For efficient utilization of server resources in a data center, as many applications as possible are loaded and executed on each server. The applications are associated with many different tenants or customers. Each application may be run in a separate operating system process. However, because the operating system resources are shared across these applications, this configuration may be a security and reliability risk. One application may accidentally or maliciously interfere with the operating system or with other applications running on the same server.
A malicious application can make security attacks, for example, by installing malware on the server, reading private data belonging to other applications, spoofing other applications such as by improperly using the credentials and certificates of the other applications, tampering with the operation of other applications by squatting on network ports assigned to the other applications and/or emitting false diagnostic messages for the other applications, and so on.
An application can make reliability attacks, for example, by over-consuming resources, such as CPU, memory, disk and other operating system resources, flooding the network with too much traffic, sending messages to other applications by various inter-process communication mechanisms, and so on. Such reliability attacks may starve properly operating applications of necessary resources and thereby cause those applications to slow down or fail.