Multi-Tenancy in HP Matrix Operating Environment Infrastructure Orchestration

ManualsBrandsHP ManualsSoftwareHP Matrix Operating Environment w/Insight Control 24x7 Supp Tracking Lic

Information Security

A key requirement for multi-tenancy is to ensure that information from one organization does not leak to another, thus

it is important that the IO artifacts are kept private. The following tables show the filtering of information.

Information

Service Provider

Admin using Console

Service

Provider User

Using Self-

Service Portal

Organization Admin

Using Organization

Administrator Portal

Organization User

Using Self Service

Portal

Users

Visibility of which

Windows users and

groups are

associated with each

organization.

No visibility

of other users.

Visibility of which

users and groups

have been assigned

to the organization,

but no visibility of

other organizations

No visibility of any

other users.

Request

Messages

Unrestricted Only

messages

from user’s

requests

Request messages

from all organization

users

Only request

messages originating

from user. If user is

member of more than

one organization then

all his request

messages are visible

whatever the

organization.

Services

Unrestricted Only services

created by

user.

Services created by

all organization users.

Only services created

by user.

In the interests of security, the filtering of information is done in the IO Controller, i.e. on the server side, so that the

User Interfaces associated with an organization only see messages related to that organization.

In order to prevent information leakage from one user to another via storage, IO scrubs both the boot and data disks

on service deletion. This does require access to the deployment network to run the jobs to scrub the disks, so care

should be taken if considering removal of the deployment network from a VM. More details on adding and removing

networks are available in the Matrix Operating Environment 7.3 Release Notes and Matrix infrastructure

orchestration User Guide (at http//www.hp.com/go/matrixoe/docs

In order to manage a datacenter, IO utilizes a stack of technologies including Virtual Connect, LSM, HP SIM,

VMware vCenter, Insight Control server provisioning, Server Automation (SA), Insight Control server deployment, etc.

Only the Service Provider Administrator has access to these capabilities; they are inaccessible from the organization

level. Similarly only the Service Provider Administrator can log into the IO Central Management Server in order to

access detailed IO logs and other information.

Since Users may belong to more than one Windows group there can be out-of-band information sharing.

Service names must be unique within an Organization but different Organizations may use the same name. However a Service

Provider Administrator or User cannot create a service with a name that is being used by an Organization.