, then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user is not Real-name authentication is carried out, then jumps to user's real-name authentication interface;
Tenant's state blocker verifies the lock state of tenant, verifies to the period of service of tenant, judges it Whether in server, it to be used for tenant's state legitimacy verifies;
In web.xml file in the project, tenant's state blocker TenantInfoStatusFilter, tenant are configured Locking intercepts, and inquires redis database, and the lock state of tenant jumps to rent if tenant is locked where judging user Family abnormality reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if not In the period of service, then jumps to tenant and continue to pay dues and remind interface;
Blocker is had secure access to, its safety is verified according to user's access frequency, the resource accessed according to user Consumption verifies its safety, is used for data access security verification;
In web.xml file in the project, configuration secure access blocker SecurityFilter,
High-frequency access interception, when each user initiates data access, record access number, when in user's stipulated time When request number of times is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption works as user When request total number resource in stipulated time is more than tenant's configuration limits, then jumps to secure access and remind interface.
The technical personnel in the technical field can readily realize the present invention with the above specific embodiments,.But it answers Work as understanding, the present invention is not limited to above-mentioned specific embodiments.On the basis of the disclosed embodiments, the technical field Technical staff can arbitrarily combine different technical features, to realize different technical solutions.
Except for the technical features described in the specification, it all is technically known to those skilled in the art.

Claims (10)

1. a kind of data of multi-tenant divide library implementation method, it is characterised in that realize that user steps on by using verification blocker is logged in Record and seesion validity check;User Status legitimacy verifies are realized by using User Status blocker;By using rent Family state blocker realizes tenant's state legitimacy verifies;Data access safety school is realized by using secure access blocker It tests.
2. a kind of data of multi-tenant according to claim 1 divide library method and system, it is characterised in that log in school It tests blocker and submits data to verify access, including username and password;And seesion value is verified, judgement is No presence and time-out.
3. a kind of data of multi-tenant according to claim 2 divide library implementation method, it is characterised in that configuration registry verification Blocker logs in verification blocker and first determines whether request type, is logging request or data access request;
It when logging request, submits data to verify access, returns to login page if verification does not pass through;
When data access request, the session value of the jsession field in header in request is verified, is judged whether In the presence of and time-out, if there is no or session time-out, then jump to login page.
4. a kind of data of multi-tenant according to claim 1 divide library implementation method, it is characterised in that User Status intercepts Whether device verifies the lock state of user, verify comprehensively to user information, whether carries out tenant's binding to user It is verified, is verified to whether user carries out real-name authentication.
5. a kind of data of multi-tenant according to claim 4 divide library implementation method, it is characterised in that configuration User Status Blocker,
User, which locks, to be intercepted, and is inquired redis database, is judged that user's lock state field jumps to if user is locked User's abnormality reminds interface;
User information does not intercept entirely, inquires redis database, judges user information, if the necessary information of user is not complete, jumps Interface is reminded to user's abnormality;
The unbound tenant of user intercepts, and inquires redis database, judges whether user has bound tenant, if user is unbound Tenant then jumps to user's abnormality and reminds interface;
The unverified interception of user inquires redis database, judges whether user has carried out real name verification, if user does not carry out Real-name authentication then jumps to user's real-name authentication interface.
6. a kind of data of multi-tenant according to claim 1 divide library implementation method, it is characterised in that tenant's state intercepts Whether device verifies the lock state of tenant, verify to the period of service of tenant, judge it within the period of service.
7. a kind of data of multi-tenant according to claim 6 divide library implementation method, it is characterised in that configuration tenant's state Blocker,
Tenant, which locks, to be intercepted, and redis database is inquired, the lock state of tenant where judging user, if tenant is locked, It jumps to tenant's abnormality and reminds interface;
Tenant's service exceeds the time limit to intercept, and inquires redis database, the period of service state of tenant where judging user, if do not taken The business phase then jumps to tenant and continues to pay dues and reminds interface.
8. a kind of data of multi-tenant according to claim 1 divide library implementation method, it is characterised in that secure access intercepts Device verifies its safety according to user's access frequency, carries out school to its safety according to the resource cost amount that user accesses It tests.
9. a kind of data of multi-tenant according to claim 8 divide library implementation method, it is characterised in that configuration secure access Blocker,
High-frequency access interception, when each user initiates data access, record access number, the request within user's stipulated time When number is more than tenant's configuration limits, then jumps to secure access and remind interface;
High resource access interception, when each user initiates data access, the number of resources of record access function consumption, when user provides When request total number resource in time is more than tenant's configuration limits, then jumps to secure access and remind interface.
10. a kind of data of multi-tenant divide library to realize system, it is characterised in that including logging in verification blocker, User Status intercepts Device, tenant's state blocker and secure access blocker,
Log in verification blocker and submit data to be verified, verify to seesion value access, logged in for user and Seesion validity check;
Whether User Status blocker verifies the lock state of user, verifies comprehensively, to user to user information Whether carry out tenant's binding to verify, whether carry out user real-name authentication and verify, is used for User Status legitimacy school It tests;
Tenant's state blocker verifies the lock state of tenant, verifies to the period of service of tenant, is used for tenant's shape State legitimacy verifies;
Blocker is had secure access to, its safety is verified according to user's access frequency, the resource cost accessed according to user Amount verifies its safety, is used for data access security verification.
CN201910124100.8A 2019-02-19 2019-02-19 Multi-tenant database implementation method and system Active CN109688162B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910124100.8A CN109688162B (en) 2019-02-19 2019-02-19 Multi-tenant database implementation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910124100.8A CN109688162B (en) 2019-02-19 2019-02-19 Multi-tenant database implementation method and system

