Multi-tenancy refers to a technology wherein a single protection storage appliance is deployed to serve multiple customers, each customer using the same storage appliance for their protection storage requirements. A storage system which supports multi-tenancy must satisfy the security and isolation requirements. Here, the “security and isolation requirements” refer to the requirements that each customer's dataset must be secured and isolated from the other customers on the storage appliance. The security and isolation requirements apply to data access. For example, a customer must not be able to read or write to datasets that belong to another customer. The security and isolation requirements can also refer to control access. For example, an administrator of one customer must not be able to perform system configuration, monitoring, etc., of the datasets that belong to another customer. Thus, although the customers may share the same storage appliance for backup, restore, or replicating their datasets, none of the customers can be aware of the presence of other customers in the storage appliance.
As protection storage appliances being deployed by protection storage service providers in multi-tenancy deployment, the same storage appliance may be used to store data of multiple tenants (e.g., customers). In such deployments, it is important to ensure that data management operations are secure from a multi-tenancy perspective, and do not result in one tenant's dataset being inadvertently written to another tenant's data objects.