CN109688162B - Multi-tenant database implementation method and system - Google Patents
Multi-tenant database implementation method and system Download PDFInfo
- Publication number
- CN109688162B CN109688162B CN201910124100.8A CN201910124100A CN109688162B CN 109688162 B CN109688162 B CN 109688162B CN 201910124100 A CN201910124100 A CN 201910124100A CN 109688162 B CN109688162 B CN 109688162B
- Authority
- CN
- China
- Prior art keywords
- user
- tenant
- interceptor
- state
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/148—Migration or transfer of sessions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a method and a system for realizing multi-tenant data sub-database, belonging to the technical field of computer cloud computing, wherein a login check interceptor is used for realizing user login and sesion validity check; the user state validity check is realized by using a user state interceptor; the method comprises the steps that a tenant state interceptor is used for verifying the validity of a tenant state; data access security verification is achieved through the use of a security access interceptor. A multi-tenant data sub-database implementation system is characterized by comprising a login check interceptor, a user state interceptor, a tenant state interceptor and a security access interceptor. The invention can ensure the data isolation and safety of each tenant, makes different interceptors mutually independent, meets the requirements of login effectiveness, user state validity, tenant state normality and data access safety, and is suitable for the user access control of the SaaS system.
Description
Technical Field
The invention relates to the technical field of computer cloud computing, in particular to a method and a system for realizing multi-tenant data sub-database.
Background
Multi-tenant technology (english) or multi-tenancy technology is a software architecture technology that explores how to share the same system or program components in a multi-user environment and still ensures data isolation among users.
In multi-tenant technology, a tenant (tenant) refers to a client that uses a system or computer computing resource, but in multi-tenant technology, the tenant contains all data that can be identified as a designated user in the system. The tenant is based on an application system or a computing resource developed or built by a supplier, the application system designed by the supplier can accommodate more than one user to use in the same environment, and in order to enable the environment capability of multiple users to use in the same application program and computing environment, the application program and the computing environment need to be specially designed, so that the system platform can allow multiple identical application programs to run simultaneously, and besides, the protection of the privacy and the security of tenant data is one of the keys of the multi-tenant technology.
The multi-tenant technology is one of core technologies of the SaaS application, the main research problem is the multiplexing problem of a system or an application component in a multi-tenant environment, and the key is to ensure the legality of access control of each tenant user.
Disclosure of Invention
The technical task of the invention is to provide a method and a system for realizing multi-tenant data sub-database, which can realize multi-tenant data sub-database and ensure the data isolation and safety of each tenant.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a multi-tenant data sub-database implementation method is characterized in that a login check interceptor is used for achieving user login and sessionvalidity check; the user state validity check is realized by using a user state interceptor; the method comprises the steps that a tenant state interceptor is used for verifying the validity of a tenant state; data access security verification is achieved through the use of a security access interceptor. Different interceptors are mutually independent, and the requirements of login effectiveness, user state validity, tenant state normality and data access security are met.
Preferably, the login verification interceptor verifies the access submission data, such as a user name and a password; and checking the value of the seesion to judge whether the value exists or not and whether the value is overtime.
Further, configuring a login verification interceptor AuthenticationFilter in a web.xml file in the project, wherein the login verification interceptor firstly judges the request type, namely a login request or a data access request;
when the login request is carried out, verifying the access submitted data, such as a user name, a password and the like, and returning to a login page if the verification fails;
when data access requests, the session value of the jsession field in the header in the request is checked, whether the jsession field exists or is overtime is judged, and if the jsession field does not exist or is overtime, the login page is jumped to.
Preferably, the user state interceptor checks the locking state of the user; checking whether the user information is comprehensive or not, such as a user mailbox; checking whether the user binds with the tenant; and checking whether the user performs real-name authentication.