Publications (2)

Publication Number Publication Date
CN109688162A true CN109688162A (en) 2019-04-26
CN109688162B CN109688162B (en) 2021-12-21

Family

ID=66196514

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910124100.8A Active CN109688162B (en) 2019-02-19 2019-02-19 Multi-tenant database implementation method and system

Country Status (1)

Country Link
CN (1) CN109688162B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111245822A (en) * 2020-01-08 2020-06-05 北京松果电子有限公司 Remote procedure call processing method and device and computer storage medium
CN111491012A (en) * 2020-03-27 2020-08-04 北京尚医智信健康管理有限公司 SaaS multi-tenant data isolation access method and device, electronic equipment and storage medium
CN114726632A (en) * 2022-04-14 2022-07-08 天工信创(广州)信息科技有限公司 Login method, device, storage medium and processor

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102104607A (en) * 2011-03-10 2011-06-22 易程(苏州)软件股份有限公司 Method, device and system for controlling safety of service access
CN103036856A (en) * 2011-10-09 2013-04-10 镇江金软计算机科技有限责任公司 Multi-tenant system achievement based on software as a service (SAAS) application
CN103532981A (en) * 2013-10-31 2014-01-22 中国科学院信息工程研究所 Identity escrow and authentication cloud resource access control system and method for multiple tenants
US9083770B1 (en) * 2013-11-26 2015-07-14 Snapchat, Inc. Method and system for integrating real time communication features in applications
CN106878335A (en) * 2017-03-28 2017-06-20 武汉斗鱼网络科技有限公司 A kind of method and system for login authentication
CN107172038A (en) * 2017-05-11 2017-09-15 深信服科技股份有限公司 A kind of information processing method and safety service platform for being used to provide security service
CN109040066A (en) * 2018-08-01 2018-12-18 杭州安恒信息技术股份有限公司 A kind of interconnection method and device of cloud security management platform and cloud security product

