KR20230150581A - Multi-tenancy Security Control System and Its Method - Google Patents

Abstract

The present invention relates to a multi-tenancy security control system and method, and more specifically, is a block diagram of an example multi-tenancy security control system 100 and a server providing the same. The multi-tenancy security control system 100 provides a multi-tenant environment with multiple tenants, stores security data collected from security equipment in the tenant assigned when a user connects, and accesses the tenant to access the tenant's metadata and/or Alternatively, for users who want to control data stored in the tenant, we provide a multi-tenant environment for security data with different levels by controlling permissions according to the user's level. To this end, multiple tenants are set as tenant groups, and users are divided into tenant groups and tenant groups. By defining corresponding nodes and nodes that correspond to tenants, each can access different tenants, and by matching users and tenants, security data is stored for each tenant, allowing cloud storage to be limited to each user accessing the cloud or to a range that fits the intended scope. This is about a multi-tenancy security control system and method that can provide security data.

Description

{Multi-tenancy Security Control System and Its Method}

The present invention relates to a multi-tenancy security control system and method, and more specifically, is a block diagram of an example multi-tenancy security control system 100 and a server providing the same. The multi-tenancy security control system 100 provides a multi-tenant environment with multiple tenants, stores security data collected from security equipment in the tenant assigned when a user connects, and accesses the tenant to access the tenant's metadata and/or Alternatively, for users who want to control data stored in the tenant, we provide a multi-tenant environment for security data with different levels by controlling permissions according to the user's level. To this end, multiple tenants are set as tenant groups, and users are divided into tenant groups and tenant groups. By defining corresponding nodes and nodes that correspond to tenants, each can access different tenants, and by matching users and tenants, security data is stored for each tenant, allowing cloud storage to be limited to each user accessing the cloud or to a range that fits the intended scope. This is about a multi-tenancy security control system and method that can provide security data.

Cloud computing, which installs software such as hardware, operating system, middleware, and applications in the data center of a service provider, connects to the data center as a service via the Internet, and uses various software in a leased form, is widely used. there is. The biggest advantage of cloud computing is the reduction of IT resource management and usage costs, and to reduce these costs, it operates in a multi-tenancy environment where multiple tenants share one integrated IT resource. As a result, the cost of IT resource use borne by individual tenants is reduced. The cloud creates a tenant for each user and deploys virtual resources such as virtual machines and virtual networks to the created tenant. Security logs and security events are collected from each tenant, and analysis and visualization are provided through the SIEM cloud service.

However, as multiple users shared the cloud space, problems arose, such as other users being able to access data within the tenant, or unauthorized users being able to access stored data.

Meanwhile, for the security of information assets, security equipment and security systems such as integrated security management systems, threat management systems, and firewalls are used, and security system providers allow customers to inquire or confirm security activities performed in the security system in a multi-tenancy environment. make it possible Security equipment and security systems refer to machines, systems, and software that operate to protect networks and/or information assets from internal and external threats, including risk management systems (RMS), threat management systems (TMS), and intrusion detection systems (IDS). ) can also be a security system, or it can be a device such as a firewall. Security attacks and security threats can be defined as attacks carried out in various ways, including DDoS, against networks and information assets to be protected.

When multiple customers access a multi-tenancy environment, other customers' security data may be leaked or attacks on the multi-tenancy environment by unauthorized users may occur. In particular, customers who receive security services through a security system can request analysis and control of security data in order to improve their security expertise. If you access an area that has not been requested beyond security data analysis (network, data, etc.), there is a problem that the customer's confidential information may be leaked, and surveillance of security data is requested only in a limited area depending on the customer's business area. Even if you want to do it, there is a disadvantage that it is difficult to provide tenants for each purpose.

The present invention was created to solve the above problems,

The object of the present invention is to include at least one server that provides a multi-tenant environment, wherein the at least one server includes a collection unit that collects security data from a plurality of security devices, and a multi-tenant environment that provides a plurality of users. A service provision unit, a matching storage unit that matches and stores collected security data with users or tenants, a user control unit that controls user permissions within a multi-tenant environment, and a tenant control unit that controls tenant metadata and data stored in the tenant. Including, the service providing unit provides a multi-tenancy security control system that provides different tenant environments according to user permissions.

The purpose of the present invention is that the user control unit includes a user information control module that controls information about users accessing the tenant environment, and an authorization module that grants permission to the tenant environment to the user, and the user information control module includes a plurality of user information control modules. Users are defined in a tree structure according to the user level, and the authorization module grants access to the tenant environment according to the defined user level, so the user's permissions vary according to the hierarchical relationship of the users defined in the tree structure, It provides a multi-tenancy security control system that is provided with a tenant environment.

The purpose of the present invention is that the multi-tenant environment consists of at least one tenant group that groups multiple tenants, and security data is stored in multiple tenants within the tenant group, and the user level given to the user by the user information control module is Multi-tenancy security control in which users at multiple levels can be provided with a tenant group consisting of multiple tenants, including the first level corresponding to the tenant group and the lower level of the first level, including the second level corresponding to the tenant. providing a system.

The purpose of the present invention is to grant different permissions to users depending on the user level, so that the first level user can access and control at least one tenant in the tenant group, and the first level user can access and control the tenant. Level 2 users correspond to one tenant and are granted authority to control the tenant's metadata and security data within the tenant, providing a multi-tenancy security control system in which multiple users in a single tenant are provided with different tenant environments. It is done.

