This paper presents a novel approach to security for applications that are run on a central server and supplied to multiple consuming organizations (tenants) as a service. The issues associated with the separation of data and security profiles of each tenant from all others are described clearly. These are complicated by the fact that the security requirements apply to a finished product, not one under development. The software system under discussion appears to address all of the issues very well.
展开▼