DATA ACCESS CONTROL METHOD AND DATA ACCESS CONTROL APPARATUS
First Claim
1. A data access control method executed by a computer coupled to a client device via a network, comprising:
- acquiring a user identification of a user who uses the client device based on a login request received from the client device and a tenant identification for the user identification from a tenant identification management storage that stores association of user identifications with tenant identifications, and recording the user identification and the tenant identification in an identification storage unit;
activating an application software depending on a processing request received from the client device; and
receiving an access request to a database from the application software and transmitting the access request for a data area for the tenant identification among a plurality of data areas in the database to a database management unit based on the tenant identification recorded in the identification information storage unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A data access control apparatus and method acquires a user identification (ID) of a user who uses a client device based on a login request received from the client device, and a tenant ID for the user ID from a tenant ID management storage unit that associates user IDs with tenant IDs and records the association. An application software is activated depending on a processing request received from the client device and an access unit which receives an access request for a database from the application software and transmits the access request for a data area for the tenant ID among a plurality of data areas in the database to a database management unit based on the tenant ID recorded in the identification storage unit.
53 Citations
6 Claims
-
1. A data access control method executed by a computer coupled to a client device via a network, comprising:
-
acquiring a user identification of a user who uses the client device based on a login request received from the client device and a tenant identification for the user identification from a tenant identification management storage that stores association of user identifications with tenant identifications, and recording the user identification and the tenant identification in an identification storage unit; activating an application software depending on a processing request received from the client device; and receiving an access request to a database from the application software and transmitting the access request for a data area for the tenant identification among a plurality of data areas in the database to a database management unit based on the tenant identification recorded in the identification information storage unit. - View Dependent Claims (2, 3)
-
-
4. A data access control apparatus coupled to a client device via a network, comprising:
-
an identification information recording unit which acquires a user identification of a user who uses the client device based on a login request received from the client device, and a tenant identification for the user identification from a tenant identification management storage unit that stores association of user identifications with tenant identifications and records the user identification and the tenant identification in an identification storage unit; an application software activation unit which activates an application software depending on a processing request received from the client device; and an access unit which receives an access request for a database from the application software and transmits the access request for a data area for the tenant identification among a plurality of data areas in the database to a database management unit based on the tenant identification recorded in the identification storage unit.
-
-
5. A computer-readable recording medium recording a program that causes a computer coupled to a client device via a network to execute to perform a process comprising;
-
acquiring a user identification of a user who uses the client device based on a login request received from the client device, and a tenant identification for the user identification from a tenant identification management storage unit that stores association of user identifications with tenant identifications, and recording the user identification and the tenant identification in an identification information storage unit; activating an application software depending on a processing request received from the client device; and receiving an access request for a database from the application software and transmitting the access request for a data area for the tenant identification among a plurality of data areas in the database to a database management unit based on the tenant identification recorded in the identification storage unit.
-
-
6. A computer implement method of data access, comprising:
-
determining a session scope based on a request received from a user; and providing a service defined by the session scope as a response to the request based on association of an identifier of the user with an area among multiple areas of a database commonly shared by multiple users.
-
Specification