The purpose of the present invention is that the user level further includes a third level defined as a lower level of the second level, and the authorization module is configured to grant permission to the tenant corresponding to the higher second level user for the third level user. It provides a multi-tenancy security control system that allows security data to be monitored within a limited scope by granting permission to view security data.

The purpose of the present invention is that the tenant control unit includes a tenant group control module that controls metadata of the tenant group, a tenant control module that controls metadata of the tenant and security data stored in the tenant, and whether or not the tenant control unit is controlled is determined. It provides a multi-tenancy security control system determined by user level.

The purpose of the present invention is that the tenant group control module performs at least one of creating, querying, changing, and deleting the metadata of the tenant group, and the tenant control module generates, queries, changes, and deletes the metadata of the tenant. Multi-tenant that allows you to change or add users who can access the tenant or change the tenant environment provided to users by performing at least one of the following: querying, changing, and deleting security data stored in the tenant. It provides a city security control system.

The purpose of the present invention is that the server further includes a command request unit that receives a request for control of the user or tenant environment from the user, and the service provider transmits the user's control request to the user control unit or tenant control unit to grant the user's authority on the user side. and providing a multi-tenancy security control system capable of controlling tenant information.

The purpose of the present invention is to collect and store security data from a plurality of security devices, a collection step of receiving a control request from a user, a tenant control step of controlling one or more data among a tenant group or tenant, and a collection step of collecting and storing security data from a plurality of security devices. It provides a multi-tenancy security control method that provides different multi-tenant environments according to user permissions, including the step of matching users or tenants and storing them for each tenant.

The purpose of the present invention further includes the step of checking and responding to a control request from the user, wherein the tenant control step controls data of one or more of the tenant group or tenant according to the user's authority, The multi-tenant environment provided to users consists of at least one tenant group that groups multiple tenants, and security data is stored in multiple tenants within the tenant group. The user level that defines the user's rights is the corresponding tenant group. A multi-tenancy security control method that allows multiple levels of users with different permissions, including the first level and the second level corresponding to the tenant, to be provided with different tenant environments through the same tenant. It is provided.

The purpose of the present invention is that the control request is a control request for user information, and the multi-tenancy security control method includes a user information control step of performing at least one of user information creation, modification, and deletion after confirming the authority of the user who requested control. , Provides a multi-tenancy security control method that determines whether or not to perform a control request according to the authority of the user who has requested control of user information by further including a authority control step to grant or control authority according to the level of the user to be controlled. It is done.

The purpose of the present invention is that, in the tenant control step, for a first level user, a node in the tenant group is defined to correspond to the first level user, the node is connected to at least one tenant in the tenant group, and the second level user is connected to the second level user. For users, it provides a multi-tenancy security control method that supports different tenant environments for multiple users within limited resources by defining tenants in the tenant group to correspond to second-level users.

In order to achieve the above-described object, the present invention is implemented by an embodiment having the following configuration.

According to one embodiment of the present invention, the present invention includes at least one server that provides a multi-tenant environment, wherein the at least one server includes a collection unit that collects security data from a plurality of security devices and a plurality of users. A service provision department that provides a multi-tenant environment, a matching storage department that matches and stores collected security data with users or tenants, a user control department that controls user permissions within the multi-tenant environment, and tenant metadata and stored in the tenant. It includes a tenant control unit that controls data, and the service provision unit provides different tenant environments according to the user's permissions.

According to one embodiment of the present invention, the user control unit is characterized by including a user information control module that controls information on users accessing the tenant environment, and an authorization module that grants the user authority to the tenant environment.

According to one embodiment of the present invention, the user information control module defines a plurality of users in a tree structure according to user level, and the authorization module grants access to the tenant environment according to the defined user level. Do it as

According to one embodiment of the present invention, a multi-tenant environment is composed of at least one tenant group that groups a plurality of tenants, and security data is stored in a plurality of tenants within the tenant group, and the user information control module grants the user The user level is defined as a first level corresponding to the tenant group and a lower level of the first level, and is characterized by including a second level corresponding to the tenant.

According to one embodiment of the present invention, the authorization module grants different permissions to users depending on the user level, and allows the first level user to access and control at least one tenant in the tenant group. , The second level user corresponds to one tenant and is characterized by granting authority to control the tenant's metadata and security data within the tenant.

According to one embodiment of the present invention, the user level further includes a third level defined as a lower level of the second level, and the authorization module corresponds to a higher second level user for the third level user. It is characterized by granting permission to view the security data of the tenant.

According to an embodiment of the present invention, the tenant control unit includes a tenant group control module that controls metadata of the tenant group, a tenant control module that controls metadata of the tenant and security data stored in the tenant, and the tenant control unit Control is determined depending on the user level.

According to one embodiment of the present invention, the tenant group control module performs at least one of creating, searching, changing, and deleting metadata of the tenant group, and the tenant control module creates, searches, and changes metadata of the tenant. , performing at least one of deletion, and performing at least one of searching, changing, and deleting security data stored in the tenant.

According to one embodiment of the present invention, the server further includes a command request unit that receives a request for control of the user or tenant environment from the user, and the service provider transmits the user's control request to the user control unit or tenant control unit. do.

According to one embodiment of the present invention, a collection step of collecting and storing security data from a plurality of security devices, a step of receiving a control request from a user, a tenant control step of controlling one or more data of a tenant group or tenant, and the collected It is characterized by providing a different multi-tenant environment according to the user's permissions, including the step of matching security data with a user or tenant and storing it for each tenant.