Xml file in project, configuring user state interceptor userininfostatusfilter,
intercepting a user lock, inquiring a redis database, judging a user lock state field, and jumping to a user abnormal state reminding interface if the user is locked;
intercepting user information incompletely, inquiring a redis database, judging the user information, and jumping to a user abnormal state reminding interface if necessary information such as a user binding mailbox is incomplete;
intercepting unbound tenants of a user, inquiring a redis database, judging whether the user is bound to the tenants, and jumping to a user abnormal state reminding interface if the user is not bound to the tenants;
and (4) intercepting the user without authentication, inquiring a redis database, judging whether the user performs real-name verification, and if the user does not perform real-name authentication, jumping to a user real-name authentication interface.
Preferably, the tenant state interceptor checks the locking state of the tenant, checks the service period of the tenant, and judges whether the locking state is in the service period.
Xml file in project, configuring tenant state interceptor TenantInfoStatusFilter,
the method comprises the steps of tenant locking interception, querying a redis database, judging the locking state of a tenant where a user is located, and if the tenant is locked, jumping to a tenant abnormal state reminding interface;
and (4) the tenant service is intercepted in an overdue mode, a redis database is inquired, the service period state of the tenant where the user is located is judged, and if the service period state is not in the service period, the tenant service charge continuation reminding interface is skipped to.
Preferably, the security access interceptor verifies the security of the user according to the access frequency of the user, and verifies the security of the user according to the resource consumption of the user access.
Xml file in project, configuring security access interceptor SecurityFilter,
high-frequency access interception is carried out, the access times are recorded each time a user initiates data access, and when the request times within a set time (such as within 10 minutes) of the user exceed the configuration limit of the tenant, a safe access reminding interface is skipped;
and intercepting high resource access, recording the number of resources consumed by the access function each time a user initiates data access, and jumping to a safety access reminding interface when the total number of requested resources within a specified time (such as within 10 minutes) of the user exceeds the configuration limit of the tenant.
The invention also discloses a multi-tenant data sub-database implementation system, which comprises a login check interceptor, a user state interceptor, a tenant state interceptor and a security access interceptor,
the login check interceptor checks access submitted data (such as a user name and a password), checks a segment value and judges whether the access submitted data exist or not and whether the access submitted data exceed the set value or not; the method is used for user login and session validity check;
configuring a login verification interceptor AuthenticationFilter in a web.xml file in a project, wherein the login verification interceptor firstly judges the type of a request, namely a login request or a data access request;
when the login request is carried out, verifying the access submitted data, such as a user name and a password, and returning to a login page if the verification fails;
when a data access request is made, checking the session value of a jseision field in a header in the request, judging whether the jseision field exists or overtime, and if the jsion field does not exist or the jsion field is overtime, jumping to a login page;
the user state interceptor checks the locking state of the user, checks whether the user information is comprehensive (such as a user mailbox), checks whether the user is tenant bound, checks whether the user is real-name authenticated and is used for checking the validity of the user state;
in a web.xml file in a project, configuring a user state interceptor UserInfoStatusFilter, locking and intercepting a user, inquiring a redis database, judging a user locking state field, and if the user is locked, jumping to a user abnormal state reminding interface;
intercepting user information incompletely, inquiring a redis database, judging the user information, and jumping to a user abnormal state reminding interface if necessary information such as a user binding mailbox is incomplete;
intercepting unbound tenants of a user, inquiring a redis database, judging whether the user is bound to the tenants, and jumping to a user abnormal state reminding interface if the user is not bound to the tenants;
intercepting a user without authentication, inquiring a redis database, judging whether the user performs real-name verification, and jumping to a user real-name authentication interface if the user does not perform real-name authentication;
the tenant state interceptor checks the locking state of the tenant, checks the service period of the tenant, judges whether the tenant is in the server or not and is used for checking the validity of the tenant state;
in a web.xml file in a project, configuring a tenant state interceptor TenantInfoStatusFilter, locking and intercepting a tenant, inquiring a redis database, judging the locking state of the tenant where a user is located, and if the tenant is locked, jumping to a tenant abnormal state reminding interface;
the tenant service is intercepted in an overdue mode, a redis database is inquired, the service period state of a tenant where a user is located is judged, and if the service period state is not in the service period, a tenant renewal reminding interface is skipped;
the safety access interceptor is used for verifying the safety of the user according to the access frequency of the user and verifying the safety of the user according to the resource consumption of the user access, and is used for verifying the safety of data access;
xml file in project, configuring security access interceptor SecurityFilter,
high-frequency access interception is carried out, the access times are recorded each time a user initiates data access, and when the request times within the set time of the user exceed the tenant configuration limit, the user jumps to a safety access reminding interface;
and intercepting high resource access, recording the number of resources consumed by an access function each time a user initiates data access, and jumping to a safety access reminding interface when the total number of requested resources in the time specified by the user exceeds the configuration limit of the tenant.