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102104607A (en) * 2011-03-10 2011-06-22 易程(苏州)软件股份有限公司 Method, device and system for controlling safety of service access
CN103036856A (en) * 2011-10-09 2013-04-10 镇江金软计算机科技有限责任公司 Multi-tenant system achievement based on software as a service (SAAS) application
CN103532981A (en) * 2013-10-31 2014-01-22 中国科学院信息工程研究所 Identity escrow and authentication cloud resource access control system and method for multiple tenants
US9083770B1 (en) * 2013-11-26 2015-07-14 Snapchat, Inc. Method and system for integrating real time communication features in applications
CN106878335A (en) * 2017-03-28 2017-06-20 武汉斗鱼网络科技有限公司 A kind of method and system for login authentication
CN107172038A (en) * 2017-05-11 2017-09-15 深信服科技股份有限公司 A kind of information processing method and safety service platform for being used to provide security service
CN109040066A (en) * 2018-08-01 2018-12-18 杭州安恒信息技术股份有限公司 A kind of interconnection method and device of cloud security management platform and cloud security product

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
尹学渊等: "《虚拟化IaaS 环境安全域与访问控制模型研究》", 《小型微型计算机系统》 *
袁雪波: "《基于OpenStack的多租户数据安全保护技术研究》", 《中国优秀硕士学位论文全文数据库》 *
邓献文: "《基于多租户技术的人事共享服务中心系统的研究与实现》", 《中国优秀硕士论文库全文库 信息科技辑》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111245822A (en) * 2020-01-08 2020-06-05 北京松果电子有限公司 Remote procedure call processing method and device and computer storage medium
CN111491012A (en) * 2020-03-27 2020-08-04 北京尚医智信健康管理有限公司 SaaS multi-tenant data isolation access method and device, electronic equipment and storage medium
CN114726632A (en) * 2022-04-14 2022-07-08 天工信创(广州)信息科技有限公司 Login method, device, storage medium and processor
CN114726632B (en) * 2022-04-14 2024-04-05 广州鑫景信息科技服务有限公司 Login method, login equipment and storage medium

Also Published As

Publication number Publication date
CN109688162B (en) 2021-12-21

Similar Documents

Publication Publication Date Title
US8904549B2 (en) Server system, control method, and storage medium for securely executing access to data of a tenant
US9529993B2 (en) Policy-driven approach to managing privileged/shared identity in an enterprise
CN105871838B (en) A kind of log-in control method and customer center platform of third party's account
CN104320423B (en) Single-sign-on lightweight implementation method based on Cookie
CN105429999B (en) Unified single sign-on system based on cloud platform
US8006294B2 (en) System and method for single sign-on
CN109309683A (en) The method and system of client identity verifying based on token
CN108243183A (en) Integrated control method, system and the computer equipment of gate system
CN109688162A (en) A kind of data of multi-tenant divide library method and system
CN111314340B (en) Authentication method and authentication platform
CN107172054A (en) A kind of purview certification method based on CAS, apparatus and system
DE112012002741T5 (en) Identity and authentication procedures for the security of a cloud computing platform
CN105516160B (en) A kind of domain management object map device and unified single sign-on system
CN110417820A (en) Processing method, device and the readable storage medium storing program for executing of single-node login system
CN105162775A (en) Logging method and device of virtual machine
CN107770192A (en) Identity authentication method and computer-readable recording medium in multisystem
CN109831322B (en) Multi-system account permission centralized management method, equipment and storage medium
CN100498816C (en) Reference monitor implementing method of high safety grade operating system
CN103975567B (en) Two-factor authentication method and virtual machine facility
CN106656927A (en) Method and device for enabling Linux account to be added to AD domain
CN109547432A (en) Multisystem verification method and device, storage medium and electronic equipment
CN109962892A (en) A kind of authentication method and client, server logging in application
CN105162774A (en) Virtual machine login method and device used for terminal
CN101567785B (en) Method, system and entity for authenticating notes in network service
CN105991610A (en) Method and device for logging into application server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20211129

Address after: No. 1036, Shandong high tech Zone wave road, Ji'nan, Shandong

Applicant after: Inspur Genersoft Co.,Ltd.

Address before: 250100 No. 2877 Kehang Road, Sun Village Town, Jinan High-tech District, Shandong Province

Applicant before: SHANDONG INSPUR GENESOFT INFORMATION TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant