APPARATUS AND METHOD FOR TENANT-AWARE SECURITY MANAGEMENT IN MULTI-TENANCY SYSTEM

摘要

PURPOSE: An apparatus for a security control of a tenant in a multi-tenancy environment and a method thereof are provided so that multiple tenants classify, store, and analyze security information which are collected in a multi-tenancy environment which shares various IT resources according to each tenant. CONSTITUTION: A security data storage unit stores 'security data which is generated while tenants use services in a multi-tenancy environment'. A security data analyzing unit (150) maps 'the security data which is stored in the security data storage unit' and 'an ID of a service in which the security data is generated' in 'an ID of a tenant which generates the security data' and stores in the security data storage unit according to each tenant. The security data analyzing unit extracts 'an ID of a user which generates the security data from the security data which is stored in the security data storage unit' and 'at least one of IDs of a tenant to which the user belongs'. [Reference numerals] (10) Multi tenant SaaS operation platform; (105) User ID offering unit; (110) Service ID offering unit; (115) Use ID storing unit; (120) Service ID storing unit; (125) Collecting data storing unit; (130) Data integration unit; (135) First security data storing unit; (140) Wrong data removing unit; (145) Second security data storing unit; (150) Security data analyzing unit; (155) Security data per tenant storing unit; (160) Checking unit; (165) Checking request unit; (20) Log storing unit; (21) First storing unit; (22) Second storing unit; (30) Collecting unit; (31) First collecting unit; (32) Second collecting unit; (M1) First description information; (M2) Second description information; (T1,T2) Security control information