Compared with the prior art, the multi-tenant data sub-database implementation method and the multi-tenant data sub-database implementation system have the following beneficial effects:
the method can realize database partitioning of multiple tenants, ensures data isolation and safety of each tenant, is suitable for user access control of the SaaS system, uses different interceptors to be mutually independent, and can simultaneously meet the requirements of login effectiveness, user state legality, tenant state normal shape and data access safety.
The method can realize effective control of user access through the filter principle through configuration and code logic, the realized access control increases the control capability based on the access amount and the SaaS service period, not only ensures the high efficiency of the interceptor, but also increases the safety, and meanwhile, the method and the system are loosely coupled with the SaaS product, and can be conveniently and quickly transplanted.
Drawings
FIG. 1 is a schematic diagram of a multi-tenant database implementation method of the present invention.
Detailed Description
A multi-tenant data sub-database implementation method is characterized in that a login check interceptor is used for achieving user login and sessionvalidity check; the user state validity check is realized by using a user state interceptor; the method comprises the steps that a tenant state interceptor is used for verifying the validity of a tenant state; data access security verification is achieved through the use of a security access interceptor.
The check interceptor is logged in to the network,
access submission data may be verified, e.g., username, password;
the session value can be checked to judge whether the session value exists or not and whether the session value is overtime or not;
a user status interceptor for intercepting a status of the user,
the locking state of the user can be verified;
whether the user information is comprehensive or not can be checked, such as a user mailbox;
whether the user binds with the tenant or not can be checked;
whether the user carries out real-name authentication or not can be verified;
a tenant state interceptor for intercepting a state of a tenant,
the locking state of the tenant can be checked;
the service period of the tenant can be checked to judge whether the tenant is in the service period;
a security access interceptor for intercepting a security access,
the security of the user can be verified according to the access frequency of the user;
the security of the user can be checked according to the resource consumption amount accessed by the user.
The design and the coding of the interceptor are realized by the following steps:
1. login check interceptor
Xml file in project, configuring login check interceptor, the login check interceptor first judges the request type, whether it is login request or data access request.
When the login request is made, verifying the access submitted data, such as a user name and a password, and if the verification fails, returning to a login page;
when the data access request is carried out, the session value of the jsession field in the header in the request is checked, and whether the jsession field exists or not and whether the jsession field is overtime or not are judged. And if the session does not exist or the session is overtime, jumping to a login page.
2. User state interceptor
Xml file in project, configuring login check interceptor userininfostatusfilter.
And 2.1, locking and intercepting the user. And querying a redis database, judging a user locking state field, and if the user is locked, jumping to a user abnormal state reminding interface.
And 2.2, not intercepting all the user information. And querying a redis database, judging user information, and if necessary information such as a user binding mailbox is not complete, jumping to a user abnormal state reminding interface.
And 2.3, intercepting unbound tenants of the user. And querying a redis database, judging whether the user is bound with the tenant, and if the user is not bound with the tenant, jumping to a user abnormal state reminding interface.
2.4, the user is not authenticated and intercepted. And querying a redis database, judging whether the user carries out real-name verification, and if the user does not carry out real-name authentication, jumping to a user real-name authentication interface.
3. Tenant state interceptor
Xml file in project, configure login check interceptor tenantlnfostatusfilter.
And 3.1, locking and intercepting the tenant. And querying a redis database, judging the locking state of the tenant where the user is located, and if the tenant is locked, jumping to a tenant abnormal state reminding interface.