According to one embodiment of the present invention, it further includes the step of checking the user's authority and responding to the control request from the user, and the tenant control step is to collect data of one or more of the tenant group or tenant according to the user's authority. The multi-tenant environment provided to the user is composed of at least one tenant group that groups multiple tenants, so security data is stored in multiple tenants within the tenant group, and the user level that defines the user's rights is the tenant group. It is defined as a first level corresponding to and a lower level of the first level and is characterized by including a second level corresponding to the tenant.

According to one embodiment of the present invention, a control request is a control request for user information, and the multi-tenancy security control method is performed by a user performing at least one of creating, changing, and deleting user information after confirming the authority of the user who requested control. It is characterized by further comprising an information control step and an authority control step for granting or controlling authority according to the level of the user to be controlled.

According to one embodiment of the present invention, the tenant control step defines a node in the tenant group to correspond to the first level user, connects the node to at least one tenant in the tenant group, For second-level users, a tenant within the tenant group is defined to correspond to the second-level user.

According to one embodiment of the present invention, the control request is a control request for a tenant group or tenant data, and the tenant control step performs at least one of creating, viewing, changing, and deleting metadata for the tenant group. , Characterized by performing at least one of creating, searching, changing, and deleting metadata of the tenant for the tenant, and performing at least one of searching, changing, and deleting security data stored in the tenant.

The present invention can achieve the following effects by combining the above-mentioned embodiment with the configuration, combination, and use relationship described below.

The present invention includes at least one server that provides a multi-tenant environment, wherein the at least one server includes a collection unit that collects security data from a plurality of security devices, and a service system that provides a multi-tenant environment to a plurality of users. It includes a matching storage unit that matches and stores the studied and collected security data with users or tenants, a user control unit that controls user permissions in a multi-tenant environment, and a tenant control unit that controls tenant metadata and data stored in the tenant. , The service provision unit has the effect of providing different tenant environments depending on the user's permissions.

In the present invention, the user control unit includes a user information control module that controls information about users accessing the tenant environment, and an authorization module that grants permission to the user to the tenant environment, and the user information control module is configured to control information about users accessing the tenant environment. is defined in a tree structure according to the user level, and the authorization module grants access to the tenant environment according to the defined user level, so that the user's permissions vary depending on the hierarchical relationship of the user defined in the tree structure, creating a different tenant environment for each user. can be provided.

In the present invention, a multi-tenant environment consists of at least one tenant group that groups a plurality of tenants, and security data is stored in a plurality of tenants within the tenant group, and the user level granted to the user by the user information control module is the tenant group. It is defined as the first level corresponding to and the lower level of the first level, and users of multiple levels, including the second level corresponding to the tenant, can be provided with a tenant group consisting of multiple tenants.

In the present invention, the authorization module grants different permissions to users depending on the user level, and allows the first level user to access and control at least one tenant in the tenant group, and the second level user to control the tenant. The effect of providing a multi-tenancy security control system in which multiple users in a single tenant are provided with different tenant environments by corresponding to one tenant and granting authority to control the tenant's metadata and security data within the tenant. has

In the present invention, the user level further includes a third level defined as a lower level of the second level, and the authorization module provides security data of the tenant corresponding to the upper second level user for the third level user. This has the effect of allowing security data to be monitored within a limited scope by granting permission to view it.

In the present invention, the tenant control unit includes a tenant group control module that controls the metadata of the tenant group, a tenant control module that controls the metadata of the tenant and security data stored in the tenant, and whether or not the tenant control unit is controlled is determined at the user level. Gives an effect determined by .

In the present invention, the tenant group control module performs at least one of creating, querying, changing, and deleting the metadata of the tenant group, and the tenant control module performs at least one of creating, querying, changing, and deleting the metadata of the tenant. By performing the above and performing at least one of inquiry, change, and deletion of security data stored in the tenant, users who can access the tenant can be changed or added, or the tenant environment provided to the user can be changed.

In the present invention, the server further includes a command request unit that receives a request for control of the user or tenant environment from the user, and the service provider transmits the user's control request to the user control unit or tenant control unit to control the user's authority and tenant on the user side. Information control is possible.

The present invention includes a collection step of collecting and storing security data from a plurality of security devices, a step of receiving a control request from a user, a tenant control step of controlling one or more data among a tenant group or tenant, and a collection step of collecting and storing security data from a plurality of security devices. It has the effect of providing a different multi-tenant environment depending on the user's permissions, including the step of matching with the tenant and storing it for each tenant.

The present invention further includes the step of checking and responding to the control request from the user, and the tenant control step controls one or more data of the tenant group or tenant according to the user's authority, and provides The provided multi-tenant environment consists of at least one tenant group that groups multiple tenants, and security data is stored in multiple tenants within the tenant group, and the user level that defines the user's rights is the first corresponding to the tenant group. Level, defined as a lower level of the first level, allows multiple levels of users with different permissions, including the second level corresponding to the tenant, to be provided with different tenant environments through the same tenant.

In the present invention, a control request is a control request for user information, and the multi-tenancy security control method includes a user information control step of performing at least one of creating, changing, and deleting user information after confirming the authority of the user who requested control. By further including a permission control step to grant or control permissions according to the level of the target user, a multi-tenancy security control method can be provided that determines whether or not to perform a control request according to the permissions of the user who has requested control of user information. there is.

In the present invention, the tenant control step defines a node in the tenant group to correspond to the first level user, connects the node to at least one tenant in the tenant group, and connects the node to the second level user. In contrast, by defining tenants within the tenant group to correspond to second-level users, it has the effect of supporting different tenant environments for multiple users within limited resources.

