Data management method, device, apparatus, storage and product

By updating the organization identifier in access requests within a multi-legal entity system, the problem of data sharing between different legal entities is solved, achieving a balance between data isolation and sharing, and improving management efficiency and data security.

CN115221232BActive Publication Date: 2026-06-09CHINA CONSTRUCTION BANK +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA CONSTRUCTION BANK
Filing Date
2022-08-03
Publication Date
2026-06-09

Smart Images

  • Figure CN115221232B_ABST
    Figure CN115221232B_ABST
Patent Text Reader

Abstract

The application provides a data management method, device, equipment, storage and product, and is applied to the field of information security. The method comprises the following steps: obtaining an access request; determining the type of a data table according to the access request; if the type of the data table is a shared type, updating the agency identifier in the access request to the agency identifier corresponding to the shared type data table; and accessing the data in the data table according to the agency identifier in the access request. If the type of the data table is not general data, only the corresponding data of the agency identifier of the requester can be accessed, so as to realize data isolation. If the type of the data table is general data, the agency identifier in the access request can be updated, and the updated general data corresponding to the agency identifier of the shared type data table can be accessed, so as to realize data sharing. Therefore, the general data can be shared while the data is isolated among different legal persons, the management efficiency of the general data can be improved, and the safety of the business data of each legal person can be ensured.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of information security, and more particularly to a data management method, apparatus, device, storage, and product. Background Technology

[0002] A multi-legal entity system can have several subsidiaries, each with independent legal status. Because subsidiaries are independent legal entities, they have the ability to conduct business independently, thus requiring data isolation between subsidiaries. However, for ease of management, it is often necessary to integrate common data from all subsidiaries, such as customer addresses and contact information, so that any modifications to this common data will be effective throughout the entire multi-legal entity system. Therefore, there is also a need for data sharing.

[0003] Currently, data for each independent legal entity is typically stored separately to meet regulatory requirements for data segregation between different legal entities. However, while data segregation exists between different legal entities within a multi-entity system, it is difficult for them to share common data, leading to inefficient management of this common data. Summary of the Invention

[0004] This application provides a data management method, apparatus, device, storage, and product to solve the problem of data isolation between different legal entities in a multi-legal entity system, difficulty in sharing common data among different legal entities, and low efficiency in managing common data.

[0005] Firstly, this application provides a data management method, including:

[0006] Obtain an access request; the access request includes the organization identifier of the user's organization;

[0007] The type of data table to be accessed is determined based on the access request;

[0008] If the accessed data table is of the shared type, then the organization identifier in the access request will be updated to the organization identifier corresponding to the shared type data table;

[0009] Access the data in the data table according to the organization identifier in the access request.

[0010] Secondly, this application provides a data management device, comprising:

[0011] The acquisition module is used to acquire access requests; the access request includes the organization identifier of the user's organization;

[0012] A type determination module is used to determine the type of the accessed data table based on the access request.

[0013] The update module is used to update the organization identifier in the access request to the organization identifier corresponding to the shared type data table if the accessed data table is of the shared type.

[0014] The access module is used to access data in the data table according to the organization identifier in the access request.

[0015] Thirdly, this application provides an electronic device, including: a processor, and a memory and a transceiver communicatively connected to the processor;

[0016] The memory stores computer-executed instructions; the transceiver is used for sending and receiving data.

[0017] The processor executes computer execution instructions stored in the memory to implement the data management method described in any of the above aspects.

[0018] Fourthly, this application provides a computer-readable storage medium storing computer-executable instructions, which, when executed by a processor, are used to implement the data management method described in any of the above aspects.

[0019] Fifthly, this application provides a computer program product including computer execution instructions that, when executed by a processor, implement the data management method described in any of the preceding aspects.

[0020] This application provides a data management method, apparatus, device, storage, and product that acquires access requests. The access request includes the organization identifier of the user's organization. The type of the accessed data table is determined based on the access request. If the accessed data table is of a shared type, the organization identifier in the access request is updated to the organization identifier corresponding to the shared type data table. Data in the data table is accessed according to the organization identifier in the access request. Determining the type of the accessed data table through the access request determines whether the accessed data is general data. If it is not general data, only the corresponding data can be accessed based on the organization identifier of the requesting organization, achieving data isolation. If it is general data, the organization identifier in the access request can be updated, and the general data corresponding to the updated shared type data table can be accessed, achieving data sharing. Therefore, the method provided in this application can achieve data isolation between different legal entities while sharing general data, improving the management efficiency of general data and ensuring the security of business data of each legal entity. Attached Figure Description

[0021] The accompanying drawings, which are incorporated in and form part of this specification, illustrate embodiments consistent with this application and, together with the description, serve to explain the principles of this application.

[0022] Figure 1This is a schematic diagram of a network architecture according to this application;

[0023] Figure 2 A flowchart of the data management method provided in Embodiment 1 of this application;

[0024] Figure 3 An organizational structure diagram provided for an embodiment of this application;

[0025] Figure 4 This is a flowchart of a data management method provided in Embodiment 4 of this application;

[0026] Figure 5 This is a schematic diagram of the data management device provided in Embodiment 5 of this application;

[0027] Figure 6 This is a schematic diagram of the structure of the electronic device provided in Embodiment Six of this application.

[0028] The accompanying drawings illustrate specific embodiments of this application, which will be described in more detail below. These drawings and descriptions are not intended to limit the scope of the concept in any way, but rather to illustrate the concept of this application to those skilled in the art through reference to particular embodiments. Detailed Implementation

[0029] Exemplary embodiments will now be described in detail, examples of which are illustrated in the accompanying drawings. When the following description relates to the drawings, unless otherwise indicated, the same numbers in different drawings denote the same or similar elements. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with some aspects of this application as detailed in the appended claims.

[0030] The terms "first," "second," etc., are used for descriptive purposes only and should not be construed as indicating or implying relative importance or implicitly specifying the number of technical features indicated. In the following descriptions of embodiments, "a plurality of" means two or more, unless otherwise explicitly defined.

[0031] First, the prior art involved in this invention will be described and analyzed in detail.

[0032] The data management method provided in this application can be applied to the financial institution system. For example, in a rural credit cooperative, each rural credit cooperative is an independent legal entity. The average daily deposit balance (AUM) and transaction flow of each rural credit cooperative's customers need to be isolated from each other. However, for basic customer information, such as customer address and customer contact information, it is expected that after modification in one rural credit cooperative, it will take effect within the rural credit cooperative.

[0033] In existing technologies, data from each independent legal entity is typically stored independently to achieve data isolation between different legal entities. However, it is difficult to share common data among different legal entities, resulting in low management efficiency of common data. For example, after any legal entity updates common data, it is difficult for other legal entities to update the same data synchronously. The inventors discovered in their research that the data corresponding to each legal entity can be stored in the same data table, and the data in the data table can be accessed based on the identifier of the legal entity in the access request. This can also achieve the requirement of data isolation. Furthermore, if common data is accessed, the common data in the data table can be accessed by changing the legal entity identifier in the access request to the organization identifier corresponding to the common data. The common data can be stored in a shared type data table. Therefore, this application provides a data management method that, after obtaining an access request, determines the type of data table to be accessed based on the access request; if the type of the accessed data table is shared, the organization identifier in the access request is updated to the organization identifier corresponding to the shared type data table; if the type of the accessed data table is not shared, the organization identifier in the access request is not updated; and the data in the data table is accessed according to the updated or unupdated organization identifier in the access request.

[0034] Figure 1 This is a schematic diagram of a network architecture according to this application, such as... Figure 1 As shown, it includes: a requesting terminal 1 and an electronic device 2. The electronic device includes a data management device and a data table storing data of each legal entity. The requesting terminal can be the terminal of any legal entity or management organization. After the requesting party issues an access request in the requesting terminal 1, the electronic device 2 can execute the data management method provided in this application to access the data in the data table and send the data in the data table to the requesting terminal 1 so that the accessed data is displayed in the requesting terminal 1.

[0035] The collection, storage, use, processing, transmission, provision, and disclosure of financial data or user data involved in the technical solution of this application all comply with the provisions of relevant laws and regulations and do not violate public order and good morals.

[0036] The technical solution of this application and how the technical solution of this application solves the above-mentioned technical problems are described in detail below with specific embodiments. These specific embodiments can be combined with each other, and the same or similar concepts or processes may not be described again in some embodiments. The embodiments of this application will now be described with reference to the accompanying drawings.

[0037] Example 1

[0038] Figure 2This is a flowchart of a data management method provided in Embodiment 1 of this application. This embodiment addresses the problem of data isolation between different legal entities within a multi-legal entity system, and the difficulty in sharing common data among them, by providing a data management method. The method in this embodiment is applied to a data management device, which can be located in an electronic device. The electronic device can be a digital computer in various forms, such as a laptop computer, desktop computer, workbench, personal digital assistant, server, blade server, mainframe computer, and other suitable computers.

[0039] like Figure 2 As shown, the specific steps of this method are as follows:

[0040] Step S101: Obtain the access request.

