beautypg.com

Confidentiality of data and processes, Global zone system – Sun Microsystems SOLARIS 10 User Manual

Page 32

background image

Version 3.1-en

Solaris 10 Container Guide - 3.1 3. Use Cases

Effective: 30/11/2009

3.10. Confidentiality of data and processes

Requirement
[ug] In the data center, applications are running on different computers because

Certain departments want to be certain that data and processes are not seen by other
departments.

Services for different customers are to be consolidated. The customers request confidentiality of
data and processes (which would allow conclusions to be drawn regarding business processes,
if applicable).

Solution
[ug] Customer applications are installed in different zones:

Applications are installed in local zones only .

The file systems/devices with the data for the respective customers are made available in the
corresponding zones only. This ensures confidentiality of the data even without strict discipline
with respect to file access rights.

Option: Software installation within the zone in a local file system present only in that zone, or a
non-shared /opt.

Assessment
[ug] This use case has the following characteristics:

The operating department achieves better utilization of systems.

The operators/customers retain confidentiality.

Basic costs are lower, by which the service can be offered more cheaply due to a higher profit
margin.

25

Figure 16: [dd] Use case: Confidentiality of data and processes

Global Zone

System

App

A

App

B

App

C

App

D

App

E