1 is a block diagram of a multi-tenancy security control system according to an embodiment of the present invention.
Figure 2 is a schematic diagram showing a server and a multi-tenant environment provided according to an embodiment of the present invention.
Figure 3 is a diagram showing the tree structure of user groups and each user's access to the tenant.
Figure 4 is a diagram showing access to and control of user information and tenants according to user level.
Figure 5 is a diagram showing that users at each level are defined as nodes within a tenant group according to an embodiment of the present invention.
Figure 6 is a flowchart of a multi-tenancy security control method according to an embodiment of the present invention.
FIG. 7 is a diagram showing the tenant control step of FIG. 5
Figure 8 is a flow chart of a multi-tenancy security control method according to another embodiment of the present invention.

Hereinafter, preferred embodiments of the multi-tenancy security control system and method according to the present invention will be described in detail with reference to the attached drawings. In the following description of the present invention, if a detailed description of a known function or configuration is judged to unnecessarily obscure the gist of the present invention, the detailed description will be omitted. Unless otherwise specified, all terms in this specification have the same general meaning as understood by a person skilled in the art to which the present invention pertains, and if there is a conflict with the meaning of the terms used in this specification, this specification Follow the definitions used in the specification.

Throughout the specification, when a part "includes" a certain component, this does not mean excluding other components unless specifically stated to the contrary, but also means that other components may also be included. Terms such as "~unit" and "~module" described refer to a unit that processes at least one function or operation, and may be implemented as hardware, software, or a combination of hardware and software.

When a component is said to be "connected" or "connected" to another component, it is understood that it may be directly connected to or connected to the other component, but that other components may exist in between. It should be. Hereinafter, the present invention will be described in detail by explaining preferred embodiments of the present invention with reference to the accompanying drawings.

Multi-Tenancy is the sharing of services by multiple tenants based on virtualization technology and the same infrastructure in a computing environment. It runs a single instance of software to provide services to multiple clients or tenants such as companies and organizations. It means providing, and may include SaaS Platform, cloud service system, or cloud service center. One tenant is one object that uses a service, and one tenant can be accessed by at least one user. At this time, a predetermined number of tenants may be defined as a tenant group. A tenant group is an object that manages at least one tenant, and the subject accessing the tenant group may be a single client or an administrator for multiple clients.

Figure 1 is a block diagram of a multi-tenancy security control system 100 and a server providing the same according to a preferred embodiment of the present invention. The multi-tenancy security control system 100 provides a multi-tenant environment with multiple tenants, stores security data collected from security equipment in the tenant assigned when a user connects, and accesses the tenant to access the tenant's metadata and/or Alternatively, for users who wish to control data stored in the tenant, permissions are controlled according to the user's level, providing a secure data multi-tenant environment with different levels. To this end, multiple tenants are set as tenant groups, users are defined as nodes corresponding to the tenant group and nodes corresponding to the tenant so that each can access different tenants, and security data is stored for each tenant by matching users and tenants. By storing it, security data can be provided in a range that is limited or fits the intended scope for each user accessing the cloud. The multi-tenancy security control system 100 or the server that constitutes it is a controller that performs operations, control, etc., and can control input/output and internal operations related to each configuration of the device connected to the processor. The server transmits various commands and signals to connected components, including each component of the multi-tenancy security control system 100, so that each component can perform functions including feature extraction according to the present invention. The processor may include a collection unit 10, a service provision unit 20, a user control unit 30, a tenant control unit 40, a matching storage unit 60, and a command request unit 70.

The collection unit 10 is equipped to collect security data from a plurality of security devices. In a preferred embodiment of the present invention, the security data may be a log related to security. Logs include source IP information, destination IP information, source port information, destination port information, host information, payload information, and HTTP referrer ( It may include at least one of hypertext transfer protocol referer) information and information on the number of security events. The security data may be a log converted to a regular format. As an example, a normalized log may consist of data including fields including Time, Type, SentIP, DestIP, Payload, etc. At this time, Time is the detection time of the event, Type is the type of event, SentIP is the source IP, DestIP is the destination IP of the event, Payload can be attack information contained in the log, and the country that generated the security event through IP information. Information can also be stored as fields. Connected security devices may be implemented in hardware and/or software, such as routers and firewalls, and may be multiple devices forming multiple network environments.

The collection unit 10 may store the collected security data in the security data DB 11. As shown in FIG. 2, the security data DB 11 is isolated from the cloud 200 within the server, and the matching storage unit 60, which will be described later, stores the security data stored in the security data DB 11 to each tenant. By matching and storing, users accessing the cloud 200 can access security data stored within the tenant.

The service provider 20 is configured to provide a multi-tenant environment to a plurality of users, and the service provider 20 can operate as a platform that provides services by connecting to a SaaS provider. Therefore, in order to provide a multi-tenant environment (service) to users on the cloud, the service provider 20 receives information about users and/or tenants from the user control unit 30 and tenant control unit 40, which will be described later, and provides information to the user. A suitable interface and tenant environment can be provided. In other words, different tenant environments can be provided depending on the user's permissions. Additionally, a command request from the command request unit 70, which will be described later, can be transmitted to the user control unit 30 and the tenant control unit 40. The service provision unit 20 may include a user provision module 21 and a tenant provision module 23.

The user-provided module 21 may be provided to configure and provide an appropriate interface when the user connects and/or accesses. In one embodiment of the present invention, the user provision module 21 may provide different interfaces according to the user's authority, which varies depending on the user level. The user provision module 21 receives user information including the user ID from the user control unit 30, which will be described later, and provides corresponding Provides a range of interfaces. The user provided module 21 can enable the user to access and/or control the tenant, request commands within a limited or desired range, and control the user through the interface.