And 3.2, the tenant service is intercepted for an extended period. And querying a redis database, judging the service period state of the tenant where the user is located, and if the service period state is not in the service period, jumping to a tenant renewal reminding interface.
4. Security access interceptor
Xml file in project, configuring login check interceptor SecurityFilter.
4.1, high frequency access interception. And recording the access times each time the user initiates data access, and jumping to a safety access reminding interface when the request times of the user within 10 minutes exceed the tenant configuration limit.
4.2, high resource access interception. And recording the number of resources consumed by the access function each time the user initiates data access, and jumping to a safety access reminding interface when the total number of the requested resources in 10 minutes of the user exceeds the configuration limit of the tenant.
The logic implementation of the method is as follows:
user login unified interception rectification:
xml, this filter follows all filters.
The authentication filter kernel code is as follows:
the user state filter kernel code is as follows:
the tenant state filter core code is as follows:
the secure access core code is as follows:
a multi-tenant data sub-database implementation system comprises a login check interceptor, a user state interceptor, a tenant state interceptor and a security access interceptor,
the login check interceptor checks access submitted data (such as a user name and a password), checks a segment value and judges whether the access submitted data exist or not and whether the access submitted data exceed the set value or not; the method is used for user login and session validity check;
configuring a login verification interceptor AuthenticationFilter in a web.xml file in a project, wherein the login verification interceptor firstly judges the type of a request, namely a login request or a data access request;
when the login request is carried out, verifying the access submitted data, such as a user name and a password, and returning to a login page if the verification fails;
when a data access request is made, checking the session value of a jseision field in a header in the request, judging whether the jseision field exists or overtime, and if the jsion field does not exist or the jsion field is overtime, jumping to a login page;
the user state interceptor checks the locking state of the user, checks whether the user information is comprehensive (such as a user mailbox), checks whether the user is tenant bound, checks whether the user is real-name authenticated and is used for checking the validity of the user state;
in a web.xml file in a project, configuring a user state interceptor UserInfoStatusFilter, locking and intercepting a user, inquiring a redis database, judging a user locking state field, and if the user is locked, jumping to a user abnormal state reminding interface;
intercepting user information incompletely, inquiring a redis database, judging the user information, and jumping to a user abnormal state reminding interface if necessary information such as a user binding mailbox is incomplete;
intercepting unbound tenants of a user, inquiring a redis database, judging whether the user is bound to the tenants, and jumping to a user abnormal state reminding interface if the user is not bound to the tenants;
intercepting a user without authentication, inquiring a redis database, judging whether the user performs real-name verification, and jumping to a user real-name authentication interface if the user does not perform real-name authentication;
the tenant state interceptor checks the locking state of the tenant, checks the service period of the tenant, judges whether the tenant is in the server or not and is used for checking the validity of the tenant state;
in a web.xml file in a project, configuring a tenant state interceptor TenantInfoStatusFilter, locking and intercepting a tenant, inquiring a redis database, judging the locking state of the tenant where a user is located, and if the tenant is locked, jumping to a tenant abnormal state reminding interface;
the tenant service is intercepted in an overdue mode, a redis database is inquired, the service period state of a tenant where a user is located is judged, and if the service period state is not in the service period, a tenant renewal reminding interface is skipped;
the safety access interceptor is used for verifying the safety of the user according to the access frequency of the user and verifying the safety of the user according to the resource consumption of the user access, and is used for verifying the safety of data access;
xml file in project, configuring security access interceptor SecurityFilter,
high-frequency access interception is carried out, the access times are recorded each time a user initiates data access, and when the request times within the set time of the user exceed the tenant configuration limit, the user jumps to a safety access reminding interface;
and intercepting high resource access, recording the number of resources consumed by an access function each time a user initiates data access, and jumping to a safety access reminding interface when the total number of requested resources in the time specified by the user exceeds the configuration limit of the tenant.
