The invention relates generally to multi-tenant computing systems.
In the computing field, a software-as-a-service (SaaS) model is based on the promise of sharing the cost of computing and administrative resources between many customers (tenants) of a given service. A SaaS environment may offer a service such as storage (Storage-as-a-Service), identity management (ID-as-a-Service), and so on to the customers of the service.
The cost of operation of a SaaS environment is a major concern for service providers. A key factor for reducing this cost is the provider's ability to share resources. However, each customer tenant requires a certain level of isolation from other tenants, for data protection or security in proportion to the level of protection obtainable when an application is hosted on-premises and under control of a customer's IT organization. For example, it may be permissible for a company's public information to be visible to other tenants, whereas the company's employee information must be kept isolated from other tenants.
Thus a key capability of any shared infrastructure is multitenancy. Multitenancy allows various tenants to optimize resource sharing in a SaaS environment while providing sufficient level of isolation among the tenants for data security needs.