Tenant-aware business rules management
With the latest release of our business rules management platform Visual Rules 6.0, we switched the underlying system architecture to complete tenant-awareness. Sounds pretty neat. But what does this imply? Why did we decide for multitenancy support? Please go on reading to learn more about it.
A pack full of definitions
When we talk about multitenancy, we should at first define what the meaning of a tenant is. Google it. You will get something like: “A person who occupies land or property rented from a landlord.” Well, that´s not exactly the kind of tenant, I’m talking about. The IT researchers at Gartner hit the spot, from my point of view:
“The tenants […] can be representations of organizations that obtained access to the multitenant application […]. The tenants may also be multiple applications competing for shared underlying resources [...].”
You can find multiple definitions of multitenancy in the internet from very different perspectives. Here is an arbitrary selection:
For us, multitenancy is the capability of a single Visual Rules application instance to handle different tenants whereupon the strict separation of their data is ensured. This means, that a service provider offering Visual Rules does not need to install separate instances of Visual Rules Team Servers, Visual Rules Execution Servers, web application servers, database instances, etc., for each of his customers (tenants), but to maintain a single Visual Rules infrastructure (see graphic below). This also means, that tenants using this infrastructure are strictly separated from each other. They cannot access rules, data, rule services, build processes, users, permissions, etc. in any way.
Why did we do it?
Multitenancy requests have been around for a while. Especially customers and partners who are IT service providers or have large IT departments have very precise conceptions regarding maintainability and security operating IT applications and infrastructure. Multitenancy addresses both requirements: Security issues with the strict segregation of data coming along with multitenancy and maintainability, due the fact that one installation of servers, data bases, etc. may serve multiple tenants or customers, respectively.
Additionally, Bosch Software Innovations will increasingly act as a provider of cloud services in the medium term. The upcoming engagement in Internet of Things scenarios – use cases are omnipresent in this blog – has to securely enforce sharing of resources alongside with strict data separation issues.
What had to be changed?
Requirements analysis is a sine qua non before making the decision to switch the architecture of a software product – especially if the product is a mature one that has gradually been developed for more than a decade now. We´ve seriously discussed requirements with our customers and internal stakeholders. Additionally, relevant authorities engaged in data privacy and protection concerns and their findings and recommendations (e.g. “Orientierungshilfe Mandantenfähigkeit” by the German Federal Commissioner for Data Protection and Freedom of Information) have carefully been taken into consideration. Finally, we ended up with the following main development issues:
- Create a new Identity Management component, which is able
- to manage tenants, permissions, users, roles, groups, etc, and
- to provide tenant-aware authentication and authorization
- as well as a strictly controllable way for data presentation across multiple tenants.
- Enhance all Visual Rules server components by permissions and ACLs for access control of application functionality and resources
- Implement the strict separation of tenant-specific data in all types of data stores (database, file system, etc.), plus mechanisms to allow tenants to share their data
- And last but not least audit-logging capabilities for traceability of authorization changes
The following graphic is an overview of which technical aspects of the Visual Rules components had to be modified introducing tenant-awareness to our Business Rules Management Platform.
As you see, this architectural shift affected nearly each and every layer of all components.
So, finally the tenant-aware version of Visual Rules has been released and is available for free evaluation on our website www.visual-rules.com . In the upcoming release, we will soften the strict separation of tenant data and introduce the so called “tenant relationships”. This means that every single tenant can then grant access to its very own data to other tenants´ users. Extended audit logging capabilities will come along with this set of features, in order to make sure that changes of permissions, tenant relations, etc. can be traced at any time.
Which aspects of multi-tenancy and/or business rules management would you like to discuss? Leave a comment below, I will be glad hearing from you!