The tenant provision module 23 is provided to provide a tenant environment corresponding to the user. In contrast to the interface being provided to the user through the user provision module 21, the tenant metadata and security data stored in the tenant can be provided through the tenant provision module 23, and the user information and corresponding Tenant information may be presented. At this time, the tenant information includes the tenant metadata and security data stored within the tenant, and information of multiple tenants or information of tenant groups may be provided so that multiple tenants can be accessed depending on the user's level.

The user control unit 30 may be provided to control user information and/or user rights within a multi-tenant environment. At this time, control includes creation, inquiry, change, and deletion. That is, the user control unit 30 can create information about a new user, or view, change, and delete information about an existing user. Additionally, the user control unit 30 can grant authority according to the level granted to the user, and for this purpose, the user information may include the user's level. As will be described later, it is desirable to understand that the user's level is connected to the tenant environment provided to the user. The user control unit 30 includes a user information control module 31 and an authorization module 33.

The user information control module 31 may be provided to control information of users accessing the tenant environment. As can be seen in FIGS. 2 and 3, the user information control module 31 can define a plurality of users defined as user groups (UG) in a tree structure according to user level. In one embodiment of the present invention, the user information may include information for identifying the user (including ID) and the user's level. Through user identification, the tenant and/or tenant group corresponding to the user can be called up.

In a preferred embodiment, the user level provided to the user by the user information control module may include a first level, a second level, and a third level. Here, the first level corresponds to a tenant group, and the second level, defined as a lower level of the first level, and the third level, defined as a lower level of the second level, may correspond to a predetermined tenant. In one embodiment as shown in FIG. 3, the first level user corresponding to a tenant group that groups at least one tenant may be defined as a tenant group (TG) manager, and the second level user corresponding to the tenant may be defined as a tenant group (TG) manager. can be defined as the tenant (T) owner. Additionally, in the tree structure, the third level user, which is defined as a lower level of the second level user, is defined as a tenant (T) watcher. At this time, it can be understood that the tenant (T) monitor, a third-level user, can only access tenants assigned to or corresponding to the tenant (T) owner, a higher-level user. Accordingly, the tree structure from at least one first level user to a plurality of third level users can form one user group (UG), and a plurality of user groups (UG) are provided with a multi-tenancy environment. Accordingly, a plurality of tenant groups (TG) may be provided in correspondence to a user group (UG). In another embodiment not shown, the user level given to the user by the user information control module may further include lower levels of the third level. User information according to the tree structure may be stored in a database in the cloud, which will be described later, or may be stored in the user control unit 30. The user information for a given user may include the user's identification information linked up and down with the user's level so as to have a tree structure.

The authorization module 33 may be provided to grant access to the tenant environment to a user according to a defined user level. Here, access rights may include metadata of the tenant or tenant group, rights to access and control security data stored in the tenant, and rights to control user information. In a preferred embodiment of the present invention, the authorization module 33 can grant different authorizations to users depending on the user level.

Referring to FIG. 4, the authorization module 33 grants permission for user information control and/or tenant control to the user according to the user level. The user at the first level has at least one user in the tenant group. Permission may be granted to access and control a tenant. In addition, the second-level user corresponds to one tenant and may be authorized to control the tenant's metadata and security data within the tenant, and the second-level user is a higher level than the third-level user. Permission may be granted to query the security data of the tenant corresponding to the . At this time, as described above, control includes creation, inquiry, change, and deletion actions. In detail, the tenant group manager, who is a first-level user, may be authorized to create, view, change, and delete metadata about accessible tenant groups and tenants, and security data stored in accessible tenants. The tenant owner, a second-level user, can be granted permission to access the tenant corresponding to the user on a one-to-one basis and create, view, change, and delete security data stored in the tenant. A tenant monitor, a third-level user, may be authorized to inquire about security data stored in a tenant assigned to a higher-level, second-level user.

Additionally, the first level user may be authorized to control user information for users of the same layer (same level) or lower level users. At this time, control of user information may include at least one of creation, inquiry, change, and deletion. In a preferred embodiment of the present invention, in the case of a first-level user, access can be blocked so that only the user information of users defined as nodes in the same tenant group can be accessed, and access to other tenant groups cannot be accessed, as will be described later. there is. Correspondingly, the second-level user can also be authorized to control user information for lower-level users directly connected to the user (the corresponding second-level user) in the same tenant group. In another embodiment of the present invention, when the third level lower level is defined, the authorization module 33 may grant the third level user the authority to control the user information of the lower level user. Through this, one tenant can be connected to multiple users, and even if one tenant is provided to multiple users, a different tenant environment can be provided for each user, allowing IT resources to be distributed more effectively on the server.

Referring to Figures 1 and 5, the tenant control unit 40 is configured to control the tenant's metadata and data stored in the tenant, and is configured to control the tenant and/or tenant group so that the user can control the tenant according to the user's permissions. You can connect users and control metadata of tenants and tenant groups and security data stored in the tenant in response to the user's permissions. The control includes at least one of creation, change, and deletion. The tenant control unit 40 may include a tenant group control module 41 and a tenant control module 43.

The tenant group control module 41 can define or create a tenant group to include at least one tenant and control metadata of the tenant group. The metadata of the tenant group may include identification information of the tenant group, identification information about users such as the ID of the corresponding first-level user, and information about security data stored in tenants within the tenant group. Additionally, the tenant group control module 41 can connect users and tenant groups.