The present invention can be easily implemented by those skilled in the art from the above detailed description. It should be understood, however, that the intention is not to limit the invention to the particular embodiments described. On the basis of the disclosed embodiments, a person skilled in the art can combine different technical features at will, thereby implementing different technical solutions.
In addition to the technical features described in the specification, the technology is known to those skilled in the art.
Claims (6)
1. A multi-tenant data sub-database implementation method is characterized in that user login and session validity verification are achieved through a login verification interceptor; the user state validity check is realized by using a user state interceptor; the method comprises the steps that a tenant state interceptor is used for verifying the validity of a tenant state; data access security verification is achieved by using a security access interceptor;
configuring a login checking interceptor, wherein the login checking interceptor is configured,
the login verification interceptor firstly judges the request type, whether the request is a login request or a data access request;
when the login request is carried out, verifying the access submitted data, and if the verification is not passed, returning to a login page;
when a data access request is made, checking the session value of a jseision field in a header in the request, judging whether the jseision field exists or overtime, and if the jsion field does not exist or the jsion field is overtime, jumping to a login page;
configuring a user state interceptor to be used in the system,
intercepting a user lock, inquiring a redis database, judging a user lock state field, and jumping to a user abnormal state reminding interface if the user is locked;
intercepting user information incompletely, querying a redis database, judging the user information, and jumping to a user abnormal state reminding interface if the user information is necessary to be incomplete;
intercepting unbound tenants of a user, inquiring a redis database, judging whether the user is bound to the tenants, and jumping to a user abnormal state reminding interface if the user is not bound to the tenants;
intercepting a user without authentication, inquiring a redis database, judging whether the user performs real-name verification, and jumping to a user real-name authentication interface if the user does not perform real-name authentication;
configuring a tenant state interceptor, wherein the tenant state interceptor,
the method comprises the steps of tenant locking interception, querying a redis database, judging the locking state of a tenant where a user is located, and if the tenant is locked, jumping to a tenant abnormal state reminding interface;
the tenant service is intercepted in an overdue mode, a redis database is inquired, the service period state of a tenant where a user is located is judged, and if the service period state is not in the service period, a tenant renewal reminding interface is skipped;
a security access interceptor is configured to,
high-frequency access interception is carried out, the access times are recorded each time a user initiates data access, and when the request times within the set time of the user exceed the tenant configuration limit, the user jumps to a safety access reminding interface;
and intercepting high resource access, recording the number of resources consumed by an access function each time a user initiates data access, and jumping to a safety access reminding interface when the total number of requested resources in the time specified by the user exceeds the configuration limit of the tenant.
2. The method and system for implementing multi-tenant data banking according to claim 1 are characterized in that a login check interceptor checks access submission data, including a user name and a password; and checking the value of the seesion to judge whether the value exists or not and whether the value is overtime.
3. The method for implementing multi-tenant data banking according to claim 1, wherein a user state interceptor verifies a locking state of a user, whether user information is comprehensive or not, whether tenant binding is performed or not, and whether real-name authentication is performed or not.
4. The method as claimed in claim 1, wherein the tenant state interceptor checks the locking state of the tenant, checks the service period of the tenant, and determines whether the tenant is in the service period.
5. The method as claimed in claim 1, wherein the security access interceptor checks the security of the database according to the access frequency of the user, and checks the security of the database according to the resource consumption of the user.
