Multi-tenant Systems Research Articles

Multi-Tenant Architecture: A Comprehensive Framework for Building Scalable SaaS Applications

Multi-tenant architecture has emerged as a fundamental paradigm in modern software development, particularly in Software as a Service (SaaS) applications where multiple organizations share computing resources while maintaining data isolation. This article presents a comprehensive framework for understanding and implementing multi-tenant systems, focusing on essential architectural decisions and design patterns that ensure scalability, security, and resource efficiency. The article examines the evolution from single-tenant to multi-tenant architectures, analyzes various data partitioning strategies, and explores critical aspects of tenant isolation, authentication, and authorization mechanisms. The article addresses key challenges in performance optimization, resource allocation, and security implementation, providing practical insights into database design approaches and caching strategies. Through a structured approach, this article bridges the gap between theoretical concepts and practical implementation, offering developers and architects a foundation for building robust multi-tenant systems. The findings emphasize the importance of balanced architectural decisions that accommodate both technical requirements and business objectives while maintaining system integrity and tenant isolation. This article contributes to the growing body of knowledge in cloud computing and distributed systems, providing practitioners with actionable insights for developing scalable multi-tenant applications.

Multi-Tenant yet Customizable Cloud Native SaaS Web Application leveraging AIML: Architecture & Strategies

:The rise of cloud-native architectures has enabled the rapid development and deployment of scalable Software-as-a-Service applications. However, building multi-tenant systems that support extensive customization for individual tenants remains a challenge. This paper explores strategies to overcome these challenges in the context of developing an AI/ML-enhanced Enterprise Resource Planning (ERP) system for educational institutions. We propose a microservice-based architecture that decouples AI/ML models from the main application, dynamically generating UI components, forms, routes, and implementing flexible role-based access control (RBAC). This architecture allows tenant-specific customization without sacrificing the scalability, security, and maintainability of a cloud-native system. Real-world implementation details and strategies for sustainability are discussed, along with challenges faced.

Dynamic resource allocation and offloading optimization for network slicing in B5G multi-tier multi-tenant systems

For differentiating and customizing different types of flows guaranteeing individual 5QI QoS requirements, 5 G and Beyond 5 G (B5G) first specify several key technologies, e.g., 1) virtualizing radio resources, network functions and network servers, 2) network slicing, 3) Service Function Chaining (SFC) and flow steering, etc. Furthermore, for reducing E2E delay and path/link traffic congestion for diverse flowing while accessing cloud computing, Multi-access Edge Computing (MEC) is specified in 5 G/B5G ETSI. Although several extensively related studies discussed network slicing, SFC and MEC, they seldom consider both resource allocation and traffic offloading in a tenant efficiently, simultaneously. Thus, for efficiently addressing above critical issues, three motivations are proposed, including 1) to dynamically allocate resource for B5G with multi-tier multi-tenant networking, 2) to propose adaptively vertical and horizontal offloading to the computing node for diverse types of flows, and 3) to minimize the blocking rate while guaranteeing the delay constraint. Two novel efficient algorithms are proposed: Fast Latency Decrease Resource Allocation (FLDRA) and Minimum Cost Resource Allocation (MCRA). These two proposed algorithms achieve dynamic E2E resource allocation and optimal vertical and horizontal offloading to the computing node while guaranteeing the E2E latency and 5QI QoS requirements for different types of flows. Numerical results demonstrate that FLDRA minimizes resource allocation while MCRA balances the loading of resource availability. The proposed algorithms of FLDRA and MCRA significantly outperform the compared approaches in blocking rates. Moreover, the proposed MCRA algorithm yields the highest resource utilization, the least network delay, etc.

Enhancing Cloud Computing Security with Blockchain: A Hybrid Approach to Data Privacy and Integrity

This paper investigates the use of blockchain technology to enhance security in cloud computing environments, with a particular focus on data privacy and integrity in multi-tenant systems. The research proposes a hybrid security model that integrates blockchain’s decentralized verification mechanisms with traditional encryption techniques to prevent unauthorized data access and tampering. The system architecture leverages blockchain for immutable transaction logging, while encryption ensures confidentiality. Performance metrics, such as breach detection time, data integrity validation, and computational overhead, are analyzed to assess the model's effectiveness. Experimental results demonstrate that the hybrid model significantly enhances data security in cloud environments by reducing breach detection time and improving data integrity. However, the implementation introduces moderate computational overhead, suggesting the need for further optimization for large-scale applications. Future research should explore scaling solutions such as sidechains or sharding to mitigate these challenges.