[0041] The access request includes the organization identifier of the user's organization.

[0042] This application does not limit the method of obtaining access requests. For example, it can obtain access requests sent by users through user terminals, or access requests that are scheduled to be sent by users at regular intervals. Here, the user is a person with access rights to the data of their organization. For example, in a financial institution system, the user could be a client manager.

[0043] It should be understood that the organization identifier in this application is used to determine access rights.

[0044] Step S102: Determine the type of data table to be accessed based on the access request.

[0045] In this embodiment, the data table can be of a shared type or an isolated type. If the access request determines that the accessed data table is of a shared type, then step S103 is executed to update the organization identifier in the access request and subsequent steps are executed; if the accessed data table is determined to be of an isolated type, then step S104 is executed to access the data in the data table according to the organization identifier in the access request.

[0046] Step S103: If the accessed data table is of the shared type, then update the organization identifier in the access request to the organization identifier corresponding to the shared type data table.

[0047] In this embodiment, the shared type data table stores general data. The value of the organization identifier field in the shared type data table is the same organization identifier, which is the organization identifier corresponding to the shared type data table. It should be understood that the organization identifier corresponding to the shared type data table can be the organization identifier corresponding to any legal entity, or it can be the organization identifier of a legal entity that has the right to access the data of each legal entity.

[0048] Optionally, to reduce the amount of data, the same common data for each legal entity is stored in only one record in the shared type data table.

[0049] Step S104: Access the data in the data table according to the organization identifier in the access request.

[0050] In this embodiment of the application, if the type of the access data table is shared, the data in the data table can be accessed according to the organization identifier in the updated access request, and the general data in the shared data table can be accessed; if the type of the access data table is isolated, the data in the data table can be accessed according to the organization identifier in the obtained access request, and the data corresponding to the organization to which the requester belongs in the isolated data table can be accessed.

[0051] The data management method provided in this application involves obtaining an access request; the access request includes the organization identifier of the user's organization; determining the type of the accessed data table based on the access request; if the accessed data table is of a shared type, updating the organization identifier in the access request to the organization identifier corresponding to the shared type data table; and accessing the data in the data table according to the organization identifier in the access request. Determining the type of the accessed data table through the access request can determine whether the accessed data is general data; if it is not general data, only the corresponding data can be accessed based on the organization identifier of the requesting organization, achieving data isolation; if it is general data, the organization identifier in the access request can be updated, and the general data corresponding to the updated shared type data table can be accessed, achieving data sharing. Therefore, the method provided in this application can achieve data isolation between different legal entities while sharing general data, improving the management efficiency of general data and ensuring the security of the business data of each legal entity.

[0052] In one optional implementation, step S102, which determines the type of the access data table based on the access request, includes: searching for the identification information of the access data table in a pre-configured type parameter table to determine the type of the access data table corresponding to the identification information. The identification information and type association of the access data table are stored in the type parameter table.

[0053] In this embodiment of the application, the type parameter table records the identification information of each data table and its corresponding type.

[0054] For example, the identification information of a data table can be the table name. Table 1 is a type parameter table provided in the embodiments of this application. As shown in Table 1, the type parameter table can include the table name and a type field; if the field value of the type field is 0, the corresponding data table type can be determined to be a shared type; if the field value of the type field is 1, the corresponding data table type can be determined to be an isolated type. Through Table 1, it can be determined that the type of the AUM information table is isolated and the type of the customer name table is shared.

[0055] Table 1

[0056] Table name type AUM Information Table 1 Customer Name List 0

[0057] In one optional implementation, the data table includes an organization identifier field, and the organization identifier field values ​​are the same in shared type data tables; the data table is stored in a relational database, and one implementation of step S104, which accesses data in the data table according to the organization identifier in the access request, includes: using the organization identifier in the access request as a parameter in the structured query language corresponding to the access request to access the data in the data table.

[0058] Specifically, after obtaining or updating the access request, the organization identifier in the access request is obtained, and the organization identifier is substituted into the organization identifier parameter to perform a structured query language (SQL) operation to access the data in the data table.

[0059] The data management method provided in this application uses the organization identifier in the access request as a parameter in the structured query language corresponding to the access request to access data in the data table. Whether the accessed data table is of a shared type or not, the organization identifier in the access request can be used as a parameter to execute the structured query language SQL operation, which can reduce the complexity of the code and improve the access efficiency.

[0060] In one optional implementation, step S104, which involves accessing data in the data table according to the organization identifier in the access request, further includes: if the access request is to change data in the data table, then changing the data in the data table according to the organization identifier in the access request.

