1. Field of the Invention
The present invention is in the field of database systems. In particular, the present invention provides a method of partitioning data within a database.
2. Description of the Related Art
“Software as a service” refers to a method of allowing users to access software applications as-and-when they are required through distributed networks such as the Internet. This alleviates the need for software to be installed and licensed on particular computer systems within an organization and typically allows access to advanced features through a “web interface” or HTML (HyperText Markup Language) page that can be accessed using an Internet browser such as Internet Explorer™ from Microsoft Corporation or Firefox™ from the Mozilla Foundation.
The hardware needed to implement a “software as a service” system typically comprises a central computer system operating as an application server. The application server implements the “web interface” and handles incoming user requests and communications. The application server allows a user to access and process appropriate data. This data is typically stored within a database operably connected to the application server.
In certain situations, the application server is required to supply a particular application to multiple departments of a particular organization. For example, a software provider may need to provide an employee management application to multiple departments of a large multi-national company. Alternatively, a software provider may need to provide an application to different legal entities that are collectively part of a larger parent company. In these situations data related to the organization is typically stored within a single database to which all departments have access.
In other situations, the application server is required to supply a particular application, or collection of customized applications, to multiple organizations. For example, a software provider may need to provide a payroll application to a number of entities, including government departments, small businesses and large corporations. This ability to service multiple customers using a single application instance, typically with the same database, is referred to as “multi-tenancy”. By providing multi-tenancy a software provider is able to invest in central infrastructure and reduce the cost of supplying software applications to customers. Multi-tenancy also allows maintenance and upgrades to be performed centrally for all customers using the application.
However, implementing such software applications also generates numerous problems that need to be addressed. Applications that support multiple departments or multi-tenancy have to provide the ability of partitioning their data for security purposes. This ensures, for example, that a human resources administrator of one company cannot access data concerning employees of another company whilst being provided with the same payroll application; even though both companies' data will be accessed by a single application server providing the same payroll application.
In the prior art, some application providers have attempted to provide this security by partitioning the data within the database by company or organization. In this solution, a user can only access data assigned to his/her organization's partition. However, this solution requires application data that is common to a plurality of organizations, for example, data concerning national legal requirements, to be replicated for each partition. Similar problems also occur for related partitioning schemes that partition data along national boundaries. Such solutions often lead to consistency and redundancy problems, as well as requiring more storage space.
Additionally, large organizations today are typically a complex set of structures (e.g. a corporation may be a conglomerate of smaller companies), that often span multiple countries and conduct many different types of activities subject to different laws. Such organizations may not fit into the simple mould used by prior art partitioning methods and may require complex separation of certain data. For example, an organization may employ staff that move around European offices under free movement of labor agreements; in such a case a manager may need to access data concerning a team of employees that branch geographic and legal boundaries.
Hence there is a requirement in the art to provide a well defined architecture for partitioning data to support requirements of the modern world, i.e. multi-tenancy, multi-national organizations and multiple levels of partitioning. Existing solutions provide limited solutions that are unsuitable for complex organizations.