As shown in FIGS. 3 and 5, the tenant group control module 41 can allow a first-level user within the user group (UG) to access and control the tenant group and/or tenant. The first-level user By defining as a node in the tenant group (TG), the first level user and the tenant group can be connected. At this time, the node is a concept that occupies or moves around the space on the server defined by the tenant and/or tenant group, and the range of accessible tenants of the node within the tenant group may be defined or limited so that it can access at least one tenant. . Access can be performed by matching the identification information of the tenant and node, which will be described later.

The tenant control module 43 can define or create a tenant within a tenant group and control the tenant's metadata and/or security data stored in the tenant. Tenant metadata may include tenant identification information, user identification information such as the ID of the corresponding first to third level user, and information about security data stored in the tenant. That is, security data stored in the tenant can be defined or determined by the tenant control module 43. Additionally, the tenant control module 43 can connect users and tenants.

The tenant control module 43 can enable second-level users within the user group (UG) to control the tenant and security data stored in the tenant, and defines the second-level users as nodes within the tenant (T) to control the second level user. You can connect level users and tenants. At this time, since each tenant is logically isolated from each other, the second level user can be understood as having a one-to-one correspondence with the tenant. Third-level users can also be defined as nodes in the tenant (T). Third-level users are lower levels of second-level users, and multiple third-level users can be defined under one second-level user. It is desirable to understand that there is a many-to-one correspondence with the tenant.

The matching storage unit 60 matches the collected security data with users or tenants and stores the security data within each tenant. To this end, each tenant can provide space to store security data within the tenant. In a preferred embodiment, the matching storage unit 60 can match and store security data defined or determined to be stored in the tenant control module 43. The matching storage unit 60 stores security data corresponding to the tenant's metadata within the tenant, and may store it by matching it with at least one of the user's identification information and the tenant's identification information. The matching storage unit 60 matches the identification information of the tenant with the identification information of the user connected to the tenant and stores the corresponding security data in the tenant. For this purpose, under the control of the user control unit 30 and the tenant control unit 40 described above, the tenant identification information (Tn), the identification information of the user connected to the tenant (Un), and information about security data to be stored in the tenant are stored as data. It can be stored in the database within the server in the form of a table.

Referring again to FIG. 1, the command request unit 70 may be configured to receive a request for control of the user or tenant environment from the user and return the configured tenant environment to the user. The command request unit 70 may be configured separately within the server, but may also be provided as an embedded object within the service providing unit 20 described above. The command request unit 70 includes an input module 71 and an output module 73.

The input module 71 may be equipped to accept and transmit command requests from the user. The user can request control of user information, information as metadata about the tenant group or tenant, and security data stored in the tenant, and a request for a control command can be transmitted through the input module 71. The input module may be equipped to request a command within an interface implemented through the user-provided module 21.

The output module 73 may be equipped to display control results as a result of a command request and/or information stored in the tenant to the user. The output module may be provided to display to the user the result of a control request, information as metadata about the tenant/multi-tenant, or security data within the tenant within the interface implemented through the tenant provision module 23.

Hereinafter, the multi-tenancy security control method (S) according to an embodiment of the present invention will be described with reference to FIGS. 6 to 8. The multi-tenancy security control method (S) provides a multi-tenant environment with multiple tenants, stores security data collected from security equipment in the tenant assigned when the user connects, and accesses the tenant to collect the tenant's metadata and /Or, for users who wish to control data stored in the tenant, a multi-tenant environment of security data with different levels is provided by controlling authority according to the user's level. To this end, multiple tenants are set as tenant groups, users are defined as nodes corresponding to the tenant group and nodes corresponding to the tenant so that each can access different tenants, and security data is stored for each tenant by matching users and tenants. By storing it, security data can be provided in a range that is limited or fits the intended scope for each user accessing the cloud. The multi-tenancy security control method (S) may include a collection step (S10), a user information control step (S20), and a tenant control step (S30). At this time, the user control step (S20) and the tenant control step (S30) can be understood as steps that can be performed independently of each other.

The collection step (S10) is a process of collecting and storing security data from a plurality of security devices, and can be performed by the collection unit 10 described above collecting security data from a plurality of security devices. The collected security data can be stored in the security data DB 11 and is isolated from the cloud that users can access.

Referring to Figures 6 and 7, the user control step (S20) can be understood as a series of processes performed in the multi-tenancy security control system 100 or the server according to the user's user information control request. The user control step (S20) includes receiving a control request from the user (S21), checking the user's permissions (S22), user information control step (S23), permission control step (S24), and tenant control step (S25). ), a matching storage step (S27), and a display step (S29).

The step of receiving a control request from the user (S21) is a step of receiving a control request for user information input from the user through the command request unit. The control request for user information is transmitted from the command request unit 70 to the service provider. It can be transmitted to the user control unit 30 through (20). In a preferred embodiment, the user information control request is a user requesting control of user information among the controls shown in FIG. 4, which includes control of user information of first to third level users of the first level user. Request, may include a request for control of user information of a third-level user from a second-level user, and may include a request for control of user information of a lower-level user from a higher-level user when a user level is added. I understand. Control of user information may include adding users through creation of user information, changing user information, and deleting user information.

The step of checking the user's authority (S22) is a process of checking the user's authority after receiving the control request from the user control unit 30 to determine whether to approve the command. The input user's control request contains the requesting user's identification information. may be transmitted along with the command, and the user control unit 30 may determine whether to execute the command by checking the authority of the user. For example, a second-level user controlling the user information of a first-level user can be prevented through the authority check.

The user information control step (S23) is a step of controlling user information according to a control request. As described above, control including adding a user through creation of user information, changing user information, and deleting user information controls user information. This can be performed through the module 31.