Multi-Tenant Systems as the Backbone of Modern Software Solutions

Multi-Tenant Systems as the Backbone of Modern Software Solutions

Diciclo: Flexible User-level Services for Efficient Multitenant Isolation

Containers are a mainstream virtualization technique for running stateful workloads over persistent storage. In highly utilized multitenant hosts, resource contention at the system kernel leads to inefficient container input/output (I/O) handling. Although there are interesting techniques to address this issue, they incur high implementation complexity and execution overhead. As a cost-effective alternative, we introduce the Diciclo architecture with our assumptions, goals, and principles. For each tenant, Diciclo isolates the control and data I/O path at user level and runs dedicated storage systems. Diciclo includes the libservice unified user-level abstraction of system services and the node structure design pattern for the application and server side. We prototyped a toolkit of user-level components that comprise the library to invoke the standard I/O calls, the I/O communication mechanism, and the I/O services. Based on Diciclo, we built Danaus, a filesystem client that integrates a union filesystem with a Ceph distributed filesystem client and configurable shared cache. Across different host configurations, workloads, and systems, Danaus achieves improved performance stability, because it handles I/O with reserved per-tenant resources and avoids intensive kernel locking. Based on having built and evaluated Danaus, we share valuable lessons about resource contention, file management, service separation, and performance stability in multitenant systems.

Selective Power-Loss-Protection Method for Write Buffer in ZNS SSDs

Most SSDs (solid-state drives) use an internal DRAM (Dynamic Random Access Memory) to improve the I/O performance and extend SSD lifespan by absorbing write requests. However, this volatile memory does not guarantee the persistence of buffered data in the event of sudden power-off. Therefore, highly reliable enterprise SSDs employ power-loss-protection (PLP) logic to ensure the durability of buffered data using the back-up power of capacitors. The SSD must provide enough capacitors for the PLP in proportion to the size of the volatile buffer. Meanwhile, emerging ZNS (Zoned Namespace) SSDs are attracting attention because they can support many I/O streams that are useful in multi-tenant systems. Although ZNS SSDs do not use an internal mapping table unlike conventional block-interface SSDs, a large write buffer is required to provide many I/O streams. The reason is that each I/O stream needs its own write buffer for write buffering where the host can allocate separate zones to different I/O streams. Moreover, the larger capacity and more I/O streams the ZNS SSD supports, the larger write buffer is required. However, the size of the write buffer depends on the amount of capacitance, which is limited not only by the SSD internal space, but also by the cost. Therefore, in this paper, we present a set of techniques that significantly reduce the amount of capacitance required in ZNS SSDs, while ensuring the durability of buffered data during sudden power-off. First, we note that modern file systems or databases have their own solutions for data recovery, such as WAL (Write-ahead Log) and journal. Therefore, we propose a selective power-loss-protection method that ensures durability only for the WAL or journal required for data recovery, not for the entire buffered data. Second, to minimize the time taken by the PLP, we propose a balanced flush method that temporarily writes buffered data to multiple zones to maximize parallelism and preserves the data in its original location when power is restored. The proposed methods are implemented and evaluated by modifying FEMU (QEMU-based Flash Emulator) and RocksDB. According to experimental results, the proposed selective-PLP reduces the amount of capacitance by 50 to 90% while retaining the reliability of ZNS SSDs. In addition, the balanced flush method reduces the PLP latency by up to 96%.

Online Scheduling of Distributed Machine Learning Jobs for Incentivizing Sharing in Multi-Tenant Systems

To save cost, companies usually train machine learning (ML) models on a shared multi-tenant system. In this cooperative environment, one of the fundamental challenges is how to distribute resources fairly among tenants such that each tenant is satisfied. A satisfactory allocation policy needs to meet the following properties. First, the performance of each tenant in the shared cluster is at least the same as that in its exclusive cluster partition. Second, no tenant can get more benefits by lying about its demands. Third, tenants cannot use the idle resources of others for free. Moreover, the resource allocation for ML workloads should avoid costly migration overhead. To this end, we propose a three-layer scheduling framework Astraea: i) a batch scheduling framework groups unprocessed jobs into multiple batches; ii) a round-by-round algorithm enables tenants to reserve their share of resources and schedule jobs in a non-preemptive manner; iii) one-round algorithm based on primal-dual approach and posted pricing framework, which encourages tenants to report truthful demands. Astraea is proven to achieve performance guarantee and some desirable properties of sharing, including sharing incentive, strategy-proofness and gain-as-you-contribute fairness. Extensive trace-driven simulations show Astraea advances in both fairness and cluster efficiency compared to three state-of-the-art baselines.

RT-Sniper: A Low-Overhead Defense Mechanism Pinpointing Cache Side-Channel Attacks

Since cache side-channel attacks have been serious security threats to multi-tenant systems, there have been several studies to protect systems against the attacks. However, the prior studies have limitations in determining only the existence of the attack and/or occupying too many computing resources in runtime. We propose a low-overhead pinpointing solution, called RT-Sniper, to overcome such limitations. RT-Sniper employs a two-level filtering mechanism to minimize performance overhead. It first monitors hardware events per core and isolates a suspected core to run a malicious process. Then among the processes running on the selected core, RT-Sniper pinpoints a malicious process through a per-process monitoring approach. With the core-level filtering, RT-Sniper has an advantage in overhead compared to the previous works. We evaluate RT-Sniper against Flush+Reload and Prime+Probe attacks running SPEC2017, LMBench, and PARSEC benchmarks on multi-core systems. Our evaluation demonstrates that the performance overhead by RT-Sniper is negligible (0.3% for single-threaded applications and 2.05% for multi-threaded applications). Compared to the previous defense solutions against cache side-channel attacks, RT-Sniper exhibits better detection performance with lower performance overhead.

Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation

As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear-out attacks from malicious applications. However, it is also found that the non-volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM-based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in-memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in-memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in-memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop-counting, which is an overhead-free method by reusing the cell programming mechanism in iterate-write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy-efficiency than conventional measures for PCM memory.

Designing Resilient Multi-Tenant Architectures in Cloud Environments

The increasing demand for scalable and cost-effective cloud solutions has led to the widespread adoption of multi-tenant architectures, where multiple customers share a single instance of software while maintaining data isolation. However, designing resilient multi-tenant architectures poses significant challenges, particularly in ensuring reliability, security, and performance across diverse tenant workloads. This paper explores the key design principles and strategies essential for building resilient multi-tenant systems in cloud environments. We discuss the importance of fault tolerance, emphasizing redundancy and data replication to ensure uninterrupted service delivery. Additionally, we address the critical need for robust security measures, including access control and encryption, to protect tenant data from breaches and unauthorized access. Performance optimization techniques, such as resource allocation and load balancing, are examined to enhance responsiveness and scalability while maintaining isolation among tenants. Furthermore, we highlight the role of monitoring and analytics in identifying potential failures and bottlenecks, enabling proactive management of system health. Through a comprehensive review of existing frameworks and best practices, this paper provides insights into the effective design of resilient multi-tenant architectures that meet the growing demands of cloud-based services while ensuring a secure and high-performance environment for all users. The findings aim to guide cloud architects and developers in creating robust systems that enhance customer satisfaction and operational efficiency.

PipeArch

Data processing systems based on FPGAs offer high performance and energy efficiency for a variety of applications. However, these advantages are achieved through highly specialized designs. The high degree of specialization leads to accelerators with narrow functionality and designs adhering to a rigid execution flow. For multi-tenant systems this limits the scope of applicability of FPGA-based accelerators, because, first, supporting a single operation is unlikely to have any significant impact on the overall performance of the system, and, second, serving multiple users satisfactorily is difficult due to simplistic scheduling policies enforced when using the accelerator. Standard operating system and database management system features that would help address these limitations, such as context-switching, preemptive scheduling, and thread migration are practically non-existent in current FPGA accelerator efforts. In this work, we propose PipeArch, an open-source project 1 for developing FPGA-based accelerators that combine the high efficiency of specialized hardware designs with the generality and functionality known from conventional CPU threads. PipeArch provides programmability and extensibility in the accelerator without losing the advantages of SIMD-parallelism and deep pipelining. PipeArch supports context-switching and thread migration, thereby enabling for the first time new capabilities such as preemptive scheduling in FPGA accelerators within a high-performance data processing setting. We have used PipeArch to implement a variety of machine learning methods for generalized linear model training and recommender systems showing empirically their advantages over a high-end CPU and even over fully specialized FPGA designs.