6. A multi-tenant data sub-database implementation system is characterized by comprising a login check interceptor, a user state interceptor, a tenant state interceptor and a security access interceptor,
the login verification interceptor verifies the access submitted data and the session value, and is used for verifying user login and session validity;
the user state interceptor checks the locking state of the user, checks whether the user information is comprehensive, checks whether the user is tenant bound, checks whether the user is real-name authenticated and is used for checking the validity of the user state;
the tenant state interceptor checks the locking state of the tenant, checks the service period of the tenant and is used for checking the validity of the tenant state;
the safety access interceptor is used for verifying the safety of the user according to the access frequency of the user and verifying the safety of the user according to the resource consumption of the user access, and is used for verifying the safety of data access;
configuring a login checking interceptor, wherein the login checking interceptor is configured,
the login verification interceptor firstly judges the request type, whether the request is a login request or a data access request;
when the login request is carried out, verifying the access submitted data, and if the verification is not passed, returning to a login page;
when a data access request is made, checking the session value of a jseision field in a header in the request, judging whether the jseision field exists or overtime, and if the jsion field does not exist or the jsion field is overtime, jumping to a login page;
configuring a user state interceptor to be used in the system,
intercepting a user lock, inquiring a redis database, judging a user lock state field, and jumping to a user abnormal state reminding interface if the user is locked;
intercepting user information incompletely, querying a redis database, judging the user information, and jumping to a user abnormal state reminding interface if the user information is necessary to be incomplete;
intercepting unbound tenants of a user, inquiring a redis database, judging whether the user is bound to the tenants, and jumping to a user abnormal state reminding interface if the user is not bound to the tenants;
intercepting a user without authentication, inquiring a redis database, judging whether the user performs real-name verification, and jumping to a user real-name authentication interface if the user does not perform real-name authentication;
configuring a tenant state interceptor, wherein the tenant state interceptor,
the method comprises the steps of tenant locking interception, querying a redis database, judging the locking state of a tenant where a user is located, and if the tenant is locked, jumping to a tenant abnormal state reminding interface;
the tenant service is intercepted in an overdue mode, a redis database is inquired, the service period state of a tenant where a user is located is judged, and if the service period state is not in the service period, a tenant renewal reminding interface is skipped;
a security access interceptor is configured to,
high-frequency access interception is carried out, the access times are recorded each time a user initiates data access, and when the request times within the set time of the user exceed the tenant configuration limit, the user jumps to a safety access reminding interface;
and intercepting high resource access, recording the number of resources consumed by an access function each time a user initiates data access, and jumping to a safety access reminding interface when the total number of requested resources in the time specified by the user exceeds the configuration limit of the tenant.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910124100.8A CN109688162B (en) | 2019-02-19 | 2019-02-19 | Multi-tenant database implementation method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910124100.8A CN109688162B (en) | 2019-02-19 | 2019-02-19 | Multi-tenant database implementation method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109688162A CN109688162A (en) | 2019-04-26 |
CN109688162B true CN109688162B (en) | 2021-12-21 |
Family
ID=66196514
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910124100.8A Active CN109688162B (en) | 2019-02-19 | 2019-02-19 | Multi-tenant database implementation method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109688162B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111245822B (en) * | 2020-01-08 | 2023-03-14 | 北京小米松果电子有限公司 | Remote procedure call processing method and device and computer storage medium |
CN111491012B (en) * | 2020-03-27 | 2023-05-09 | 北京尚医智信健康管理有限公司 | SaaS multi-tenant data isolation access method and device, electronic equipment and storage medium |
CN114726632B (en) * | 2022-04-14 | 2024-04-05 | 广州鑫景信息科技服务有限公司 | Login method, login equipment and storage medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102104607A (en) * | 2011-03-10 | 2011-06-22 | 易程(苏州)软件股份有限公司 | Method, device and system for controlling safety of service access |
