This repository has been archived on 2026-07-08. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
infospace-bench/infospaces/patterns-of-it-securita-architecture/artifacts/entities/pattern-tenant-audit-log-view.md

45 lines
1.2 KiB
Markdown

# Pattern: Tenant Audit Log View
Status: seed
Readiness target: RL4 regulated production
Primary owners: product repos, NetKingdom, Railiance platform
Genesis family: Detection and response
## Problem
Enterprise tenants need visibility into relevant security events without
being exposed to platform-only internals or other tenants' data.
## Context
Use this pattern for tenant admin portals, compliance exports, data
access events, privileged tenant actions, and platform actions that
affect a tenant.
## Forces
- Tenants need trust and accountability.
- Platform logs may contain sensitive internal details.
- Event redaction must preserve evidence value.
- Tenant exports require retention and integrity rules.
## Solution
Project central audit events into tenant-scoped views with explicit
visibility rules, redaction, retention, export controls, and access
authorization.
## Verification
- Tenants can see their own relevant events only.
- Platform-only fields are redacted or omitted.
- Tenant audit access is itself audited.
- Exports preserve integrity and retention rules.
## Related Patterns
- Central Audit Ledger.
- Security Event Taxonomy.
- Tenant Context Propagation.
- Object-Level Authorization Check.