Sun Microsystems 10 User Manual
Version 3.1-en
Solaris 10 Container Guide - 3.1 3. Use Cases
Effective: 30/11/2009
3.10. Confidentiality of data and processes
Requirement
[ug] In the data center, applications are running on different computers because
[ug] In the data center, applications are running on different computers because
•
Certain departments want to be certain that data and processes are not seen by other
departments.
departments.
•
Services for different customers are to be consolidated. The customers request confidentiality of
data and processes (which would allow conclusions to be drawn regarding business processes,
if applicable).
data and processes (which would allow conclusions to be drawn regarding business processes,
if applicable).
Solution
[ug] Customer applications are installed in different zones:
[ug] Customer applications are installed in different zones:
•
Applications are installed in local zones only .
•
The file systems/devices with the data for the respective customers are made available in the
corresponding zones only. This ensures confidentiality of the data even without strict discipline
with respect to file access rights.
corresponding zones only. This ensures confidentiality of the data even without strict discipline
with respect to file access rights.
•
Option: Software installation within the zone in a local file system present only in that zone, or a
non-shared /opt.
non-shared /opt.
Assessment
[ug] This use case has the following characteristics:
[ug] This use case has the following characteristics:
•
The operating department achieves better utilization of systems.
•
The operators/customers retain confidentiality.
•
Basic costs are lower, by which the service can be offered more cheaply due to a higher profit
margin.
margin.
25
Figure 16: [dd] Use case: Confidentiality of data and processes
Global Zone
System
App
A
App
B
App
C
App
D
App
E