The authority control step (S24) is a step of controlling the authority of the user when a user is added or the user's authority is changed, and can be performed in the authority granting module 33. Depending on the level of the user input through the command request unit or defined in the user identification information, different control rights for user information and tenants may be granted.

Referring to FIG. 7, the tenant control step (S25) is a process of controlling metadata of nodes and/or tenants defined as users in a multi-tenant environment according to the user's authority and control. As described above, a user can be defined as a node within a tenant group or as a node within a corresponding tenant. Users can be defined in a multi-tenant environment by defining or changing nodes, and users can be defined by defining metadata of the tenant. Depending on the addition, you can add a new tenant or change the tenant group and tenant metadata. The tenant control step (S25) may include a node control step (S251) and a metadata control step (S253).

The node control step (S251) is a process of defining or changing a node corresponding to a tenant group or a user within the tenant. It can be performed in the tenant control unit 40, and defines a node within the tenant group or tenant depending on the level of the user. do.

The metadata control step (S253) is a process of controlling the metadata of the tenant or tenant group, which creates a tenant or defines the node as a user who can access the metadata of the tenant or tenant group. Through this, the user and tenant or Tenant groups can be connected. In one embodiment of the present invention, when a first-level user and a third-level user are added, a node is defined in the tenant group or tenant in the node control step (S251), and then the metadata of the tenant is stored in the metadata control step (S253). By connecting the first level user and the third level user so that they can be accessed, connection between users, tenants, and tenant groups is possible. In contrast, when a second-level user is added, since the second-level user and the tenant correspond one-to-one, the addition of the user can be achieved by creating a tenant and then defining the node of the second-level user within the tenant.

The matching storage step (S27) is a process of matching the collected security data with users or tenants and storing the security data within each tenant, and can be performed by the matching storage unit 60 described above. The matching storage unit receives security data from the collection unit 10 or the security data DB 11, receives metadata of the tenant and tenant group from the tenant control unit, matches the security data, and stores it. Additionally, user information can be received from the user control unit, and security data can be matched and stored. In particular, when a new tenant corresponding to the second level user is added as the second level user is added in the user information control step, the identification information of the added second level user is matched with the identification information of the tenant to collect security data within the tenant. can be saved.

The display step (S29) is a process of displaying the stored security data and tenant environment to the user, and can be performed through the output module 73.

Referring to FIG. 8, the tenant control step (S30) can be understood as a series of processes performed in the multi-tenancy security control system 100 or the server according to the user's tenant control request. The tenant control step (S30) includes receiving a control request from the user (S31), checking the user's permissions (S32), responding after checking permissions (S33), tenant control step (S35), and matching storage step. (S37) and a display step (S39).

The step of receiving a control request from the user (S21) is a step of receiving a control request for a tenant and/or tenant group input from the user through a command request unit, and the control request for the tenant and/or tenant group is a command request. It may be transmitted from the unit 70 to the tenant control unit 40 through the service provision unit 20. In a preferred embodiment, the information control request for the tenant and/or tenant group is when the user requests control for the tenant and/or tenant group among the controls shown in FIG. 4, and the first level user's tenant and/or It may include a control request for tenant group information and a control request for the second-level user's tenant. Control of information about tenants and/or tenant groups includes adding tenants and/or tenant groups through creation of metadata for tenants and/or tenant groups, and changing connection with users through changing metadata of tenants and/or tenant groups. , may include deletion of tenants and/or tenant groups.

In the step of checking the user's authority (S32) and the step of responding after checking the authority (S33), the user control unit 30 determines whether to approve the command by checking the user's authority after receiving the control request. In this process, the input user's control request may be transmitted along with the requesting user's identification information, and the user control unit 30 may determine whether to execute the command by checking the user's authority. For example, a second-level user controlling the metadata of a tenant group or controlling the metadata of a tenant to which the second-level user does not belong can be prevented through the above authority check.

The tenant control step (S35) is a process of controlling metadata of the tenant and/or tenant group or controlling security data stored in the tenant upon request. Unlike the user control step (S20), the node control step is omitted and the metadata Only the control step (S353) can be performed. This is because no change in user permissions occurs in the tenant control step (S35), so no new nodes are defined within the tenant and/or tenant group, or the connection between the node and the tenant is not changed.

The metadata control step (S353) controls the metadata of the tenant and/or tenant group according to the control request, and the control may include at least one of creation, inquiry, change, and deletion. Additionally, in the metadata control step (S353), security data stored in the tenant can be controlled depending on the type of user's control request.

The matching storage step (S37) and the display step (S39) can be understood as being substantially the same as the matching storage step (S27) and the display step (S29) in the user control step (S20) described above. However, in the matching storage step (S27), the security data is not stored by matching the identification information of the user and the tenant for the added tenant, but the security data stored in the tenant can be additionally changed or deleted according to the changed metadata of the tenant. It can be done so that

The multi-tenancy security control method (S) according to the present invention can be implemented by a program stored in a computer-readable recording medium. Additionally, the present invention can also be implemented as software that is added to a program.

The above detailed description is illustrative of the present invention. Additionally, the foregoing is intended to illustrate preferred embodiments of the present invention, and the present invention can be used in various other combinations, modifications, and environments. That is, changes or modifications can be made within the scope of the inventive concept disclosed in this specification, a scope equivalent to the written disclosure, and/or within the scope of technology or knowledge in the art. The written examples illustrate the best state for implementing the technical idea of the present invention, and various changes required for specific application fields and uses of the present invention are also possible. Accordingly, the detailed description of the invention above is not intended to limit the invention to the disclosed embodiments. Additionally, the appended claims should be construed to include other embodiments as well.

