CN103118011A - Method for protecting customer data in multi-tenant environment - Google Patents
Method for protecting customer data in multi-tenant environment Download PDFInfo
- Publication number
- CN103118011A CN103118011A CN2013100110596A CN201310011059A CN103118011A CN 103118011 A CN103118011 A CN 103118011A CN 2013100110596 A CN2013100110596 A CN 2013100110596A CN 201310011059 A CN201310011059 A CN 201310011059A CN 103118011 A CN103118011 A CN 103118011A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- client
- application
- tenant
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method for protecting customer data in a multi-tenant environment. The mode of cloud encrypted storage and terminal decrypted calculation is adopted. Data are stored in a server but stored in an encrypted mode. A secret key is saved by a user. Data are processed at a user terminal. Encryption and decryption are not carried out on the server either so as to prevent penetration attack. The method for protecting customer data in the multi-tenant environment has the advantages of improving safety of customer data in the multi-tenant environment, and also being capable of simultaneously meeting the requirement for secrecy of partial data and publicity of other data.
Description
Technical field
The present invention relates to the method for protection customer data in a kind of multi-tenant environment.
Background technology
The cloud computing mode of rising in recent years has become the focus of industrial quarters and academia's concern.For storage resources, cloud computing is carried out centralized management to resource, and one or more clients can the shared memory systems hardware and software.The approach of this shared hardware and software can independently to buy software and hardware at double far below the user, provide stores service.Many tenants a plurality of tenants in other words share an example, and the existing isolation of tenant's data has again shared, thereby solve the problem of data storage.Analyze SaaS(Software as a Service, and software is namely served from the framework aspect) important difference that is different from conventional art is exactly the Multi-Tenant pattern.
In traditional multi-tenant architecture (as shown in Figure 3), each tenant uses different virtual mappings or application program, and access is by the database of physics or logical course isolation, and data are in the process of transmission, and the mode by HTTPS is encrypted.In traditional multi-tenant architecture, many tenants are by APP(Application, application program) flow process of access is as shown in Figure 4.In traditional multi-tenant architecture, there are following three kinds of main schemes in many tenants in the data storage.
1) self contained data base.This is the first scheme, i.e. database of a tenant, and the user data isolation level of this scheme is the highest, and fail safe is best, but cost is also high.Its advantage is: for different tenants provides independently database, help the expansion design of reduced data model, satisfy different tenants' unique need; If there is fault, recover data fairly simple.Its shortcoming is: increased the installation quantity of database, the increase that thereupon brings maintenance cost and acquisition cost.This scheme and a traditional client, a sets of data, a cover are disposed similar, and difference only is that the software unified plan is in the operator there.If what face is that bank, hospital etc. need very high other tenant of data isolation level, can select this pattern, improve the price of renting.If it is lower to fix a price, product is walked route at a low price, and this scheme is generally unaffordable to operator.
2) shared data bank, the isolated data framework.This is first scheme, and namely a plurality of or all tenants share the Database(database), but Schema of a Tenant.Its advantage is: for the higher tenant of security requirement provides logical data isolation to a certain degree, be not to isolate fully; Each database can be supported more tenant's quantity.Its shortcoming is: if there is fault, it is more difficult that data are recovered, because restore database will involve other tenants' data; If need to across tenant's statistics, have certain difficulty.
3) shared data bank is shared data framework.This is the third scheme, and namely the tenant shares same Database, same Schema, but distinguishes tenant's data in table by TenantID.This is the pattern that degree of share is the highest, isolation level is minimum.Its advantage is: maintenance and acquisition cost are minimum, and the tenant's quantity that allows each database to support is maximum.Its shortcoming is: isolation level is minimum, and fail safe is minimum, need to strengthen the exploitation amount to safety when designing and developing; Data backup and resume is the most difficult, needs by showing backup-and-restore one by one.
The scheme of prior art has mainly solved the problem of transmission security at secure context, storage guarantees integrality and the privacy of data with suitable isolation for the DB data, but still there is following shortcoming in whole system: 1) for APP can identify and process, data in DB with stored in clear; 2) many APP move at same station server, have the possibility of maliciously being permeated, steal data; 3) in the situation that usemame/password is cracked, not only can check the data in DB, also can revise the data in DB.