[0061] In this embodiment of the application, if the purpose of the requester to access the data in the data table is to change the data in the data table, the access request may also include the data to be changed and the target data. After obtaining the access request or updating the access request, the changed data can be accessed according to the organization identifier in the access request and the changed data can be changed to the target data.

[0062] The data management method provided in this application embodiment, if the access request is to change data in a data table, then changes the data in the data table according to the organization identifier in the access request. After the data in the data table is changed, any requesting party can access and obtain the changed data by issuing an access request for the data, without all organizations needing to update the same general data, which can improve the efficiency of updating general data.

[0063] Example 2

[0064] Based on the above embodiment one, the organization type can be a management organization or a legal entity. In the case where the organization in a multi-legal entity system includes both management organizations and legal entities, the specific steps of the data management method further include:

[0065] Step S201: Determine the organization type of the requesting party based on the access request.

[0066] Step S202: If the accessed data table is of the isolation type and the organization type is management organization, then obtain the organization identifier of the legal entity under the management organization.

[0067] Step S203: Access the data in the data table based on the organization identifier of the legal entity under the management organization.

[0068] The type of organization is either a management body or a legal entity. A management body does not have the ability to independently conduct business activities; a legal entity under a management body has the ability to independently conduct business activities and is an independent legal person.

[0069] In this embodiment of the application, since the management organization does not have the ability to independently carry out business activities, there is no data generated by business activities. The data table only stores the data corresponding to each legal entity. Therefore, it is necessary to obtain the organization identifier of the legal entity under the management organization and access the data in the data table based on the organization identifier of the legal entity under the management organization.

[0070] This application does not limit the method for determining the organization type of the requesting party. For example, the organization identifier may include information indicating the organization type; for instance, the organization identifier of a management organization begins with "GL," and the organization identifier of a legal entity begins with "legal person." The organization identifier in the access request can be obtained, and the organization type of the requesting party can be determined by identifying the information indicating the organization type within it.

[0071] It should be understood that if the type of the accessed data table is isolated and the organization type is management organization identifier or management organization, then step S103 will update the organization identifier in the access request to the organization identifier corresponding to the shared type data table and access the data in the data table according to the organization identifier in the access request.

[0072] This application does not limit the execution order of determining the organization type of the requester's organization and the type of the accessed data table based on the access request. For example, the type of the accessed data table can be determined first based on the access request; if the accessed data table type is determined to be isolated, the organization identifier in the access request is updated to the organization identifier corresponding to the shared type data table, and the data in the data table is accessed according to the organization identifier in the access request; if the accessed data table type is determined to be shared, the organization type of the requester's organization is determined based on the access request; if the organization type is a management organization, the organization identifier of the legal entity under that management organization is obtained, and the data in the data table is accessed according to the organization identifier of the legal entity under that management organization; if the organization type is a legal entity, the data in the data table is accessed according to the organization identifier in the access request.

[0073] The data management method provided in this application determines the organization type of the requester based on the access request; the organization type is either a management organization or a legal entity; if the accessed data table is of the isolated type and the organization type is a management organization, then the organization identifier of the legal entity under the management organization is obtained; and the data in the data table is accessed based on the organization identifier of the legal entity under the management organization. In a multi-legal entity system, where organizations include both management organizations and legal entities, this method allows requesters from management organizations to access data corresponding to their subordinate legal entities, while restricting requesters from accessing data corresponding to entities not under their jurisdiction, thus ensuring data security.

[0074] Example 3

[0075] Based on the above embodiment two, this embodiment involves a refinement of an implementation method for obtaining the organizational identifier of the legal entity under the management organization in step S202, specifically including the following steps:

[0076] Step S301: Pre-configure the organizational hierarchy table according to the organizational structure of the multi-legal entity system.

[0077] Step S302: Obtain the organization identifier of the legal entity under the management organization by recursively querying the organization hierarchy table.

[0078] This application does not limit the method of pre-configuring the organizational hierarchy table. For example, the organizational hierarchy table can be filled in directly according to the organizational structure, or the organizational structure relationship tree can be obtained and the organizational hierarchy table can be generated according to the organizational structure relationship tree.

[0079] Figure 3This application provides an organizational structure diagram, in which the group headquarters, first-level management headquarters A, first-level management headquarters B, second-level management headquarters A, and second-level management headquarters B are all management organizations, and the directly affiliated legal entities, legal entity A, legal entity B, legal entity C, legal entity D, and legal entity E are all legal entities. Figure 3 The pre-configured organizational hierarchy table shown in Table 2 below is an example of the organizational structure:

[0080] Table 2

[0081] Organizational logo Organization Name Subordinate agency logo GL000 Group Headquarters GL10A GL000 Group Headquarters GL10B GL000 Group Headquarters FR000 GL10A Level 1 Management Headquarters A FR00A GL10B Level 1 Management Headquarters B FR00B GL10B Level 1 Management Headquarters B GL20A GL10B Level 1 Management Headquarters B GL20B GL20A Second-level management headquarters A FR00C GL20A Second-level management headquarters A FR00D GL20B Second-level management headquarters B FR00E FR000 Directly affiliated legal entities / FR00A Legal entity A / FR00B Legal entity B / FR00C Legal entity C / FR00D Legal entity D / FR00E Legal entity E /

[0082] Those skilled in the art will understand that the above Figure 3 Table 2 is for illustrative purposes only. The organizational structure and hierarchical table above are not strictly based on the above. Figure 3 Limited to Table 2. Any organizational structure and any method that can express the relationships between the various organizations within the organizational structure are within the scope of this disclosure.

[0083] Specifically, after determining that the accessed data table is of the isolation type and the organization type is management organization, the organization identifiers of the legal entities under the management organization are obtained by recursively querying the organization hierarchy table. The legal entities under the management organization include the directly subordinate legal entities of the management organization and the directly subordinate legal entities of its subordinate management organizations.

[0084] For example, in Figure 3 In the organizational structure shown in Table 2, if the requesting party's organization is a first-level management headquarters B, then the organizational identifiers of the legal entities under that management organization include: the organizational identifier FR00B of legal entity B, the organizational identifier FR00C of legal entity C, the organizational identifier FR00D of legal entity D, and the organizational identifier FR00E of legal entity E.

[0085] The data management method provided in this application pre-configures an organizational hierarchy table based on the organizational structure of a multi-legal entity system; and obtains the organizational identifiers of legal entities under the management organization by recursively querying the organizational hierarchy table. The pre-configured organizational hierarchy table is used to determine the organizational identifiers of legal entities under the management organization, so as to access data in the data table based on the organizational identifiers of the legal entities under the management organization.

[0086] In one alternative approach, the method for determining the legal entities and corresponding organizational identifiers under a management organization by recursively querying an organizational hierarchy table includes the following steps:

[0087] Step S3021: Query the subordinate organizations of the management organization in the organizational hierarchy table.

[0088] Step S3022: If the organization type of the subordinate organization is a legal entity, then obtain the organization identifier of the subordinate organization and determine the organization identifier of the subordinate organization as the organization identifier of the legal entity under the management organization.

[0089] Step S3023: If the subordinate organization's organization type is a management organization, then update the subordinate organization to the current organization and execute the step of querying the subordinate organizations of the current organization in the organization hierarchy table.

[0090] In this embodiment of the application, if multiple subordinate organizations of the management organization are found in the organizational hierarchy table, then step S3022 or step S3023 is executed for each of the multiple subordinate organizations.

[0091] For example, with Figure 3 Taking the organizational structure as an example, if the requesting party's organization is a group headquarters, then the subordinate organizations of this management organization include first-level management headquarters A, first-level management headquarters B, and directly affiliated legal entities. For directly affiliated legal entities, step S3022 is executed to obtain the organization identifier of the directly affiliated legal entity, and this identifier is determined as the organization identifier of the legal entity under the group headquarters. For first-level management headquarters A and first-level management headquarters B, step S3023 is executed to update the subordinate organization to the current organization and to query the subordinate organizations of the current organization in the organizational hierarchy table. For example, for first-level management headquarters B, first-level management headquarters B is updated to the current organization, step S3021 is executed to query the subordinate organizations of first-level management headquarters B in the organizational hierarchy table, and step S3022 or step S3023 is executed for each subordinate organization of first-level management headquarters B.

[0092] The data management method provided in this application involves querying the subordinate organizations of a management organization in an organizational hierarchy table. If the subordinate organization's organization type is a legal entity, its organization identifier is obtained and used as the organization identifier of the legal entity under the management organization. If the subordinate organization's organization type is a management organization, it is updated to the current organization, and the step of querying the subordinate organizations of the current organization in the organizational hierarchy table is executed. By recursively querying the organizational hierarchy, the legal entities under the management organization can be determined more accurately, avoiding the omission of obtained organization identifiers of legal entities under the management organization.

[0093] Example 4

[0094] The data management method provided in the above embodiments will be illustrated below with a specific example. Figure 4 This is a flowchart of a data management method provided in Embodiment 4 of this application, as follows: Figure 4 As shown, it includes the following steps:

[0095] Step S401: Obtain the access request.

[0096] Step S402: Determine whether the organization type of the requesting party is a management organization. If the organization type is a management organization, proceed to step S403 and then proceed to the subsequent steps; if the organization type is not a management organization but a legal entity, proceed to step S406.

[0097] Specifically, the type of organization to which the requester belongs can be determined by the organization identifier in the access request.

[0098] Step S403: Access the data table and determine whether the data table type is shared. If the data table type is shared, then determine that the accessed data table type is shared and the organization type is management organization, and proceed to step S304; if the data table type is not shared, then determine that the accessed data table type is isolated and the organization type is management organization, and proceed to step S405 and subsequent steps.

[0099] In this embodiment of the application, the access request may include identification information of the accessed data table, and the accessed data table can be determined based on the identification information of the accessed data table.

[0100] Step S404: Update the organization identifier in the access request to the organization identifier corresponding to the shared type data table, and then execute step S408.

[0101] Step S405: Obtain the organization identifier of the legal entity under the management organization, and then proceed to step S408.

[0102] Step S406: Access the data table and determine whether the type of the accessed data table is a shared type. If the type of the data table is a shared type, then determine that the type of the accessed data table is a shared type and the organization type is a legal entity, and proceed to step S307; if the type of the data table is not a shared type, then determine that the type of the accessed data table is an isolated type and the organization type is a legal entity, and proceed to step S408.

[0103] Step S407: Update the organization identifier in the access request to the organization identifier corresponding to the shared type data table, and then execute step S408.

[0104] Step S408: Access the data in the data table based on the organization identifier.

[0105] In this embodiment of the application, after executing step S404, or step S406, or step S407, the data in the data table is accessed according to the organization identifier in the access request; after executing step S405, the data in the data table is accessed according to the organization identifier of the legal entity under the management organization.

[0106] The data management method provided in this application involves obtaining an access request; the access request includes the organization identifier of the user's organization; determining the type of the accessed data table based on the access request; if the accessed data table is of a shared type, updating the organization identifier in the access request to the organization identifier corresponding to the shared type data table; and accessing the data in the data table according to the organization identifier in the access request. Determining the type of the accessed data table through the access request can determine whether the accessed data is general data; if it is not general data, only the corresponding data can be accessed based on the organization identifier of the requesting organization, achieving data isolation; if it is general data, the organization identifier in the access request can be updated, and the general data corresponding to the updated shared type data table can be accessed, achieving data sharing. Therefore, the method provided in this application can achieve data isolation between different legal entities while sharing general data, improving the management efficiency of general data and ensuring the security of the business data of each legal entity.

[0107] Example 5

[0108] Figure 5 This is a schematic diagram of the data management device provided in Embodiment 5 of this application. The data management device provided in this embodiment can execute the processing flow provided in the data management method embodiment. Figure 5 As shown, the data management device 50 includes: an acquisition module 501, a type determination module 502, an update module 503, and an access module 504.

[0109] Specifically, the acquisition module 501 is used to acquire the access request; the access request includes the organization identifier of the user's organization.

[0110] The type determination module 502 is used to determine the type of the accessed data table based on the access request.

[0111] The update module 503 is used to update the organization identifier in the access request to the organization identifier corresponding to the shared type data table if the accessed data table is of the shared type.

[0112] Access module 504 is used to access data in a data table based on the organization identifier in the access request.

[0113] The apparatus provided in this application embodiment can be specifically used to execute the method embodiment provided in Embodiment 1 above, and the specific functions will not be repeated here.

[0114] Optionally, the type determination module 502 is further configured to: determine the organization type of the requester's organization based on the access request; the organization type is a management organization or a legal entity; the acquisition module 501 is further configured to: if the access data table is of the isolation type and the organization type is a management organization, then acquire the organization identifier of the legal entity under the management organization; the access module 504 is further configured to: access the data in the data table based on the organization identifier of the legal entity under the management organization.

[0115] Optionally, the data management device 50 includes: a configuration module; the configuration module is used to: pre-configure an organizational hierarchy table according to the organizational structure of the multi-legal entity system; the acquisition module 501 is specifically used to: obtain the organizational identifier of the legal entity under the management organization by recursively querying the organizational hierarchy table.

[0116] Optionally, the acquisition module 501 is specifically used to: query the subordinate institutions of the management institution in the institutional hierarchy table; if the institution type of the subordinate institution is a legal entity, then obtain the institution identifier of the subordinate institution and determine the institution identifier of the subordinate institution as the institution identifier of the legal entity under the management institution; if the institution type of the subordinate institution is a management institution, then update the subordinate institution to the current institution and execute the step of querying the subordinate institutions of the current institution in the institutional hierarchy table.

