This repository has been archived on 2026-07-08. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
infospace-bench/infospaces/patterns-of-it-securita-architecture/artifacts/entities/pattern-key-per-tenant.md

44 lines
1.2 KiB
Markdown

# Pattern: Key-per-Tenant
Status: seed
Readiness target: RL4 regulated production
Primary owners: NetKingdom, Railiance platform, product repos
Genesis family: Secrets and cryptography
## Problem
Shared encryption keys make tenant data separation and incident
containment weaker than the tenant model may require.
## Context
Use this pattern for sensitive tenant data, regulated tenants, object
storage, databases, backups, and export/deletion workflows.
## Forces
- Per-tenant keys strengthen isolation and revocation.
- Key lifecycle is operationally complex.
- Applications need safe key selection without tenant spoofing.
- Backups and derived data need the same key boundary.
## Solution
Assign tenant-specific encryption keys or key hierarchy roots where risk
requires it. Bind key use to trusted tenant context, policy, audit, and
rotation procedures.
## Verification
- Tenant data is encrypted with the correct tenant key or key hierarchy.
- Cross-tenant key use is denied.
- Rotation and revocation are tested.
- Backups and exports preserve tenant key boundaries.
## Related Patterns
- Tenant Data Partitioning.
- Tenant Context Propagation.
- OpenBao runtime secret authority.
- Central Audit Ledger.