Strict tenant isolation in multi-tenant enabled systems
First Claim
1. A computer program product comprising a machine-readable medium storing instructions that, when executed by at least one programmable processor, cause the at least one programmable processor to perform operations comprising:
- defining a plurality of partitions in a database for a multi-tenant computing system provided on one or more processors, each partition of the plurality of partitions corresponding to only one business tenant of a set of business tenants supported by the multi-tenant system;
storing, in the database, shared content that is shared among and accessible to all tenants of the multi-tenant computing system;
storing tenant content for each business tenant in the corresponding partition of the plurality of partitions of the database, at least a portion of the tenant content being unique to and associated with the associated business tenant; and
generating, as a result of a code check executed at run time, one or more errors to prevent tenant content associated with a first business tenant of the set of business tenants from being accessed by a second business tenant of the set of business tenants, the code check identifying application code within the multi-tenant computing system that comprises a database coding construct that fails to forbid cross-tenant access by the second business tenant to tenant content associated with the first business tenant, the code check comprising determining the existence of at least one of a CLIENT SPECIFIED addition;
one or more of an IMPORT, an EXPORT, and a DELETE with a CLIENT addition;
usage of Native SQL;
a write access into a system field SY-MANDT; and
usage of a parameter IV_CLIENT in a method attach that mediates access to one or more shared memory objects.
2 Assignments
0 Petitions
Accused Products
Abstract
A plurality of partitions can be defined in a database for a multi-tenant computing system provided on one or more processors such that each partition of the plurality of partitions is associated with only one business tenant of a set of business tenants supported by the multi-tenant system. The database can stored shared content that is shared among and accessible to all tenants of the multi-tenant computing system while tenant content for each business tenant can be stored in the database in one partition of the plurality of partitions. The one partition can be assigned to an associated business tenant. At least a portion of the tenant content can be unique to and associated with the associated business tenant. One or more errors can be generated to prevent tenant content associated with a first business tenant of the set of business tenants from being accessed by a second business tenant of the set of business tenants when an application code executed within the multi-tenant computing system comprises a construct that would otherwise enable cross-tenant access by the second business tenant to tenant content associated with the first business tenant. Related systems, methods, and computer program products are described.
-
Citations
20 Claims
-
1. A computer program product comprising a machine-readable medium storing instructions that, when executed by at least one programmable processor, cause the at least one programmable processor to perform operations comprising:
-
defining a plurality of partitions in a database for a multi-tenant computing system provided on one or more processors, each partition of the plurality of partitions corresponding to only one business tenant of a set of business tenants supported by the multi-tenant system; storing, in the database, shared content that is shared among and accessible to all tenants of the multi-tenant computing system; storing tenant content for each business tenant in the corresponding partition of the plurality of partitions of the database, at least a portion of the tenant content being unique to and associated with the associated business tenant; and generating, as a result of a code check executed at run time, one or more errors to prevent tenant content associated with a first business tenant of the set of business tenants from being accessed by a second business tenant of the set of business tenants, the code check identifying application code within the multi-tenant computing system that comprises a database coding construct that fails to forbid cross-tenant access by the second business tenant to tenant content associated with the first business tenant, the code check comprising determining the existence of at least one of a CLIENT SPECIFIED addition;
one or more of an IMPORT, an EXPORT, and a DELETE with a CLIENT addition;
usage of Native SQL;
a write access into a system field SY-MANDT; and
usage of a parameter IV_CLIENT in a method attach that mediates access to one or more shared memory objects. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method comprising:
-
defining a plurality of partitions in a database for a multi-tenant computing system provided on one or more processors, each partition of the plurality of partitions corresponding to only one business tenant of a set of business tenants supported by the multi-tenant system; storing, in the database, shared content that is shared among and accessible to all tenants of the multi-tenant computing system; storing tenant content for each business tenant in the corresponding partition of the plurality of partitions of the database, at least a portion of the tenant content being unique to and associated with the associated business tenant; and generating, as a result of a code check executed at run time, one or more errors to prevent tenant content associated with a first business tenant of the set of business tenants from being accessed by a second business tenant of the set of business tenants, the code check identifying application code within the multi-tenant computing system that comprises a database coding construct that fails to forbid cross-tenant access by the second business tenant to tenant content associated with the first business tenant, the code check comprising determining the existence of at least one of a CLIENT SPECIFIED addition;
one or more of an IMPORT, an EXPORT, and a DELETE with a CLIENT addition;
usage of Native SQL;
a write access into a system field SY-MANDT; and
usage of a parameter IV_CLIENT in a method attach that mediates access to one or more shared memory objects. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
at least one programmable processor; and a machine-readable medium storing instructions that, when executed by the at least one processor, cause the at least one programmable processor to perform operations to isolate tenant content of business tenants in a multi-tenancy landscape, the operations comprising; defining a plurality of partitions in a database for a multi-tenant computing system provided on one or more processors, each partition of the plurality of partitions corresponding to only one business tenant of a set of business tenants supported by the multi-tenant system; storing, in the database, shared content that is shared among and accessible to all tenants of the multi-tenant computing system; storing tenant content for each business tenant in the corresponding partition of the plurality of partitions of the database, at least a portion of the tenant content being unique to and associated with the associated business tenant; and generating, as a result of a code check executed at run time, one or more errors to prevent tenant content associated with a first business tenant of the set of business tenants from being accessed by a second business tenant of the set of business tenants, the code check identifying application code within the multi-tenant computing system that comprises a database coding construct that fails to forbid cross-tenant access by the second business tenant to tenant content associated with the first business tenant, the code check comprising determining the existence of at least one of a CLIENT SPECIFIED addition;
one or more of an IMPORT, an EXPORT, and a DELETE with a CLIENT addition;
usage of Native SQL;
a write access into a system field SY-MANDT; and
usage of a parameter IV_CLIENT in a method attach that mediates access to one or more shared memory objects. - View Dependent Claims (17, 18, 19, 20)
-
Specification