Isolation — process, user, tenant, network, workload yoki security domainlar orasida aniq chegara yaratib, bir qismdagi xato yoki compromise boshqa qismlarga tarqalishini cheklash tamoyili. Isolation confidentiality, integrity, availability va fault containment uchun ishlatiladi.
Isolation bitta texnologiya emas. U hardware, operating system, network, application, database va organizational qatlamlarda amalga oshiriladi.
Process isolation
Har process alohida virtual address space’da ishlaydi.
Bir process boshqa process memory’sini odatiy holatda o‘qiy olmaydi.
Kernel system call va permission orqali resource accessni boshqaradi.
Memory corruption yoki kernel vulnerability bu chegarani buzishi mumkin.
User isolation
Operatsion tizim user va group permissionlari orqali file, process va device accessni ajratadi.
Service’lar alohida service account ostida ishlaydi.
Bitta web application compromise bo‘lsa boshqa application file’lariga kira olmasligi kerak.
Container isolation
orqali workloadlarni ajratadi.
Barcha container host kernelni share qilgani uchun container boundary virtual machine’dan farq qiladi.
Virtual machine isolation
Hypervisor har guestga virtual CPU, memory va device beradi.
Guest OSlar bir-biridan ajratiladi.
VM escape yoki noto‘g‘ri shared device xavfi mavjud bo‘lsa ham boundary odatda process containerga qaraganda kuchliroq bo‘lishi mumkin.
Network isolation
VLAN, subnet, firewall va security group traffic yo‘llarini cheklaydi.
Masalan:
Default deny policy faqat zarur aloqani ochadi.
Tenant isolation
Multi-tenant SaaS’da bir tenant boshqa tenant data’sini ko‘rmasligi kerak.
Isolation:
darajasida saqlanadi.
Faqat frontend route tenant boundary emas.
Database isolation
Data alohida:
da saqlanishi mumkin.
Kuchliroq physical isolation qimmatroq.
Shared table arzonroq, ammo barcha queryda tenant filter va authorization talab qiladi.
Credential isolation
Har service va environment alohida credentialga ega.
Development token productionga ishlamaydi.
Bir tenant yoki service kaliti oshkor bo‘lsa umumiy master credential orqali barcha tizimga access bermasligi kerak.
Environment isolation
Development, staging va production:
bo‘yicha ajratiladi.
Test code production data’siga bevosita ulanmaydi.
Shared identity va network environment boundaryni zaiflashtiradi.
Fault isolation
Isolation faqat security emas, reliability uchun ham muhim.
Bitta component:
resource’ini tugatsa boshqalarga ta’sir qilmasligi kerak.
Quota va bulkhead ishlatiladi.
Blast radius
Blast radius — incident ta’sir qilishi mumkin bo‘lgan maksimal doira.
Isolation blast radiusni kamaytiradi.
Masalan, region, tenant, account yoki cluster bo‘yicha ajratish incidentni kichik qismda ushlab qoladi.
Time isolation
Workloadlar bir vaqtda emas, navbat yoki schedule bo‘yicha ishlashi mumkin.
Masalan, qimmat batch job peak vaqtida emas.
Bu performance interference’ni kamaytiradi.
Security uchun temporary credential va short session ham vaqt bo‘yicha isolation beradi.
Data diode va one-way flow
Yuqori xavfli muhitda data faqat bir yo‘nalishda o‘tishi mumkin.
Monitoring network productiondan log oladi, lekin productionga command yubora olmaydi.
Bu kuchli network isolation modeli.
Air gap
Tizim boshqa networklardan fizik yoki mantiqiy ajratiladi.
Air-gapped muhit ham:
- removable media;
- supply chain;
- maintenance laptop;
- radio;
- insider
orqali xavfga duch kelishi mumkin.
Ajratilgan degani mutlaq xavfsiz degani emas.
Shared resource
Isolation shared resource’da buzilishi mumkin:
- kernel;
- cache;
- message broker;
- DNS;
- CI runner;
- logging;
- storage;
- admin account.
Threat model qaysi qatlamlar umumiy ekanini ko‘rsatadi.
Side-channel
Ikki tenant bevosita data almashmasa ham timing, cache yoki resource contention orqali ma’lumot sizishi mumkin.
Yuqori xavfli cryptographic workload uchun hardware va scheduling isolation talab qilinishi ehtimoli bor.
Isolation va segmentation
Segmentation ko‘proq network yoki tizimni qismlarga bo‘lishni anglatadi.
Isolation esa ular orasidagi access va ta’sirni cheklash darajasini bildiradi.
VLAN mavjud bo‘lib, inter-VLAN firewall hamma trafficga ruxsat bersa kuchli isolation yo‘q.
Monitoring
Boundary bo‘yicha:
- ruxsatsiz traffic;
- cross-tenant query;
- shared credential;
- policy change;
- quota violation;
- container escape indicator;
- unusual admin access
kuzatiladi.
Isolation test bilan muntazam tasdiqlanadi.
Control plane isolation
Management API va control plane oddiy workload trafficidan ajratiladi. Administrator endpoint faqat maxsus network va identity orqali ochiladi. Workload compromise control plane credentialini bermasligi kerak. Orchestrator yoki hypervisor accessi katta blast radiusga ega.
Backup isolation
Ransomware production credentialini olsa backupni ham o‘chirmasligi kerak. Backup alohida account, key, network va immutable retention bilan himoyalanadi. Restore operatori production administratoridan alohida bo‘lishi mumkin. Recovery testi bu boundary amalda ishlashini tasdiqlaydi.
Build isolation
Untrusted pull request va trusted release build bir xil runner hamda secretlardan foydalanmaydi. Ephemeral worker, minimal token va artifact provenance supply-chain ta’sirini kamaytiradi. Build cache orqali bir projectdan boshqasiga secret o‘tmasligi kerak.
Bog‘liq tushunchalar
Process isolation, Tenant isolation, Network segmentation, Container, Virtual machine, Blast radius, Sandbox, Least privilege, Multi-tenancy, Fault isolation