Pas3 Tenancy Design Patterns (Predix Transform 2016)
- 1. Tenancy Design Patterns Fermin Ordaz (@fermin_ordaz) – Application Security Dave Chen (@DaveXChen) – Machine
- 2. 2PREDIX TRANSFORM Agenda Understanding Multi-tenancy1 Multi-tenancy in CF2 4 Multi-tenancy Patterns 5 EdgeManager Demo 3 Multi-tenancy Pillars
- 3. 3PREDIX TRANSFORM Picture Here Understanding Multi-tenancy Motivation •Develop and maintain one application, serve multiple customers. •Sharing storage and computational resources. •Cost reduction (ideally). Implications •Increased complexity, configuration and customization. •Data isolation and access control. •Affects how we expose and consume services. •Authentication, Authorization, User Management, Provisioning, Billing, Metering, Rate limiting, etc.
- 4. 4PREDIX TRANSFORM Multi-tenancy in CF – Org/Space
- 5. 5PREDIX TRANSFORM Provisioning Spectrum Provisioning in CF •Handled via Service Broker (and Service Implementation) •Create and Bind. •Service Plan and Custom parameters. •Many choices.
- 6. 6PREDIX TRANSFORM Picture Here Multi-tenancy Pillars Data Partition •Who is your tenant ? •Partition Key. •Label your Data. •Targeting partition. Authentication •Type of credentials •Credentials storage. •Authentication all the time. Authorization •Owner controls. •Who != What’s allowed •Privileges, scopes, attributes. •Privileges and Data Labels. Provisioning/Scope •Service Broker/Static •Service discovery •Credentials lookup
- 7. 7PREDIX TRANSFORM Picture Here Multi-tenancy Patterns - I Authentication Mechanism •Binding Credentials Partitioning Scheme •Instance id VS Instance/app id Provisioning/Scope •Instance in tenant org/space. •Shared in org/space. •Not visible outside. Authorization Mechanism •Who drives access. •Control per instance, or per App. •No built in privileges.
- 9. 9PREDIX TRANSFORM Picture Here Multi-tenancy Patterns - II Authentication Mechanism •OAuth token from tenant UAA •Store credentials ? No •Clients can get credentials from TMS. Partitioning Scheme •Instance id VS Instance/client id (OAuth) •Fine grained access via Data labeling Scope •Instance in tenant org/space. •No binding. Visible from other org/spaces via (TMS) Authorization Mechanism •OAuth authorities or ACS attributes. •Service instance protection via ZAC.
- 12. 12PREDIX TRANSFORM Picture Here Building Blocks TMS – Tenancy Management Services •Service instance provisioning. •Service instance registry. •Lookup of Client Credentials. •Tenant Onboard and Subscription. ZAC – Zone Access Control •ZAC protects your services. •ZAC checks tokens. •ZAC checks token authorities. ACS – Access Control Services •ACS for API protection (Policies) •ACS for storing subject attributes. •ACS for storing resource attributes.
- 14. General Electric reserves the right to make changes in specifications and features, or discontinue the product or service described at any time, without notice or obligation. These materials do not constitute a representation, warranty or documentation regarding the product or service featured. Illustrations are provided for informational purposes, and your configuration may differ. This information does not constitute legal, financial, coding, or regulatory advice in connection with your use of the product or service. Please consult your professional advisors for any such advice. GE, Predix and the GE Monogram are trademarks of General Electric Company. ©2016 General Electric Company – All rights reserved.