CN103036856A (en) * | 2011-10-09 | 2013-04-10 | 镇江金软计算机科技有限责任公司 | Multi-tenant system achievement based on software as a service (SAAS) application |
CN103532981A (en) * | 2013-10-31 | 2014-01-22 | 中国科学院信息工程研究所 | Identity escrow and authentication cloud resource access control system and method for multiple tenants |
US9083770B1 (en) * | 2013-11-26 | 2015-07-14 | Snapchat, Inc. | Method and system for integrating real time communication features in applications |
CN106878335A (en) * | 2017-03-28 | 2017-06-20 | 武汉斗鱼网络科技有限公司 | A kind of method and system for login authentication |
CN107172038A (en) * | 2017-05-11 | 2017-09-15 | 深信服科技股份有限公司 | A kind of information processing method and safety service platform for being used to provide security service |
CN109040066A (en) * | 2018-08-01 | 2018-12-18 | 杭州安恒信息技术股份有限公司 | A kind of interconnection method and device of cloud security management platform and cloud security product |
-
2019
- 2019-02-19 CN CN201910124100.8A patent/CN109688162B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102104607A (en) * | 2011-03-10 | 2011-06-22 | 易程(苏州)软件股份有限公司 | Method, device and system for controlling safety of service access |
CN103036856A (en) * | 2011-10-09 | 2013-04-10 | 镇江金软计算机科技有限责任公司 | Multi-tenant system achievement based on software as a service (SAAS) application |
CN103532981A (en) * | 2013-10-31 | 2014-01-22 | 中国科学院信息工程研究所 | Identity escrow and authentication cloud resource access control system and method for multiple tenants |
US9083770B1 (en) * | 2013-11-26 | 2015-07-14 | Snapchat, Inc. | Method and system for integrating real time communication features in applications |
CN106878335A (en) * | 2017-03-28 | 2017-06-20 | 武汉斗鱼网络科技有限公司 | A kind of method and system for login authentication |
CN107172038A (en) * | 2017-05-11 | 2017-09-15 | 深信服科技股份有限公司 | A kind of information processing method and safety service platform for being used to provide security service |
CN109040066A (en) * | 2018-08-01 | 2018-12-18 | 杭州安恒信息技术股份有限公司 | A kind of interconnection method and device of cloud security management platform and cloud security product |
Non-Patent Citations (2)
Title |
---|
《基于OpenStack的多租户数据安全保护技术研究》;袁雪波;《中国优秀硕士学位论文全文数据库》;20180315;论文第33-47页 * |
《虚拟化IaaS 环境安全域与访问控制模型研究》;尹学渊等;《小型微型计算机系统》;20190131;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN109688162A (en) | 2019-04-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112073400B (en) | Access control method, system, device and computing equipment | |
US11784823B2 (en) | Object signing within a cloud-based architecture | |
US8904549B2 (en) | Server system, control method, and storage medium for securely executing access to data of a tenant | |
EP1914658B1 (en) | Identity controlled data center | |
CN111314340B (en) | Authentication method and authentication platform | |
CN109981561A (en) | Monomer architecture system moves to the user authen method of micro services framework | |
CN109688162B (en) | Multi-tenant database implementation method and system | |
US20130081126A1 (en) | System and method for transparent single sign-on | |
CN103259663A (en) | User unified authentication method in cloud computing environment | |
CN103780580B (en) | Method, server and system for providing capability access strategy | |
CN102479304A (en) | Method, client and system for software access control | |
CN109446833A (en) | A kind of authorization check method and electronic equipment based on educational system | |
CN110290150A (en) | A kind of login validation method and login authentication device of Virtual Private Network VPN | |
CN106161348A (en) | A kind of method of single-sign-on, system and terminal | |
CN109962892A (en) | A kind of authentication method and client, server logging in application | |
RU2415466C1 (en) | Method of controlling identification of users of information resources of heterogeneous computer network | |
CN106537873B (en) | Establish the secure computing devices for virtualization and management | |
CN106936760A (en) | A kind of apparatus and method of login Openstack cloud system virtual machines | |
KR20210015757A (en) | Secure data processing | |
CN109359450A (en) | Safety access method, device, equipment and the storage medium of linux system | |
EP3036674B1 (en) | Proof of possession for web browser cookie based security tokens | |
CN101291333A (en) | Controlling method of used node number by network software | |
CN115150154B (en) | User login authentication method and related device | |
CN117240621B (en) | Processing method and device of network request, computer readable medium and electronic equipment | |
US11533306B2 (en) | Processes and method for safe of use, monitoring and management of device accounts in terminal manner |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20211129 Address after: No. 1036, Shandong high tech Zone wave road, Ji'nan, Shandong Applicant after: Inspur Genersoft Co.,Ltd. Address before: 250100 No. 2877 Kehang Road, Sun Village Town, Jinan High-tech District, Shandong Province Applicant before: SHANDONG INSPUR GENESOFT INFORMATION TECHNOLOGY Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |