CN112817997A - Method and device for accessing S3 object storage by using dynamic user through distributed computing engine - Google Patents
Method and device for accessing S3 object storage by using dynamic user through distributed computing engine Download PDFInfo
- Publication number
- CN112817997A CN112817997A CN202110205107.XA CN202110205107A CN112817997A CN 112817997 A CN112817997 A CN 112817997A CN 202110205107 A CN202110205107 A CN 202110205107A CN 112817997 A CN112817997 A CN 112817997A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- service
- configuration library
- connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000013507 mapping Methods 0.000 claims abstract description 31
- 238000004364 calculation method Methods 0.000 claims abstract description 20
- 230000008859 change Effects 0.000 claims abstract description 12
- 230000002159 abnormal effect Effects 0.000 claims description 9
- 238000013479 data entry Methods 0.000 claims description 4
- 230000000694 effects Effects 0.000 abstract description 3
- 238000007726 management method Methods 0.000 description 15
- 238000010586 diagram Methods 0.000 description 5
- 238000013515 script Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000013500 data storage Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/23—Updating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/28—Databases characterised by their database models, e.g. relational or object models
- G06F16/284—Relational databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Data Mining & Analysis (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method and a device for accessing an S3 object storage by a dynamic user, comprising the following steps: the system comprises a user system mapping configuration library management unit, a calculation engine and configuration library connecting unit, an S3 user information acquisition unit and an S3 service user identity dynamic change unit. By adopting a mode of mapping a computing engine user system and an S3 object storage user system, when a user logs in a hive/spark computing engine and accesses S3 data by using an external table, login user information is automatically acquired, and when S3 object storage service is connected, connection identity information is dynamically modified, so that the problem that only fixed users can be configured in a configuration file is solved, the requirement that the service is not restarted to automatically take effect when the S3 user identity configuration is modified is met, the flexibility, the dynamics, the safety and the usability of the computing engine for accessing the object storage data are greatly improved, the stable operation of the hive/spark computing engine service is ensured, and effective support is provided for data utilization under multiple scenes of object storage.
Description
Technical Field
The invention relates to the technical field of data storage, in particular to a method and a device for accessing an S3 object storage by a dynamic user.
Background
The object storage is an open service based on distributed storage, is widely applied to the field of big data, and is used for storing unprocessed original data, including full data form data such as structured data, pictures, documents, audios and videos.
S3 is an engine widely used for building underlying data object storage of a data fuzzy platform, and the current big data offline batch processing technology has tended to be steadily mature, wherein hive/spark is a fact standard of offline batch data processing in the industry, and is a computing engine supporting multi-tenant and multi-user. The distributed computing engine may use an HDFS block file distributed storage system, or may use a plurality of data sources such as an S3 distributed object file storage system to provide data sources for business computing.
Because the HDFS and the hive/spark belong to the hadoop system and have the same user system and the same authority management mode, the method for setting the access user by adopting the user of the operating system or the using environment variable is a weak user authority mode, and the user logging in the hive/spark can be easily unified with the user accessing the HDFS data file to form the consistent user authority. However, the S3 object file storage system is a set of big data storage framework independent of hadoop system, has its own independent user system and authority set, and is strong-authority access control, and each user accessing data file is provided with a user identity, and can only access data with authority.
In addition, the data file of the S3 can be accessed only by a fixed S3 user during access, and in a distributed computing engine supporting multi-tenant and multi-user, serious data security risk exists, the advantage capability of strong authority management of S3 of multiple users is lost, and the experience of using services by the users is seriously influenced.
Disclosure of Invention
The present invention is directed to a method and apparatus for accessing an S3 object store by a distributed computing engine using dynamic users, so as to solve the problems mentioned in the background art.
In order to solve the technical problem, the invention provides a method for accessing an S3 object storage by a dynamic user, which adopts a mode of mapping a computing engine user system and an S3 object storage user system, and automatically acquires S3 user information and dynamic modification connection identity information corresponding to a login user when the user logs in a hive/spark computing engine and accesses S3 data by using an external table.
In order to achieve the purpose, the invention adopts the following technical scheme:
and establishing a thread for connecting the configuration library, connecting the thread with the configuration library, returning the normal state of the connection information, opening and connecting an interface of the configuration library, and storing the connection information into a connection pool.
Configuring a mapping relation between the hive/spark user and the S3 user; acquiring connection information of a configuration library, and opening an interface of the configuration library; analyzing the current login user information to obtain the identity information and mapping relation of the S3 user; intercepting an external table access S3 object storage service configuration library interface; changing the S3 user identity information, the external table continues to access the S3 object storage service.
And in the configuration library, returning the abnormal state of the connection information, throwing out the abnormal state, and quitting starting the hive/spark service.
And verifying the login information, analyzing the ID of the login user, returning the mapping information of the S3 user based on the ID of the login user, and writing the information of the S3 user into a hive/spark cache.
Further, the S3 user information includes: account number, fs.s3n.awsAccessKeyId, fs.s3n.awsSecretAccessKey.
Creating an S3 external table specifying an S3 file path, accessing the S3 service; setting a method for intercepting a request S3 service data entry, changing request authentication parameters based on the S3 user information and returning; returning to the S3 service data request according to the changed S3 user information; obtaining data specifying the S3 file path of the S3 external table based on the S3 service data request; and completing the S3 user request and returning a request result.
An apparatus for enabling dynamic user access S3 to an object store, comprising: the system comprises a user system mapping configuration library management unit, a calculation engine and configuration library connecting unit, an S3 user information acquisition unit and an S3 service user identity dynamic change unit.
The user system mapping configuration library management unit comprises:
and managing the mapping management functions of the hive/spark user system and the S3 user system, and increasing, inquiring, modifying and deleting the user information.
The calculation engine and configuration library connection unit is used for acquiring connection information of the configuration library and opening a connection channel with the configuration library, and comprises: the execution unit is used for acquiring a service starting command and executing the starting command; the acquisition unit is used for acquiring the connection information of the configuration database data source; the creating unit is used for creating a connection configuration library thread; and the judging unit is used for judging the connection information according to the configuration database source connection information and returning a judgment result.
The S3 user information obtaining unit, configured to parse the currently logged-in user information, and obtain S3 user information mapped with the user, where the obtaining unit includes: acquiring login information, and analyzing a login user ID; a connection configuration library, acquiring the mapped S3 user information in an S3 user system mapping table based on the login user ID, and writing the S3 user information into a live/spark calculation engine runtime cache;
the dynamic change unit of the user identity of the service accessing S3 is used for intercepting the service access S3 and changing the correct S3 user identity information, and comprises: creating an S3 external table specifying an S3 file path, accessing the S3 service; setting a method for intercepting a request S3 service data entry, changing request authentication parameters based on the S3 user information and returning; returning to the S3 service data request according to the changed S3 user information; obtaining data specifying the S3 file path of the S3 external table based on the S3 service data request; and completing the S3 user request and returning a request result.
The invention has the beneficial effects that:
when the user logs into the hive/spark calculation engine, using the external table to access the S3 data, automatically acquiring information of fs.s3n.awsAccessKeyId and fs.s3n.awsSecretAccessKey of S3 users corresponding to login users, when the connection S3 object storage service is connected, the connection identity information is dynamically modified, the problem that only fixed users can be configured in the configuration file is solved, the problem that in a multi-tenant and multi-user distributed computing engine, the security requirement of using the independent S3 user to access the data also meets the requirement of using the hive/spark external table to access the data of other S3 user data, and the requirement that the service is not restarted and automatically effective when the identity configuration of the user is modified S3 is met, the flexibility, the dynamic property, the safety and the availability of the computing engine for accessing the object storage data are greatly improved, the stable operation of the hive/spark computing engine service is ensured, and effective support is provided for the data utilization under multiple scenes of object storage.
Drawings
FIG. 1 is a diagram of a distributed computing engine using dynamic user access S3 to store objects in accordance with the present invention;
FIG. 2 is a method for a distributed computing engine to access S3 object stores using dynamic users in accordance with the present invention;
FIG. 3 is a diagram of a user system mapping configuration library management unit according to the present invention.
FIG. 4 is a schematic diagram of a hive/spark engine and a configuration library connection unit according to the present invention.
Fig. 5 is a schematic diagram of the user information obtaining unit of S3 mapping according to the present invention.
Fig. 6 is a schematic diagram of the dynamic change unit for accessing S3 the user identity configuration according to the present invention.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein.
The invention provides a method and a device for accessing an S3 object storage by a dynamic user, comprising the following steps: the system comprises a user system mapping configuration library management unit, a calculation engine and configuration library connecting unit, an S3 user information acquisition unit and an S3 service user identity dynamic change unit. By adopting a mode of mapping a computing engine user system and an S3 object storage user system, when a user logs in a hive/spark computing engine and accesses S3 data by using an external table, login user information is automatically acquired, and when S3 object storage service is connected, connection identity information is dynamically modified, so that the problem that only fixed users can be configured in a configuration file is solved, the requirement that the service is not restarted to automatically take effect when the S3 user identity configuration is modified is met, the flexibility, the dynamics, the safety and the usability of the computing engine for accessing the object storage data are greatly improved, the stable operation of the hive/spark computing engine service is ensured, and effective support is provided for data utilization under multiple scenes of object storage.
Example 1
As shown in fig. 1, an apparatus for a distributed computing engine to access S3 an object store using dynamic users, comprising: a user system mapping configuration library management unit, a calculation engine and configuration library connection unit, an S3 user information acquisition unit, and an S3 service user identity dynamic change unit, wherein:
the user system mapping configuration library management unit, as shown in fig. 3, is responsible for maintaining mapping management of the hive/spark user system and the S3 user system, and includes functions of adding, querying, modifying, deleting, etc. information of the user;
further, the management unit is configured to add new hive/spark user information, which includes hive/spark user ID, user validity, S3 user account, fs.s3n.awsa access key, and other information;
further, the management unit queries mapping information of the hive/spark user system and the S3 user system, including information of hive/spark user ID, user validity, S3 user account number, fs.s3n.awsAccessKeyId, fs.s3n.awsSecretAccessKey, and the like;
further, the management unit modifies mapping information between the hive/spark user system and the S3 user system, including hive/spark user ID, user validity, S3 user account, fs.s3n.awsAccessKeyId, fs.s3n.awsSecretAccessKey, and other information;
further, the management unit deletes the mapping information between the hive/spark user system and the S3 user system, and the user cannot access the S3 service after the deletion;
further, the management unit is configured to repeatedly perform functions of adding, querying, modifying, deleting, and the like of the user information.
Preferably, the computing engine and configuration library connection unit, as shown in fig. 4, is responsible for acquiring connection information of the configuration library when the hive/spark service is started, and opening a connection channel with the configuration library;
further, the administrator starts the service on the server through a start command of the hive/spark calculation engine service;
further, in the service starting process, connection information of the configuration database data source is obtained and returned, and the connection information includes: data source type, data source IP, port, user name, password and other connection attributes;
further, a connection configuration library thread is created, and connection with a configuration library is attempted;
further, judging the connection configuration according to the connection information, if the connection is normal, opening a connection channel, storing the connection information into a connection pool, and using the connection in a mapped S3 user information acquisition unit;
further, completing the service starting of the hive/spark calculation engine;
and further, judging the connection configuration according to the connection information, throwing out abnormal information if the connection is abnormal, and quitting the starting program.
Preferably, as shown in fig. 5, the S3 user information obtaining unit is responsible for, when the user logs in the hive/spark service, analyzing the currently logged-in user information to obtain the identity information of the S3 user mapped with the user;
further, a user logs in a hive/spark calculation engine and inputs login information such as a user account and a user password;
further, in the login process, after verifying that login information input by a user is correct, a hive/spark calculation engine intercepts the login information and analyzes the ID of the login user;
further, connecting a configuration library, judging by using a login user ID, judging whether the user ID exists in an S3 user system mapping table, and acquiring mapped S3 user information;
further, if the user ID exists, returning information such as an S3 user account, fs.s3 n.awsAccescesKeyId, fs.s3n.awsSecretAccessKey and the like of the user, and writing the information into a live/spark calculation engine runtime cache;
further, if the user ID does not exist, abnormal information is thrown out, and the user login fails.
Preferably, the accessing S3 service user identity dynamic change unit, as shown in fig. 6, is responsible for intercepting the access S3 service entry, changing the correct S3 user identity information, and continuing to access the S3 service when accessing the S3 service using the external table of hive/spark;
furthermore, after the user enters the hive/spark service, an S3 external table is created to designate an S3 file path, and SQL scripts such as query and statistics are executed to access the S3 service;
further, an entrance method setting interception of service data is requested at hive/spark S3;
further, cached S3 user identity information in the mapped S3 user information obtaining unit is used to change the request identity verification parameters, fs.s3n.awsa access key information, fs.s3 n.awsseccesseikeyid key information;
further, using the changed S3 user identity information, continuing to request S3 service data;
further, returning to the request, obtaining the data content of the external table specifying the S3 file path from the S3 service;
further, in the hive/spark calculation engine, the SQL script executed by the user is completed, and the data result is returned.
The device has the advantages that a mode of mapping a computing engine user system and an S3 object storage user system is adopted, when a user logs in a hive/spark computing engine and accesses S3 data by using an external table, information of S3 user fs.s3n.awsAccesssangKeyId and fs.s3n.awsSecretAccessKey corresponding to the logged-in user is automatically acquired, and when S3 object storage service is connected, connection identity information is dynamically modified, so that the problem that a fixed user can only be configured in a configuration file is solved, the safety requirement of using an independent S3 user to access data in a distributed computing engine with multiple tenants and multiple users is met, and other S3 user data are also met.
A method for realizing the dynamic user access S3 object storage of a distributed computing engine is disclosed, as shown in FIG. 2, the mapping relation between the hive/spark users and the S3 users is configured.
Further, the hive/spark calculation engine service is started, and the connection information of the configuration library is obtained and returned; the connection information comprises connection attributes such as data source type, data source IP, port, user name, password and the like;
further, a connection configuration library thread is created, and connection with a configuration library is attempted;
further, judging the state of a connection configuration library according to the connection information, and if the connection is normal, opening an interface of the configuration library and storing the connection information into a connection pool; and starting the hive/spark calculation engine service.
Further, analyzing the current login user information to obtain the identity information and mapping relation of the S3 user;
further, creating an S3 external table to specify a path of the S3 file, executing query, statistics and other SQL scripts, and accessing the S3 service;
further, an entrance method setting interception of service data is requested at hive/spark S3;
further, cached S3 user identity information in the mapped S3 user information obtaining unit is used to change the request identity verification parameters, fs.s3n.awsa access key information, fs.s3 n.awsseccesseikeyid key information;
further, continuing to request S3 service data using the changed S3 user identity information;
further, returning the request, obtaining the data content of the external table specifying the S3 file path from the S3 service;
furthermore, SQL scripts executed by the user are completed in the hive/spark calculation engine, and data results are returned.
Furthermore, if the state of the connection database is abnormal, the abnormal information is thrown out, and the hive/spark calculation engine is quitted to be started.
The distributed computing engine using the method for accessing the S3 object storage by using the dynamic user has the advantages that the requirement of accessing data by using the hive/spark external table is used, the requirement of automatically taking effect without restarting the service when the S3 user identity configuration is modified is met, the flexibility, the dynamics, the safety and the availability of the computing engine for accessing the object storage data are greatly improved, the stable operation of the hive/spark computing engine service is ensured, and effective support is provided for the data utilization under multiple scenes of object storage.
The devices, functional modules and functional units in the above embodiments are implemented in the form of software functional modules, and may be stored in a computer readable storage medium when they are sold or used as independent products. The computer readable storage medium mentioned above may be a read-only memory, a hard disk, an optical disk, or the like.
Any person skilled in the art can easily conceive of changes or substitutions within the technical scope of the present disclosure, and all such changes or substitutions are intended to be included within the scope of the present disclosure. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention in any way, so that any simple modification, equivalent change and modification made to the above embodiment according to the technical spirit of the present invention will still fall within the scope of the technical solution of the present invention without departing from the content of the technical solution of the present invention.
Claims (10)
1. A method for dynamic user access S3 to an object store, comprising: configuring a mapping relation between the hive/spark user and the S3 user; acquiring connection information of a configuration library, and opening an interface of the configuration library; analyzing the current login user information to obtain the identity information and mapping relation of the S3 user; intercepting an external table access S3 object storage service configuration library interface; changing the S3 user identity information, the external table proceeds to access the S3 object storage service configuration repository.
2. The method of claim 1, wherein: acquiring the connection information of the configuration library, and starting a hive/spark service before opening the interface of the configuration library, wherein the step comprises the following steps:
and establishing a thread for connecting the configuration library, connecting the thread with the configuration library, returning the normal state of the connection information, opening and connecting an interface of the configuration library, and storing the connection information into a connection pool.
3. The method of claim 2, wherein: and in the configuration library, returning the abnormal state of the connection information, throwing out the abnormal state, and quitting starting the hive/spark service.
4. The method of claim 1, wherein: verifying the login information, analyzing the ID of the login user, returning the mapping information of the S3 user based on the ID of the login user, and writing the information of the S3 user into a hive/spark cache;
the S3 user information includes: account number, fs.s3n.awsAccessKeyId, fs.s3n.awsSecretAccessKey.
5. The method according to claims 1-4, characterized in that: creating an S3 external table specifying an S3 file path, accessing the S3 service; setting a method for intercepting a request S3 service data entry, changing request authentication parameters based on the S3 user information and returning;
returning to the S3 service data request according to the changed S3 user information; obtaining data specifying the S3 file path of the S3 external table based on the S3 service data request; and completing the S3 user request and returning a request result.
6. An apparatus for enabling dynamic user access S3 to an object store, comprising:
the system comprises a user system mapping configuration library management unit, a calculation engine and configuration library connecting unit, an S3 user information acquisition unit and an S3 service user identity dynamic change unit.
7. The storage device of claim 7, wherein: the user system mapping configuration library management unit is used for managing mapping management of a hive/spark user system and an S3 user system, and comprises the following steps:
and adding, inquiring, modifying and deleting user information.
8. The storage device of claim 7, wherein: the calculation engine and configuration library connection unit is used for acquiring connection information of the configuration library and opening a connection channel with the configuration library, and comprises:
the execution unit is used for acquiring a service starting command and executing the starting command;
the acquisition unit is used for acquiring the connection information of the configuration database data source;
the creating unit is used for creating a connection configuration library thread; and the judging unit is used for judging the connection information according to the configuration database source connection information and returning a judgment result.
9. An apparatus for enabling dynamic user access S3 to an object store, comprising: the S3 user information obtaining unit, configured to parse the currently logged-in user information, and obtain S3 user information mapped with the user, where the obtaining unit includes:
acquiring login information, and analyzing a login user ID; and the connection configuration library acquires the mapped S3 user information in an S3 user system mapping table based on the login user ID, and writes the S3 user information into a live/spark calculation engine runtime cache.
10. An apparatus for enabling dynamic user access S3 to an object store, comprising: the dynamic change unit of the user identity of the service accessing S3 is used for intercepting the service access S3 and changing the correct S3 user identity information, and comprises:
creating an S3 external table specifying an S3 file path, accessing the S3 service; setting a method for intercepting a request S3 service data entry, changing request authentication parameters based on the S3 user information and returning; returning to the S3 service data request according to the changed S3 user information; obtaining data specifying the S3 file path of the S3 external table based on the S3 service data request; and completing the S3 user request and returning a request result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110205107.XA CN112817997B (en) | 2021-02-24 | 2021-02-24 | Method and device for accessing S3 object storage by using dynamic user by distributed computing engine |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110205107.XA CN112817997B (en) | 2021-02-24 | 2021-02-24 | Method and device for accessing S3 object storage by using dynamic user by distributed computing engine |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112817997A true CN112817997A (en) | 2021-05-18 |
| CN112817997B CN112817997B (en) | 2024-06-25 |
Family
ID=75865303
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110205107.XA Active CN112817997B (en) | 2021-02-24 | 2021-02-24 | Method and device for accessing S3 object storage by using dynamic user by distributed computing engine |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112817997B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117743470A (en) * | 2024-02-06 | 2024-03-22 | 中科云谷科技有限公司 | Processing system for heterogeneous big data |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002041187A1 (en) * | 2000-11-16 | 2002-05-23 | Thought, Inc. | Dynamic object-driven database manipulation and mapping system |
| CN102594899A (en) * | 2011-12-31 | 2012-07-18 | 成都市华为赛门铁克科技有限公司 | Storage service method and storage server using the same |
| CN102611705A (en) * | 2012-03-20 | 2012-07-25 | 广东电子工业研究院有限公司 | General calculation account management system and realization method thereof |
| US20160098573A1 (en) * | 2014-10-03 | 2016-04-07 | Zettaset, Inc. | Securing a Distributed File System |
| CN105656903A (en) * | 2016-01-15 | 2016-06-08 | 国家计算机网络与信息安全管理中心 | Hive platform user safety management system and application |
| CN107944004A (en) * | 2017-12-07 | 2018-04-20 | 深圳乐信软件技术有限公司 | Method, system, equipment and the storage medium of Spark SQL scheduling |
| CN108737371A (en) * | 2018-04-08 | 2018-11-02 | 努比亚技术有限公司 | Hive data access control methods, server and computer storage media |
| CN109062965A (en) * | 2018-06-28 | 2018-12-21 | 平安科技(深圳)有限公司 | Big data analysis system, server, data processing method and storage medium |
| CN109902065A (en) * | 2019-02-18 | 2019-06-18 | 国家计算机网络与信息安全管理中心 | Access distributed type assemblies external data method and device |
| CN110287660A (en) * | 2019-05-21 | 2019-09-27 | 深圳壹账通智能科技有限公司 | Access right control method, device, equipment and storage medium |
| CN111339524A (en) * | 2020-02-26 | 2020-06-26 | 浪潮软件股份有限公司 | Multi-tenant permission control method and device |
| CN111756752A (en) * | 2020-06-24 | 2020-10-09 | 北京金山云网络技术有限公司 | Method and device for controlling access authority of database and electronic equipment |
| CN111818022A (en) * | 2020-06-20 | 2020-10-23 | 深圳市众创达企业咨询策划有限公司 | User management system and method based on new generation information technology |
-
2021
- 2021-02-24 CN CN202110205107.XA patent/CN112817997B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002041187A1 (en) * | 2000-11-16 | 2002-05-23 | Thought, Inc. | Dynamic object-driven database manipulation and mapping system |
| CN102594899A (en) * | 2011-12-31 | 2012-07-18 | 成都市华为赛门铁克科技有限公司 | Storage service method and storage server using the same |
| CN102611705A (en) * | 2012-03-20 | 2012-07-25 | 广东电子工业研究院有限公司 | General calculation account management system and realization method thereof |
| US20160098573A1 (en) * | 2014-10-03 | 2016-04-07 | Zettaset, Inc. | Securing a Distributed File System |