100: Multi-tenancy security control system
10: Collection unit 11: Security data DB
20: Service provision department
21: User-provided module 23: Tenant-provided module
30: User control unit
31: User information control module 33: Authorization module
40: Tenant control unit
41: Tenant group control module 43: Tenant control module
60: Matching storage unit 70: Command request unit
S: Multi-tenancy security control method
S10: Collection step S20: User control step
S21: Step of receiving control request from user
S22: Step to check user permissions
S23: User information control step S24: Permission control step
S25: Tenant control step S27: Matching storage step
S29: Display step
S30: Tenant control phase

Claims (18)

Includes at least one server that provides a multi-tenant environment, wherein the at least one server includes,
A collection unit that collects security data from multiple security devices, a service provision unit that provides a multi-tenant environment to multiple users, a matching storage unit that matches and stores the collected security data with users or tenants, and users within the multi-tenant environment. It includes a user control unit that controls permissions and a tenant control unit that controls tenant metadata and data stored in the tenant,
The service provider is a multi-tenancy security control system characterized in that it provides different tenant environments depending on the user's permissions. The multi-tenancy security system of claim 1, wherein the user control unit includes a user information control module that controls information about users accessing the tenant environment, and an authorization module that grants permission to the user to the tenant environment. Control system. The multi-user system of claim 2, wherein the user information control module defines a plurality of users in a tree structure according to user level, and the authorization module grants access to the tenant environment according to the defined user level. Tenancy security control system. According to claim 3, the multi-tenant environment consists of at least one tenant group that groups a plurality of tenants, and security data is stored in a plurality of tenants within the tenant group,
The user level granted to the user by the user information control module is defined as a first level corresponding to the tenant group, a lower level of the first level, and includes a second level corresponding to the tenant. Multi-tenancy security control system. According to claim 4, the authorization module grants different authorizations to the user depending on the user level,
The first level user can access at least one tenant in the tenant group and control the tenant,
A multi-tenancy security control system, characterized in that the second level user corresponds to one tenant and is authorized to control the tenant's metadata and security data within the tenant. The method of claim 5, wherein the user level further includes a third level defined as a lower level of the second level,
The authorization module is a multi-tenancy security control system characterized in that it grants authority to third-level users to view security data of tenants corresponding to upper second-level users. The method of any one of claims 4 to 6, wherein the tenant control unit includes a tenant group control module that controls metadata of the tenant group, and a tenant control module that controls metadata of the tenant and security data stored in the tenant; ,
A multi-tenancy security control system, characterized in that control of the tenant control unit is determined according to the user level. The method of claim 7, wherein the tenant group control module performs at least one of creating, viewing, changing, and deleting metadata of the tenant group,
The tenant control module performs at least one of creating, viewing, changing, and deleting tenant metadata, and performs at least one of viewing, changing, and deleting security data stored in the tenant. Multi-tenancy security. Control system. The multi-tenant system of claim 8, wherein the server further includes a command request unit that receives a request for control of a user or tenant environment from a user, and the service provider transmits the user's control request to the user control unit or tenant control unit. City security control system. In the multi-tenancy security control method performed in a network environment,
A collection step to collect and store security data from multiple security devices, a step to receive a control request from a user, a tenant control step to control data from one or more tenant groups or tenants, and a step to match the collected security data with the user or tenant. Including steps for saving by tenant,
A multi-tenancy security control method characterized by providing different multi-tenant environments according to user permissions. The method of claim 10, further comprising checking the user's authority and responding to the control request from the user,
The tenant control step controls one or more data among the tenant group or tenant according to the user's authority,
The multi-tenant environment provided to users consists of at least one tenant group that groups multiple tenants, and security data is stored in multiple tenants within the tenant group.
The user level defining the user's authority is defined as a first level corresponding to the tenant group, a lower level of the first level, and includes a second level corresponding to the tenant. The method of claim 11, wherein the first level user is authorized to access and control at least one tenant in a tenant group,
The second level user is associated with one tenant and is authorized to control the tenant's metadata and security data within the tenant,
The tenant control step is a multi-tenancy security control method characterized in that a control request corresponding to the user's level is performed. The method of claim 12, wherein the user level further includes a third level defined as a lower level of the second level,
A multi-tenancy security control method, wherein third-level users are authorized to view security data of tenants corresponding to upper second-level users. The method of claim 13, wherein the control request is a control request for user information,
The multi-tenancy security control method includes a user information control step of performing at least one of creating, changing, and deleting user information after confirming the authority of the user who requested control;
A multi-tenancy security control method further comprising an authority control step of granting or controlling authority according to the level of the user to be controlled. According to clause 14,
In the tenant control step, for a first level user, a node in the tenant group is defined to correspond to the first level user, and the node is connected to at least one tenant in the tenant group,
For second-level users, a multi-tenancy security control method characterized by defining tenants in the tenant group to correspond to the second-level users. According to claim 13, the control request is a control request for a tenant group or tenant data,
The tenant control step performs at least one of creating, searching, changing, and deleting metadata for the tenant group, or
Multi-tenancy security control, characterized by performing at least one of creating, viewing, changing, and deleting tenant metadata for the tenant, and performing at least one of viewing, changing, and deleting security data stored in the tenant. method. A computer-readable recording medium storing a program for implementing the multi-tenancy security control method of any one of claims 10 to 16. A program stored in a computer-readable recording medium for implementing the multi-tenancy security control method of any one of claims 10 to 16.

Images