Under traditional many tenants pattern, user data is kept in the DB of data center, processes in order to facilitate APP, and the data of its preservation are not encrypted, and many APP move at same station server simultaneously, have the possibility of maliciously being permeated, steal data; In the situation that usemame/password is cracked, the use of not only can being gone beyond one's commission of the data in DB also may be by unauthorized update.
Summary of the invention
The present invention is the weak point that exists in above-mentioned prior art for avoiding, and the method for protection customer data in a kind of multi-tenant environment is provided, to improve the fail safe of customer data under multi-tenant environment.
The invention provides the method for protection customer data in a kind of multi-tenant environment.
The method of protection customer data in multi-tenant environment, it adopts high in the clouds to encrypt the mode that storage+terminal deciphering calculates; Data are stored on server, but store in the mode of encrypting; Key is kept in user's hand; The processing of data is at user terminal, and encryption and decryption does not carry out preventing penetration attack yet on server.Key in user's hand is preserved in the mode of USB, can not derive; Also can adopt the method that allows the user manually input password, password is protected.
In multi-tenant environment of the present invention, the characteristics of the method for protection customer data also are:
The tenant comprises following step in the process of accessing by APP:
A. the user submits access request to APP;
B. APP authenticates the user, and the user is by after authentication, and APP is according to user profile orientation DB database;
C.APP is not in the service end deal with data, and server end is irrelevant part and this result passback user of deal with data only; APP sends to subscription client to the program for the treatment of data, needs user data to be processed also to issue subscription client in the mode of encrypting;
D. in user's client, the user is decrypted the user data that receives, and then calls the program that obtains from server end, and data are processed;
E. user's client will to the result of data and the data independence section processes result of server end transmission, be presented to the user jointly;
F. in user's client, Crypted password is preserved with the form of usb; APP preferentially obtains the password of USB in decrypting process;
If if g. the user has modification to data, be encrypted in client, after encrypting, data send server end, and are kept in user DB.
In described step b, if the user is new user, a new DB database is opened up in application.
Compared with the prior art, beneficial effect of the present invention is embodied in:
The method of protection customer data in multi-tenant environment of the present invention; adopt the mode of server end preservation, client end encryption and decryption under multi-tenant environment; use asymmetric algorithm to satisfy simultaneously safety and open demand; improved the fail safe of customer data under the multi-tenant environment; also can satisfy partial data and maintain secrecy, the disclosed user demand of another part data.
In multi-tenant environment of the present invention, the method for protection customer data, have and can improve the fail safe of customer data under the multi-tenant environment, also can satisfy the advantages such as the secret disclosed user demand of another part data simultaneously of partial data.
Description of drawings
Fig. 1 is the multi-tenant data schematic diagram of the method for protection customer data in multi-tenant environment of the present invention.
Fig. 2 is that the tenant of the method for protection customer data in multi-tenant environment of the present invention is passing through APP browsing process figure.
Fig. 3 is many tenants application model of the prior art.
Fig. 4 is that the tenant of the many tenants application model in Fig. 3 is passing through APP browsing process figure.
Below pass through embodiment, and the invention will be further described by reference to the accompanying drawings.
Embodiment
Referring to Fig. 1, the method for protection customer data in multi-tenant environment adopts high in the clouds to encrypt the mode that storage+terminal deciphering calculates; Data are stored on server, but store in the mode of encrypting; Key is kept in user's hand; The processing of data is at user terminal, and encryption and decryption does not carry out preventing penetration attack yet on server.Key in user's hand is preserved in the mode of USB, can not derive; Also can adopt the method that allows the user manually input password, password is protected.
As shown in Figure 2, the tenant comprises following step in the process of accessing by APP:
A. the user submits access request to APP;
B. APP authenticates the user, and the user is by after authentication, and APP is according to user profile orientation DB database; If the user is new user, a new DB database is opened up in application;
C.APP is not in the service end deal with data, and server end is irrelevant part (as frame part) and this result passback user of deal with data only; APP sends to subscription client to the program for the treatment of data, needs user data to be processed (these data are encrypted) also to issue subscription client in the mode of encrypting; Sendaisle adopts traditional cipher mode, for example SSL mode;
D. in user's client, the user is decrypted the user data that receives, and then calls the program that obtains from server end, and data are processed;
E. user's client will to the result of data and data independence part (as frame part) result of server end transmission, be presented to the user jointly;
F. in order better to guarantee the universality of fail safe and cloud client, in user's client, the Crypted password suggestion is preserved with the form of usb; APP preferentially obtains the password of USB in decrypting process; Also can adopt the method that allows the user manually input password.The store method of password is a part of native system, but is not the essential part of native system.