| CN105656903A (en) * | 2016-01-15 | 2016-06-08 | 国家计算机网络与信息安全管理中心 | Hive platform user safety management system and application |
| CN107944004A (en) * | 2017-12-07 | 2018-04-20 | 深圳乐信软件技术有限公司 | Method, system, equipment and the storage medium of Spark SQL scheduling |
| CN108737371A (en) * | 2018-04-08 | 2018-11-02 | 努比亚技术有限公司 | Hive data access control methods, server and computer storage media |
| CN109062965A (en) * | 2018-06-28 | 2018-12-21 | 平安科技(深圳)有限公司 | Big data analysis system, server, data processing method and storage medium |
| CN109902065A (en) * | 2019-02-18 | 2019-06-18 | 国家计算机网络与信息安全管理中心 | Access distributed type assemblies external data method and device |
| CN110287660A (en) * | 2019-05-21 | 2019-09-27 | 深圳壹账通智能科技有限公司 | Access right control method, device, equipment and storage medium |
| CN111339524A (en) * | 2020-02-26 | 2020-06-26 | 浪潮软件股份有限公司 | Multi-tenant permission control method and device |
| CN111818022A (en) * | 2020-06-20 | 2020-10-23 | 深圳市众创达企业咨询策划有限公司 | User management system and method based on new generation information technology |
| CN111756752A (en) * | 2020-06-24 | 2020-10-09 | 北京金山云网络技术有限公司 | Method and device for controlling access authority of database and electronic equipment |
Non-Patent Citations (1)
| Title |
|---|
| 张非凡: "基于HDFS的云存储访问控制技术研究", 中国优秀硕士学位论文全文数据库(信息科技辑), 15 October 2015 (2015-10-15), pages 137 - 11 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117743470A (en) * | 2024-02-06 | 2024-03-22 | 中科云谷科技有限公司 | Processing system for heterogeneous big data |
| CN117743470B (en) * | 2024-02-06 | 2024-05-07 | 中科云谷科技有限公司 | Processing system for heterogeneous big data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112817997B (en) | 2024-06-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107948203B (en) | A kind of container login method, application server, system and storage medium | |
| US20200285978A1 (en) | Model training system and method, and storage medium | |
| US10757106B2 (en) | Resource access control method and device | |
| US10296440B2 (en) | Multi-tenant aware debugging methods and systems | |
| CN113748410B (en) | Declarative and reactive data layers for component-based user interfaces | |
| US9195707B2 (en) | Distributed event system for relational models | |
| CN114756577B (en) | Processing method of multi-source heterogeneous data, computer equipment and storage medium | |
| CN108289098B (en) | Authority management method and device of distributed file system, server and medium | |
| CN110413595B (en) | Data migration method applied to distributed database and related device | |
| WO2021115231A1 (en) | Authentication method and related device | |
| CN111581631B (en) | Single sign-on method based on redis | |
| WO2020000716A1 (en) | Big data analysis system, server, data processing method, program and storage medium | |
| US10411957B2 (en) | Method and device for integrating multiple virtual desktop architectures | |
| US20210144144A1 (en) | Computing system permission administration engine | |
| US11934548B2 (en) | Centralized access control for cloud relational database management system resources | |
| CN109271807A (en) | The data safety processing method and system of database | |
| WO2023056727A1 (en) | Access control method and apparatus, and device and readable storage medium | |
| CN112817997B (en) | Method and device for accessing S3 object storage by using dynamic user by distributed computing engine | |
| US11425132B2 (en) | Cross-domain authentication in a multi-entity database system | |
| CN109902497A (en) | A kind of access authority management method and system towards big data cluster | |
| CN116522308A (en) | Database account hosting method, device, computer equipment and storage medium | |
| US20230300077A1 (en) | Automatic testing of networks using smart contracts | |
| US11336739B1 (en) | Intent-based allocation of database connections | |
| Huang et al. | Research on Single Sign-on Technology for Educational Administration Information Service Platform | |
| CN114070856A (en) | Data processing method, device and system, operation and maintenance auditing equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |