Secure Multi-Tenancy
SAIC's Secure Multi-Tenancy (SMT) solution allows many users to reside on the same physical infrastructure, but with secure logical separation.
Overview
SAIC's Secure Multi-Tenancy (SMT) solution allows many users to reside on the same physical infrastructure, but with secure logical separation.
Applications
SMT data protection is enforced on a shared storage infrastructure by implementing a logical encryption mechanism around the data. The volumes provisioned from the storage array can also be dedicated to an individual tenant or community of interest where appropriate.
Features
Data Storage Architecture - Each component of the storage tier facilitates the protection of each tenant's data. SMT offers:
- Logical encrypted storage multi-tenancy removing storage silos
- Enterprise grade encryption at rest
- FIPS 140-2 Level 3
- Secure and rapid de-provisioning
- Trusted third-party data storage management
- Automated key management (optional tenant controlled key management)
- Secure replication
- Protecting data from administrators
- Highly available data fabrics
Network Architecture - Hypervisors have two main classes of network traffic, and each type is properly isolated based on its sensitivity. These include:
- Defense in depth (firewalls, information processing standards, etc.)
- Trusted third-party management
- Centralized logging
Compute Architecture - To protect the environment from a future VM breakout to the hypervisor, SAIC has implemented workload homogenous clusters. The architecture limits the damage inflicted by:
- Cluster workload homogeneity
- Trusted third-party management
- Multiple tenants on the same cluster
- Centralized logging
- Compliance with vSphere Hardening Guide
- Dedicated management
- Optional customer-controlled provisioning
- Scalability and data throughput
- Limitation and segregation of accesses through role-based access control
Benefits
In today's shrinking budget environment, agencies and organizations are continually being asked to do more with fewer resources. To accomplish this, they are looking to cloud computing to maximize their IT agility and generate IT cost reductions.
As a major systems integrator with a reputation for IT leadership and a commitment to excellence and security in service delivery, SAIC delivers a secure, trusted multi-tenant solution. Our solution offers additional layers of isolation to meet elevated security requirements to enable the use of a multi-tenant architecture.
Shared Storage/Network Encryption with Centrally Controlled Key Management
Shared Storage/Compute/Network Encryption with Community Controlled Key Management
Shared Storage with Centrally Controlled Key Management
Shared Storage with Tenant Controlled Key Management
Shared Storage/Compute/Network Encryption with Tenant Controlled Key Management