The following relates to multitenant access to databases, processes, and memory. More specifically, implementations relate to providing isolation between tenants of multi-tenant applications.
Consolidation or Cloud-based deployment of applications may be done in many different ways, typically based on virtualization on some layer of a stack. Virtualization technologies typically operate on the hardware layer (traditional virtual machines), operating system layer (container databases), or application layer (in-application virtualization or multi-tenant applications).
While hardware virtualization generally provides the best isolation with respect to security and performance, it also generally provides the lowest density and least efficiency. In contrast, in-application virtualization generally provides better manageability (“manage many-as-one”), density, efficiency, and elasticity, but does not provide the same level of isolations as Virtual Machines (VM). Unfortunately, end users have to choose between either one of them, which means selecting between efficiency and security isolation.
Currently, Pluggable Database (PDB) consolidation models have been introduced to help solve the efficiency issues of conventional consolidation models. Efficiency gains result from the aggregation of work across multiple PDBs in shared background processes of the CDB (e.g., log writer and database writer) and sharing of SGA memory. Additionally, PDBs do not require any partitioning of physical resources as needed for instance-based consolidation (memory—dedicated SGA) or VMs (memory, grid disks, and eventually CPU), but share these resources on demand. Their footprint is much lower than that of instances or VMs, resulting in much higher density of PDBs, allowing PDBs to react more dynamically to load changes.
Performance studies show that a PDB consolidation model is far more efficient than instance-based consolidation of Non-Container Databases (non-CDBs), or even the deployment of databases inside virtual machines (VMs). Unfortunately, while conventional PDBs consolidation models have higher efficiency, they generally lack the level of isolation (i.e. security and performance isolation) typically provided by VMs. For example, database foreground processes run as the same UNIX user ID without access control to memory, files, storage and network devices or other processes enforced by the Operating System (OS). Such lack of isolation allows database tenants who gain access to the OS, or are able to inject malicious code in a database session, to access data, trace files, network packets and processes of other tenants.
Moreover, current PDBs do not provide mechanisms to allow secure access to the operating system (OS) of the database server hosting the PDB, which restricts access. This limits database tenants from performing common tasks such as directly accessing trace files, staging data through external tables, running their own scripts or monitoring tools, etc.
Therefore, a new and improved system and method for consolidating PDBs is desired to overcome the above.