Secure and efficient multi-tenant database management system for cloud computing environment

Multi-tenancy is one of the important feature of cloud computing environment. Multi-tenant database system in SaaS (Software as a Service) deployed in cloud infrastructure has gained wide interest in both academics as well as industries, as it provides scalability and economic benefit for both cloud service provider and end users. However, low trust on the rented computational resources prevents users from utilizing the same. Further, in multitenant systems the communication channels and other computational resources are shared, inducing privacy and security issues. As tenants are anonymous in nature, a user may not find a trustworthy co-tenant and tenants depend on cloud service provider to assign trustworthy co-tenants. However, cloud service provider allows maximum co-tenancy irrespective of the behaviors of tenants to maximize resource utilization. Of late, a number of approaches have been presented based on reputation management mechanism to identify good and malicious tenants. However, state-of-art models are not efficient when behavior of malicious tenant changes rapidly. In order to overcome the said research challenge, this work presents a secure and efficient multi-tenant database management system (SEMTDBMS) for cloud computing environment. SEMTDBMS first analyzes security requirement of tenant workers and suggests a secureness weight metric for selection of tenant worker. Subsequently, a novel workload scheduler for scheduling workload among tenants has been presented. Experiments are conducted considering OLTP benchmark such as TPC-C and Yahoo! Cloud Serving Benchmark (YCSB) benchmark with and without security compliances. SEMTDBMS show significant performance improvement in terms of latency and throughput over state-of-art model.

Formulating monitoring strategy based on multiple SLA parameters for multi-tenant service-based systems

The widely used service-based systems (SBSs) are composed of individual services and delivered to multiple tenants. When runtime anomalies occurred, the violation rate of service level agreement (SLA) can increase remarkably. Therefore, service monitoring is crucial for meeting the tenant's quality of service (QoS) requirements. However, monitoring each service constantly wastes resources. In this paper, we propose a monitoring strategy based on multiple SLA parameters for multi-tenant SBSs (MMTS). The criticality of a service is evaluated to the importance of each service in a SBS based on QoS and tenants, tenants are ranked by multiple SLA parameters. Afterwards, monitoring benefit, resource cost, and system overload are weighed to formulate a cost-effective monitoring strategy. Finally, MMTS is evaluated with comprehensive experiments under multiple QoS dimensions and the results have shown that MMTS can outperform other six algorithms in the SLA violation rate and the cost-effectiveness of service monitoring.

Formulating monitoring strategy based on multiple SLA parameters for multi-tenant service-based systems

Formulating monitoring strategy based on multiple SLA parameters for multi-tenant service-based systems

AJoin

The processing model of state-of-the-art stream processing engines is designed to execute long-running queries one at a time. However, with the advance of cloud technologies and multi-tenant systems, multiple users share the same cloud for stream query processing. This results in many ad-hoc stream queries sharing common stream sources. Many of these queries include joins. There are two main limitations that hinder performing ad-hoc stream join processing. The first limitation is missed optimization potential both in stream data processing and query optimization layers. The second limitation is the lack of dynamicity in query execution plans. We present AJoin, a dynamic and incremental ad-hoc stream join framework. AJoin consists of an optimization layer and a stream data processing layer. The optimization layer periodically reoptimizes the query execution plan, performing join reordering and vertical and horizontal scaling at run-time without stopping the execution. The data processing layer implements pipelineparallel join architecture. This layer enables incremental and consistent query processing supporting all the actions triggered by the optimizer. We implement AJoin on top of Apache Flink, an open-source data processing framework. AJoin outperforms Flink not only at ad-hoc multi-query workloads but also at single-query workloads.

