This repository has been archived on 2026-07-08. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
infospace-bench/infospaces/patterns-of-it-securita-architecture/artifacts/entities/pattern-tenant-audit-log-view.md

1.2 KiB

Pattern: Tenant Audit Log View

Status: seed Readiness target: RL4 regulated production Primary owners: product repos, NetKingdom, Railiance platform Genesis family: Detection and response

Problem

Enterprise tenants need visibility into relevant security events without being exposed to platform-only internals or other tenants' data.

Context

Use this pattern for tenant admin portals, compliance exports, data access events, privileged tenant actions, and platform actions that affect a tenant.

Forces

  • Tenants need trust and accountability.
  • Platform logs may contain sensitive internal details.
  • Event redaction must preserve evidence value.
  • Tenant exports require retention and integrity rules.

Solution

Project central audit events into tenant-scoped views with explicit visibility rules, redaction, retention, export controls, and access authorization.

Verification

  • Tenants can see their own relevant events only.
  • Platform-only fields are redacted or omitted.
  • Tenant audit access is itself audited.
  • Exports preserve integrity and retention rules.
  • Central Audit Ledger.
  • Security Event Taxonomy.
  • Tenant Context Propagation.
  • Object-Level Authorization Check.