If if g. the user has modification (comprising the retouching operations such as increase, deletion) to data, be encrypted in client, after encrypting, data send server end, and are kept in user DB.
The data of certain customers need to a certain degree open, and take the net dish as example, user's data are kept at server end, do not allow other people to revise, but allow other people to watch, perhaps partial data allows other people to watch, and need to use rivest, shamir, adelman to encrypt.
When the user registered for the first time, the user need to generate a pair of public-key cryptography (publickey) and private cipher key (privatekey), provides public-key cryptography to server end, and was preserved by server end, and the user preserves private cipher key.The user can mention the modification right to key at any time.Because the private key confidentiality is high, recommend adoption usb preserves, and is set to and can not derives.
The user is during to the disclosed data modification of needs, and processing procedure slightly changes, and uses public-key cryptography during deciphering, uses private cipher key during encryption.For not needing disclosed data, adopt the mode of public key encryption, use privately owned secret key during deciphering.
The user who is authorized to watch, its flow process of watching data is as follows: the user who 1) is authorized to watch submits access request to APP; 2) by after authentication and scope check, APP obtains according to the object of request access the data that the DB database is preserved; 3) APP obtains the public-key cryptography that the data owner is kept at server end, and uses public-key cryptography that data are decrypted.Data after deciphering send to the subscription client that is authorized to watch to present to the user by server end.
Claims (3)
1. the method for protection customer data in multi-tenant environment, is characterized in that, adopts high in the clouds to encrypt the mode that storage+terminal deciphering calculates; Data are stored on server, but store in the mode of encrypting; Key is kept in user's hand; The processing of data is at user terminal, and encryption and decryption does not carry out preventing penetration attack yet on server.
2. the method for protection customer data in multi-tenant environment according to claim 1, is characterized in that, the tenant comprises following step in the process of accessing by APP:
A. the user submits access request to application A PP;
B. application A PP authenticates the user, and the user is by after authentication, and application A PP is according to user profile orientation DB database;
C. application A PP is not in the service end deal with data, and server end is irrelevant part and this result passback user of deal with data only; Application A PP sends to subscription client to the program for the treatment of data, needs user data to be processed also to issue subscription client in the mode of encrypting.
D. in user's client, the user is decrypted the user data that receives, and then calls the program that obtains from server end, and data are processed;
E. user's client will to the result of data and the data independence section processes result of server end transmission, be presented to the user jointly;
F. in user's client, Crypted password is preserved with the form of USB; Application A PP preferentially obtains the password of USB in decrypting process;
If if g. the user has modification to data, be encrypted in client, after encrypting, data send server end, and are kept in user DB database.
3. the method for protection customer data in multi-tenant environment according to claim 1, is characterized in that, in described step b, if the user is new user, a new DB database is opened up in application.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310011059.6A CN103118011B (en) | 2013-01-12 | 2013-01-12 | The method protecting customer data in multi-tenant environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310011059.6A CN103118011B (en) | 2013-01-12 | 2013-01-12 | The method protecting customer data in multi-tenant environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103118011A true CN103118011A (en) | 2013-05-22 |
| CN103118011B CN103118011B (en) | 2016-08-03 |
Family
ID=48416285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310011059.6A Active CN103118011B (en) | 2013-01-12 | 2013-01-12 | The method protecting customer data in multi-tenant environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103118011B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763355A (en) * | 2014-01-07 | 2014-04-30 | 天地融科技股份有限公司 | Cloud data uploading and access control method |