On evaluating the resource usage effectiveness of multi-tenant cloud storage

Abstract As multi-tenant cloud storage services are becoming increasingly popular in commercial clouds, there is a growing need for evaluating their resource usage effectiveness. Although tail latency and resource utilization are the most important and popular performance metrics, it is biased to use only one of them on evaluating the resource usage effectiveness. In this paper, we present a unified framework, Stochastic Model-based Effectiveness Analyzer (SMEA), to evaluate the resource usage effectiveness of multi-tenant cloud storage systems. Instead of evaluating tail latency and resource utilization separately, we propose a new metric called resource-productivity to combine both performance. Since evaluating tail latency or resource utilization solely is challenging due to contention, queueing and burstiness of workloads, a Markov-modulated Poisson process (MMPP) is adopted in SMEA to properly characterize the behavior of workloads. Moreover, the Stochastic Network Calculus (SNC)-based network latency analysis model is extended to evaluate the end-to-end tail latency over all system components, with the principle “treating the computer as a network”. After obtaining the analyzed tail latency and resource utilization, we derive the resource-productivity mathematically. We have implemented SMEA on a small-scale testbed. Extensive trace-driven experiments demonstrate that SMEA is efficient in evaluating the resource usage effectiveness of the multi-tenant cloud storage system with relative error less than 13%.

MPart: miss-ratio curve guided partitioning in key-value stores

Web applications employ key-value stores to cache the data that is most commonly accessed. The cache improves an web application's performance by serving its requests from memory, avoiding fetching them from the backend database. Since the memory space is limited, maximizing the memory utilization is a key to delivering the best performance possible. This has lead to the use of multi-tenant systems, allowing applications to share cache space. In addition, application data access patterns change over time, so the system should be adaptive in its memory allocation. In this work, we address both multi-tenancy (where a single cache is used for multiple applications) and dynamic workloads (changing access patterns) using a model that relates the cache size to the application miss ratio, known as a miss ratio curve. Intuitively, the larger the cache, the less likely the system will need to fetch the data from the database. Our efficient, online construction of the miss ratio curve allows us to determine a near optimal memory allocation given the available system memory, while adapting to changing data access patterns. We show that our model outperforms an existing state-of-the-art sharing model, Memshare, in terms of overall cache hit ratio and does so at a lower time cost. We show that for a typical system, overall hit ratio is consistently 1 percentage point greater and 99.9th percentile latency is reduced by as much as 2.9% under standard web application workloads containing millions of requests.

From network sharing to multi-tenancy: The 5G network slice broker

The ever-increasing traffic demand is pushing network operators to find new cost-efficient solutions toward the deployment of future 5G mobile networks. The network sharing paradigm was explored in the past and partially deployed. Nowadays, advanced mobile network multi-tenancy approaches are increasingly gaining momentum, paving the way toward further decreasing capital expenditure and operational expenditure (CAPEX/OPEX) costs, while enabling new business opportunities. This article provides an overview of the 3GPP standard evolution from network sharing principles, mechanisms, and architectures to future on-demand multi-tenant systems. In particular, it introduces the concept of the 5G Network Slice Broker in 5G systems, which enables mobile virtual network operators, over-the-top providers, and industry vertical market players to request and lease resources from infrastructure providers dynamically via signaling means. Finally, it reviews the latest standardization efforts, considering remaining open issues for enabling advanced network slicing solutions, taking into account the allocation of virtualized network functions based on ETSI NFV, the introduction of shared network functions, and flexible service chaining.

A Bayesian approach to performance modelling for multi-tenant applications using Gaussian models

Accurately predicting response times of service queries is necessary for deployments optimisation in the multi-tenant applications system. This task is particularly challenging owing to the fact that the mixes of tenants with different business scale and operating characteristics and the interaction among the concurrently running queries have a great impact on the response time of queries in the multi-tenant applications systems, and an accurate model needs to capture them. In this paper, our goal is to build such a performance model for the interactions of multi-tenant using an experiment-driven modelling approach. We use a Bayesian approach and build novel Gaussian models that take into account a variety of factors that influence the response time of each interaction that is sent from the different tenants in the multi-tenant environments. We experimentally demonstrate that our models are accurate and effective which have an average prediction error of 12.6% in the worst case.