Support Center
  • English
  • Japanese
  • French
  • Spanish
  • Deutsch
Business Application Security
  1. Home 
  2. Visual Guard 
  3. Multitenant Apps IAM 

Control Access to Multi-tenant / SaaS Applications

Visual Guard allows you to implement a robust access control system for the most common types of multi-tenant:

  • In-house applications: developed by large organizations and used at a distance by their Entities, Agencies, Subsidiaries or Business Associates
  • Commercial applications: SaaS applications, hosted in a public cloud and used by multiple customers.

As for any other applications, you need to secure multi-tenant applications with user authentication, user permissions and auditing features.  But you also have to:

  1. Protect Data from Other Tenants
  2. Delegate administration privileges
  3. Centralize or Distribute Auditing Features
  4. Implement Visual Guard

1. Protect Tenants' Data

With Visual Guard, isolate the data of each tenant providing Access Control features to:

  • Define and Manage tenants (Groups)
  • Define and Manage user accounts as members of a tenant (Authentication)
  • Restrict access to data within each tenant (Authorization)

Example of Multi-tenants/SaaS Architectures
Visual Guard allows you to define a user group hierarchy, with each group containing users or other groups to replicate any existing repartition of the "sets of users".

SaaS Applications

SaaS Applications

The "Clients" are the first level in the hierarchy.

Each client will create its own sub-groups to reflect their organizational structure.

Managing distinct entities within the same Enterprise

An Enterprise system can be used by several agencies. In this case a tenant can be defined for each entity.

The enterprise structure can be recreated by placing entities into lower levels of the hierarchy.

Managing distinct entities within the same Enterprise
Managing Internal and External users

Managing Internal and External users

Some applications are used by both internal and external users.
In this case, a tenant is defined to manage each set of users independently.

Even in this case, Visual Guard allows you to combine authentication with Windows accounts (internal users) and username/password accounts (external users). Read more about mixed-mode authentication

The group hierarchy can be defined from:

  • The Visual Guard Windows Console
  • The Visual Guard Web Console
  • Your application(ASP.NET or WCF/Silverlight for example) that calls the Visual Guard API

Visual Guard supports many other complex configurations.

Thanks to Visual Guard's Identity Federation Functions, users can be authenticated with their Windows accounts, whether or not each tenant uses their own Active Directory.
In certain cases, you can also implement Single Sign-On (SSO) based on the user’s Windows account.

Restricting the Administration Rights In SaaS and Multi-tenant applications

Visual Guard allows you to give privileges to an administrator so it can manage users and give permissions for each application.

In the case of SaaS and Multi-tenant applications, administration privileges can be limited to a group of users.
The administrator will only see and manage the users in its group. 

In a multi-tenant application, a tenant should have at least one administrator with administration rights limited to that tenant.


Example 1: Declare an administrator per tenant

Visual Guard offers a great deal of flexibility for the distribution of administration rights in any entities within each tenant by restricting administration permissions to any level of the group hierarchy.


Example 2: Restrict administration privileges to a sub-group inside a tenant

To go further, you can combine multiple criteria to limit administration permissions

  • As shown above, you can limit these permissions to certain groups of users
  • You can also limit permissions to one or several applications
  • You can limit permissions to certain administration operations (such as creating users and giving them them Roles, but not defining Roles)


Example 3: Define several administration levels in each tenant

2. Delegate Administration Privileges

Once the application is in production, each tenant or client needs to decide who is able to access the data.
Visual Guard allows each organization to independently customize access rights for each user.

Making Administration Features Accessible to Each Tenant

  • Multi-tenant applications are used over multiple sites. The administration interface should be as easily deployable as the application itself.
  • To be able to distribute administration rights in a way that is very flexible, each user should be able to access the administration features, no matter where they are or their technical skill.

Visual Guard offers two solutions:

The Visual Guard WebConsole

The WebConsole is a web application (asp.net) accessible by a simple browser.

  • It allows for the management of users and groups, roles, permissions, etc…
  • It can be deployed with the application
  • It can be customized to comply with specific security requirements (custom asp.net pages)

A Custom Administration User Interface:

  • You can develop a custom ASP.NET or WCF/Silverlight administration interface
  • It can be integrated into your application or deployed as a separate administration console
  • The Visual Guard APIs are called to perform all necessary administration operations.

3. Centralized or Distributed Auditing Features

Centralized View and Control

In case of in-house applications used by several entities of a large organization

  • This type of application most often requires a centralized control for its security
  • Auditor must be able to review all access rights and all sensitive operations performed, regardless of the users, departments or tenants concerned
  • Each organization is then free to limit the scope of the auditor to certain sets of users and / or applications

Distributed View and Control

In the case of SaaS applications used by multiple customers

  • The software vendor will likely offer each client the ability to control security for its users. In this case, the scope of each auditor is limited to a tenant (client).
  • The auditor of each tenant can see the access rights of their users. They may also control operations performed by the users and administrators of their tenant
  • If necessary, the software vendor can control certain operations performed by their clients. This may be useful in some cases of technical support, to understand how the application has been used and managed

4. Implement Visual Guard security system for SaaS / Multi-tenant applications

  1. Development
    Developers define permissions with the VG Win Console.
    Permissions are stored in a development repository.
    Developers deploy the permissions into production with a VG utility
     
  2. Administration
    Administrators manage Users and grant them permissions.
    They may or may not belong to a tenant.
    Their administration privileges may be restricted by tenant, by user group, by application, by type of operation, or any possible combination.
     
  3. Enforcement
    End-users log in to the application and VG secures the application as any other application.
    By default, they use login/pwd accounts. They can also use their own Windows Account (cf. Identity Federation).
    Their operations may be logged in the VG Repository.
     
  4. Audit
    Auditors can control user attributes, roles and privileges across multiple systems. They can also review user operations.
    They may or may not belong to a tenant.
    As for administrators, their access may be restricted by tenant, by user group, by application, or any possible combination.

Entrust your Application Security to Professionals

Entrust Visual Guard

Try