| CN105446828A (en) * | 2014-09-30 | 2016-03-30 | 北京金山云网络技术有限公司 | Database backup and recovery method, apparatus and system |
| CN113342827A (en) * | 2021-07-01 | 2021-09-03 | 广东电网有限责任公司 | Power grid data storage method, storage medium and system based on multi-tenant technology |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110145576A1 (en) * | 2009-11-17 | 2011-06-16 | Thales | Secure method of data transmission and encryption and decryption system allowing such transmission |
| CN102467421A (en) * | 2010-11-19 | 2012-05-23 | 深圳市金蝶友商电子商务服务有限公司 | Tenant-data-based processing method and computer |
| CN102833346A (en) * | 2012-09-06 | 2012-12-19 | 上海海事大学 | Storage metadata based security protection system and method for cloud sensitive data |
-
2013
- 2013-01-12 CN CN201310011059.6A patent/CN103118011B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110145576A1 (en) * | 2009-11-17 | 2011-06-16 | Thales | Secure method of data transmission and encryption and decryption system allowing such transmission |
| CN102467421A (en) * | 2010-11-19 | 2012-05-23 | 深圳市金蝶友商电子商务服务有限公司 | Tenant-data-based processing method and computer |
| CN102833346A (en) * | 2012-09-06 | 2012-12-19 | 上海海事大学 | Storage metadata based security protection system and method for cloud sensitive data |
Non-Patent Citations (1)
| Title |
|---|
| 孙磊,戴紫珊,郭锦娣: "云计算密钥管理框架研究", 《电信科学》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763355A (en) * | 2014-01-07 | 2014-04-30 | 天地融科技股份有限公司 | Cloud data uploading and access control method |
| CN103763355B (en) * | 2014-01-07 | 2017-02-01 | 天地融科技股份有限公司 | Cloud data uploading and access control method |
| CN105446828A (en) * | 2014-09-30 | 2016-03-30 | 北京金山云网络技术有限公司 | Database backup and recovery method, apparatus and system |
| CN105446828B (en) * | 2014-09-30 | 2019-05-31 | 北京金山云网络技术有限公司 | A kind of DB Backup, restoration methods, apparatus and system |
| CN113342827A (en) * | 2021-07-01 | 2021-09-03 | 广东电网有限责任公司 | Power grid data storage method, storage medium and system based on multi-tenant technology |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103118011B (en) | 2016-08-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103618728B (en) | A kind of encryption attribute method at more mechanism centers | |
| CN102685093B (en) | A kind of identity authorization system based on mobile terminal and method | |
| TWI724555B (en) | Key management method, security chip, business server and information system | |
| CN103414682B (en) | The method for cloud storage of a kind of data and system | |
| CN108701094A (en) | The safely storage and distribution sensitive data in application based on cloud | |
| CN102123143B (en) | Method for storing data in network safely | |
| CN108667605B (en) | Data encryption and decryption method and device | |
| CN103561034A (en) | Secure file sharing system | |
| CN103957109A (en) | Cloud data privacy protection security re-encryption method | |
| CN111147255A (en) | Data security service system | |
| CN102724215A (en) | Method for storing user key safely and improving data security of cloud platform based on user login password | |
| CN105407119A (en) | Cloud computing system and method thereof | |
| US9954828B1 (en) | Protection of data stored in the cloud | |
| CN104994068A (en) | Multimedia content protection and safe distribution method in cloud environment | |
| CN102752109A (en) | Secret key management method and device for encrypting data base column | |
| Tajadod et al. | Microsoft and Amazon: A comparison of approaches to cloud security | |
| CN101924739A (en) | Method for encrypting, storing and retrieving software certificate and private key | |
| Vegesna | Investigations on Different Security Techniques for Data Protection in Cloud Computing using Cryptography Schemes | |
| CN202455386U (en) | Safety system for cloud storage | |
| CN107453880A (en) | A kind of cloud secure storage method of data and system | |
| CN103118011B (en) | The method protecting customer data in multi-tenant environment | |
| CN106790145B (en) | A kind of cloud Data Hosting system and cloud Data Hosting method | |
| CN112989320B (en) | User state management system and method for password equipment | |
| CN105721393A (en) | Data security encryption method and data security encryption device | |
| CN1819590A (en) | Enciphering method of computer electronic documents |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200821 Address after: Room 1103, B1 / F, Hefei Innovation Industrial Park, 800 Wangjiang West Road, hi tech Zone, Hefei City, Anhui Province Patentee after: Anhui tengling Technology Co., Ltd Address before: 230088 building B1, building 11, animation and service outsourcing industry base, hi tech Zone, Anhui, Hefei Patentee before: Hefei Huayun Communication Technology Co.,Ltd. |