[0117] Optionally, the access request includes the identification information of the access data table. The type determination module 502 is further used to: search for the identification information of the access data table in a pre-configured type parameter table to determine the type of the access data table corresponding to the identification information of the access data table; the identification information and type association of the access data table are stored in the type parameter table.

[0118] Optionally, the data table includes an organization identifier field, and the values ​​of the organization identifier field are the same in shared type data tables; the data table is stored in a relational database; the access module 504 is specifically used to: use the organization identifier in the access request as a parameter in the structured query language corresponding to the access request, so as to access the data in the data table.

[0119] Optionally, the access module 504 is further configured to: if the access request is to change data in the data table, then change the data in the data table according to the organization identifier in the access request.

[0120] The apparatus provided in this application embodiment can be specifically used to execute the above method embodiments, and its specific functions will not be described in detail here.

[0121] Example 6

[0122] Figure 6 This is a schematic diagram of the structure of the electronic device provided in Embodiment Six of this application, as shown below. Figure 6 As shown, this application also provides an electronic device 60, including: a memory 601, a processor 602, and a transceiver 603.

[0123] The memory 601 stores computer-executed instructions, and the transceiver 603 sends and receives data. Specifically, the program may include program code, which includes computer-executed instructions. The memory 601 may include high-speed RAM, and may also include non-volatile memory, such as at least one disk drive.

[0124] Processor 602 is used to execute programs stored in memory 601.

[0125] The computer execution instructions are stored in memory 601 and configured to be executed by processor 602 to implement the method provided in any embodiment of this application. Related descriptions can be understood by referring to the relevant descriptions and effects corresponding to the steps in the accompanying drawings, and will not be elaborated upon here.

[0126] In this embodiment, the memory 601 and the processor 602 are connected via a bus. The bus can be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, or an Extended Industry Standard Architecture (EISA) bus, etc. The bus can be divided into address bus, data bus, control bus, etc. For ease of representation, Figure 6 The bus is represented by a single thick line, but this does not mean that there is only one bus or one type of bus.

[0127] This application also provides a computer-readable storage medium storing computer-executable instructions thereon, which are executed by a processor to implement the method provided in any embodiment of this application.

[0128] This application also provides a computer program product, including computer execution instructions, which, when executed by a processor, implement the method provided in any embodiment of this application.

[0129] In the several embodiments provided in this application, it should be understood that the disclosed apparatus and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of modules is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple modules or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be through some interfaces; the indirect coupling or communication connection between apparatuses or modules may be electrical, mechanical, or other forms.

[0130] The modules described as separate components may or may not be physically separate. Similarly, the components shown as modules may or may not be physical modules; they may be located in one place or distributed across multiple network modules. Some or all of the modules can be selected to achieve the purpose of this embodiment, depending on actual needs.

[0131] Furthermore, the functional modules in the various embodiments of this application can be integrated into one processing module, or each module can exist physically separately, or two or more modules can be integrated into one module. The integrated module can be implemented in hardware or in a combination of hardware and software functional modules.

[0132] The program code used to implement the methods of this application may be written in any combination of one or more programming languages. This program code may be provided to the processor or controller of a general-purpose computer, special-purpose computer, or other programmable full-path fusion device, such that when executed by the processor or controller, the functions / operations specified in the flowcharts and / or block diagrams are implemented. The program code may be executed entirely on a machine, partially on a machine, as a standalone software package partially on a machine and partially on a remote machine, or entirely on a remote machine or server.

[0133] In the context of this application, a machine-readable medium can be a tangible medium that may contain or store a program for use by or in conjunction with an instruction execution system, apparatus, or device. A machine-readable medium can be a machine-readable signal medium or a machine-readable storage medium. Machine-readable media can be, but is not limited to, electronic, magnetic, optical, electromagnetic, infrared, or semiconductor systems, apparatus, or devices, or any suitable combination of the foregoing. More specific examples of machine-readable storage media include electrical connections based on one or more wires, portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fibers, portable compact disk read-only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the foregoing.

[0134] Furthermore, although the operations are described in a specific order, this should be understood as requiring that such operations be performed in the specific order shown or in sequential order, or requiring that all illustrated operations be performed to achieve the desired result. In certain environments, multitasking and parallel processing may be advantageous. Similarly, although several specific implementation details are included in the above discussion, these should not be construed as limiting the scope of this application. Certain features described in the context of individual embodiments may also be implemented in combination in a single implementation. Conversely, various features described in the context of a single implementation may also be implemented individually or in any suitable sub-combination in multiple implementations.

