Bosh sahifa Wiki Isolation

Isolation

Isolationprocess, user, tenant, network, workload yoki security domainlar orasida aniq chegara yaratib, bir qismdagi xato yoki compromise boshqa qismlarga tarqalishini cheklash tamoyili. Isolation confidentiality, integrity, availability va fault containment uchun ishlatiladi.

Isolation bitta texnologiya emas. U hardware, operating system, network, application, database va organizational qatlamlarda amalga oshiriladi.

Process isolation

Har process alohida virtual address space’da ishlaydi.

Bir process boshqa process memory’sini odatiy holatda o‘qiy olmaydi.

Kernel system call va permission orqali resource accessni boshqaradi.

Memory corruption yoki kernel vulnerability bu chegarani buzishi mumkin.

User isolation

Operatsion tizim user va group permissionlari orqali file, process va device accessni ajratadi.

Service’lar alohida service account ostida ishlaydi.

Bitta web application compromise bo‘lsa boshqa application file’lariga kira olmasligi kerak.

Container isolation

Container:

orqali workloadlarni ajratadi.

Barcha container host kernelni share qilgani uchun container boundary virtual machine’dan farq qiladi.

Virtual machine isolation

Hypervisor har guestga virtual CPU, memory va device beradi.

Guest OSlar bir-biridan ajratiladi.

VM escape yoki noto‘g‘ri shared device xavfi mavjud bo‘lsa ham boundary odatda process containerga qaraganda kuchliroq bo‘lishi mumkin.

Network isolation

VLAN, subnet, firewall va security group traffic yo‘llarini cheklaydi.

Masalan:

Default deny policy faqat zarur aloqani ochadi.

Tenant isolation

Multi-tenant SaaS’da bir tenant boshqa tenant data’sini ko‘rmasligi kerak.

Isolation:

darajasida saqlanadi.

Faqat frontend route tenant boundary emas.

Database isolation

Data alohida:

da saqlanishi mumkin.

Kuchliroq physical isolation qimmatroq.

Shared table arzonroq, ammo barcha queryda tenant filter va authorization talab qiladi.

Credential isolation

Har service va environment alohida credentialga ega.

Development token productionga ishlamaydi.

Bir tenant yoki service kaliti oshkor bo‘lsa umumiy master credential orqali barcha tizimga access bermasligi kerak.

Environment isolation

Development, staging va production:

bo‘yicha ajratiladi.

Test code production data’siga bevosita ulanmaydi.

Shared identity va network environment boundaryni zaiflashtiradi.

Fault isolation

Isolation faqat security emas, reliability uchun ham muhim.

Bitta component:

resource’ini tugatsa boshqalarga ta’sir qilmasligi kerak.

Quota va bulkhead ishlatiladi.

Blast radius

Blast radius — incident ta’sir qilishi mumkin bo‘lgan maksimal doira.

Isolation blast radiusni kamaytiradi.

Masalan, region, tenant, account yoki cluster bo‘yicha ajratish incidentni kichik qismda ushlab qoladi.

Time isolation

Workloadlar bir vaqtda emas, navbat yoki schedule bo‘yicha ishlashi mumkin.

Masalan, qimmat batch job peak vaqtida emas.

Bu performance interference’ni kamaytiradi.

Security uchun temporary credential va short session ham vaqt bo‘yicha isolation beradi.

Data diode va one-way flow

Yuqori xavfli muhitda data faqat bir yo‘nalishda o‘tishi mumkin.

Monitoring network productiondan log oladi, lekin productionga command yubora olmaydi.

Bu kuchli network isolation modeli.

Air gap

Tizim boshqa networklardan fizik yoki mantiqiy ajratiladi.

Air-gapped muhit ham:

  • removable media;
  • supply chain;
  • maintenance laptop;
  • radio;
  • insider

orqali xavfga duch kelishi mumkin.

Ajratilgan degani mutlaq xavfsiz degani emas.

Shared resource

Isolation shared resource’da buzilishi mumkin:

Threat model qaysi qatlamlar umumiy ekanini ko‘rsatadi.

Side-channel

Ikki tenant bevosita data almashmasa ham timing, cache yoki resource contention orqali ma’lumot sizishi mumkin.

Yuqori xavfli cryptographic workload uchun hardware va scheduling isolation talab qilinishi ehtimoli bor.

Isolation va segmentation

Segmentation ko‘proq network yoki tizimni qismlarga bo‘lishni anglatadi.

Isolation esa ular orasidagi access va ta’sirni cheklash darajasini bildiradi.

VLAN mavjud bo‘lib, inter-VLAN firewall hamma trafficga ruxsat bersa kuchli isolation yo‘q.

Monitoring

Boundary bo‘yicha:

  • ruxsatsiz traffic;
  • cross-tenant query;
  • shared credential;
  • policy change;
  • quota violation;
  • container escape indicator;
  • unusual admin access

kuzatiladi.

Isolation test bilan muntazam tasdiqlanadi.

Control plane isolation

Management API va control plane oddiy workload trafficidan ajratiladi. Administrator endpoint faqat maxsus network va identity orqali ochiladi. Workload compromise control plane credentialini bermasligi kerak. Orchestrator yoki hypervisor accessi katta blast radiusga ega.

Backup isolation

Ransomware production credentialini olsa backupni ham o‘chirmasligi kerak. Backup alohida account, key, network va immutable retention bilan himoyalanadi. Restore operatori production administratoridan alohida bo‘lishi mumkin. Recovery testi bu boundary amalda ishlashini tasdiqlaydi.

Build isolation

Untrusted pull request va trusted release build bir xil runner hamda secretlardan foydalanmaydi. Ephemeral worker, minimal token va artifact provenance supply-chain ta’sirini kamaytiradi. Build cache orqali bir projectdan boshqasiga secret o‘tmasligi kerak.

Bog‘liq tushunchalar

Process isolation, Tenant isolation, Network segmentation, Container, Virtual machine, Blast radius, Sandbox, Least privilege, Multi-tenancy, Fault isolation