A multi-tenant environment refers to a technology wherein a single storage system is deployed to serve multiple customers, each customer using the same storage system for their protection storage requirements. A storage system, which supports multi-tenants, must satisfy the security and isolation requirements. Here, the “security and isolation requirements” refer to the requirements that each customer's dataset must be secured and isolated from the other customers on the storage component. The security and isolation requirements apply to the authentication and authorization of customers that request data access. For example, a customer (e.g., a tenant) must not be able to enter another customer's data sets, or read or write to data sets that belong to another customer. The security and isolation requirements can also refer to managing access control. For example, an administrator of one customer must not be able to perform system configuration, monitoring, etc., of the datasets that belong to another customer. Thus, although the customers may share the same storage system for authenticating, authorizing, backing up, restoring, or replicating their datasets, none of the customers can be aware of the presence of other customers in the storage system.
Other than the security and isolation requirements, there were some other obvious problems in deploying multi-tenants within a single storage system. For example, a conventional multi-tenant system does not include an authentication and authorization component, in which a principal (e.g., a user with administrative roles/privileges) could log in to one customer, obtain multiple roles associated with that one customer, and be authorized to use the multiple roles within that one customer, while the principal is also associated with additional roles for other customers which are not authorized within that one customer. Deploying multi-tenants on a conventional multi-tenant system, especially in regards to a service provider dealing with a customer's revocation or reorganization request, also presents a problem of administrative scaling and authorization. For example, if tens or hundreds of customers are deployed in the same conventional multi-tenant system, and if none of these customers' own administrators could perform self-administration of a revocation or reorganization request, then for each and every revocation and reorganization request, the customers would be dependent on the system administrator. Thus, the system administrator would face a problem as the number of customers increase, and each customer would face a problem when it needs to revoke data access to another customer.
In addition, as the storage system industry experiences a paradigm shift towards Software Defined Storage (SDS), Software Defined Data Center (SDDC), Software Defined Infrastructure (SDI) etc., the security authentication and authorization considerations for operations on storage systems have changed. Storage systems are now Cloud enabled, and are ready to be deployed in use cases that enable the storage systems to be used in “as a service” models. The problems and challenges faced with regards to security authentication and authorization for operations performed on storage system resources being exposed in this new and evolving paradigm are different. Conventional mechanisms are no longer sufficient to satisfy the security authentication and authorization concerns of such environments, especially in a multi-tenant environment.