[0135] Other embodiments of this application will readily occur to those skilled in the art upon consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of this application that follow the general principles of this application and include common knowledge or customary techniques in the art not disclosed herein. The specification and examples are to be considered exemplary only, and the true scope and spirit of this application are indicated by the following claims.

[0136] It should be understood that this application is not limited to the precise structure described above and shown in the accompanying drawings, and various modifications and changes can be made without departing from its scope. The scope of this application is limited only by the appended claims.

Claims

1. A data management method, characterized in that, include: Obtain an access request; the access request includes the organization identifier of the user's organization; The organization type of the requesting party is determined based on the access request; wherein, the organization type is a management organization or a legal entity; The type of accessed data table is determined based on the access request; wherein the data table type is either shared or isolated; the data table includes an organization identifier field, and the organization identifier field values ​​are the same in the shared type data table; When the type of organization is a legal entity: If the accessed data table is of the shared type, the organization identifier in the access request will be updated to the organization identifier corresponding to the shared type data table, and the data in the data table will be accessed according to the updated organization identifier in the access request; if the accessed data table is of the isolated type, the data in the data table will be accessed according to the organization identifier in the access request. When the organization type is a management organization: If the accessed data table is of the isolated type, then obtain the organization identifier of the legal entity under the management organization; access the data in the data table based on the organization identifier of the legal entity under the management organization.

2. The method according to claim 1, characterized in that, Also includes: Pre-configure the organizational hierarchy table based on the multi-legal entity system's organizational structure; The process of obtaining the organizational identifier of the legal entity under the management organization includes: The organizational identifiers of legal entities under the management organization are obtained by recursively querying the organizational hierarchy table.

3. The method according to claim 2, characterized in that, The step of determining the legal entities and corresponding organizational identifiers under the management organization by recursively querying the organizational hierarchy table includes: Query the subordinate organizations of this management organization in the organizational hierarchy table; If the subordinate organization is a legal entity, then obtain the organization identifier of the subordinate organization and determine the organization identifier of the subordinate organization as the organization identifier of the legal entity under the management organization; If the subordinate organization is a management organization, then update the subordinate organization to the current organization and execute the steps to query the subordinate organizations of the current organization in the organization hierarchy table.

4. The method according to any one of claims 1-3, characterized in that, The access request includes identification information of the accessed data table, and determining the type of the accessed data table based on the access request includes: The identification information of the access data table is searched in the pre-configured type parameter table to determine the type of the access data table corresponding to the identification information of the access data table; the identification information and type association of the access data table are stored in the type parameter table.

5. The method according to any one of claims 1-3, characterized in that, The data table is stored in a relational database; Accessing data in the data table based on the organization identifier in the access request includes: The organization identifier in the access request is used as a parameter in the corresponding Structured Query Language (SCL) to access data in the data table.

6. The method according to any one of claims 1-3, characterized in that, The method of accessing data in the data table according to the organization identifier in the access request also includes: If the access request is to modify data in a data table, then the data in the data table is modified according to the organization identifier in the access request.

7. A data management device, characterized in that, include: The acquisition module is used to acquire access requests; the access request includes the organization identifier of the user's organization; The type determination module is used to determine the organization type of the requesting party's organization based on the access request; wherein, the organization type is a management organization or a legal entity; The type determination module is further configured to determine the type of the access data table based on the access request; wherein the type of the data table is either a shared type or an isolated type; the data table includes an organization identifier field, and the organization identifier field values ​​are the same in the shared type data table; When the type of organization is a legal entity: The update module is used to update the organization identifier in the access request to the organization identifier corresponding to the shared type data table if the type of the accessed data table is shared; the access module is used to access the data in the data table according to the organization identifier in the updated access request; the access module is also used to: access the data in the data table according to the organization identifier in the access request if the type of the accessed data table is isolated. When the organization type is a management organization: The acquisition module is further configured to: if the access data table is of the isolated type, then acquire the organization identifier of the legal entity under the management organization; the access module is further configured to: access the data in the data table based on the organization identifier of the legal entity under the management organization.

8. An electronic device, characterized in that, include: A processor, and a memory and a transceiver communicatively connected to the processor; The memory stores computer-executed instructions; the transceiver is used for sending and receiving data. The processor executes computer execution instructions stored in the memory to implement the method as described in any one of claims 1-6.

9. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores computer-executable instructions, which, when executed by a processor, are used to implement the method as described in any one of claims 1-6.

10. A computer program product comprising computer-executable instructions, characterized in that, When the computer execution instructions are executed by the processor, they implement the method as described in any one of claims 1-6.