Shared security responsibility model(共享安全责任模型)¶
Security on Foundry is a shared responsibility between Palantir and Palantir’s customers. While Palantir is responsible for Foundry’s security at each level of the service in our control, customers also play a vital role in ensuring their data is protected.
The shared responsibility model is a framework that has been adopted by many major cloud-based software companies to delineate security responsibility between the customer and the cloud provider. As the cloud provider, Palantir is responsible for security of the cloud, while customers are responsible for security in the cloud.
In practice, this means that Palantir and underlying Infrastructure as a Service (IaaS) providers are responsible for securing Foundry by managing physical security, host infrastructure, networking controls, and application security. Meanwhile, customers maintain responsibility over what they choose to host in Foundry: specifically, customer data and user identity/access configuration. The shared responsibility model gives customers control over their data, how they use it, and who can access it, and relieves customers from worry about the security of the underlying infrastructure.
The shared responsibility model can be broken down into the responsibilities of two parties:
| Palantir ↘ | Customer ↘ |
|---|---|
| Foundry Services | Customer Data |
| Encryption in transit and at rest | Customer-built Applications |
| Network Traffic Protections | Identity and Access Management (IAM) |
| Operating System, Network, and Firewall Configurations | Resource Permissions (RBAC) |
| Infrastructure-level Monitoring and Alerting | Application-level Monitoring and Alerting |
| Continuous Delivery, Automated Upgrades, and Patching | |
| Foundation Services: → Compute → Storage → Database → Networking |
|
| Global Infrastructure: → Regions → Availability Zones |
As a customer, some of your responsibilities for protecting your data may vary by environment and architecture, but you are always responsible for the following:
- Managing access and identity for your users via single sign-on (SSO). This includes enforcing multi-factor authentication. If you do not have a single sign-on provider, we may be able to provide one for you.
- Ensuring any data uploaded to the environment is appropriate and meets your own policies and obligations.
- Ensuring your users apply appropriate discretionary access controls (roles) and mandatory access controls (markings).
- Monitoring application-level security audit logs to ensure usage of your platform by your users is appropriate and meets your own policies and obligations.
Contact your Palantir representative if you have any questions or concerns regarding the shared responsibility model.
中文翻译¶
共享安全责任模型¶
Foundry 的安全性由 Palantir 与 Palantir 客户共同承担。虽然 Palantir 负责我们控制范围内服务各层级的安全,但客户在确保其数据安全方面也扮演着至关重要的角色。
共享安全责任模型(shared responsibility model) 是一种已被多家主流云软件公司采用的框架,用于划分客户与云服务提供商之间的安全责任。作为云服务提供商,Palantir 负责云本身的安全,而客户则负责云内部的安全。
在实践中,这意味着 Palantir 及底层基础设施即服务(IaaS)提供商通过管理物理安全、主机基础设施、网络控制和应用安全来保障 Foundry 的安全性。与此同时,客户需对其选择在 Foundry 中托管的内容负责,具体包括客户数据以及用户身份/访问配置。共享安全责任模型让客户能够掌控自身数据、数据使用方式及访问权限,同时无需担忧底层基础设施的安全问题。
共享安全责任模型可分解为以下两方的责任:
| Palantir ↘ | 客户 ↘ |
|---|---|
| Foundry 服务 | 客户数据 |
| 传输中及静态数据加密 | 客户构建的应用程序 |
| 网络流量保护 | 身份与访问管理(IAM) |
| 操作系统、网络及防火墙配置 | 资源权限(RBAC) |
| 基础设施级监控与告警 | 应用级监控与告警 |
| 持续交付、自动升级与补丁管理 | |
| 基础服务: → 计算 → 存储 → 数据库 → 网络 |
|
| 全球基础设施: → 区域 → 可用区 |
作为客户,您在保护数据方面的部分责任可能因环境和架构而异,但以下责任始终由您承担:
- 通过单点登录(SSO)管理用户的访问权限和身份。这包括强制执行多因素认证。如果您没有单点登录提供商,我们可以为您提供。
- 确保上传至环境的任何数据符合您自身的策略和义务。
- 确保您的用户应用适当的自主访问控制(角色)和强制访问控制(标记)。
- 监控应用级安全审计日志,确保您的用户对平台的使用符合您自身的策略和义务。
如果您对共享安全责任模型有任何疑问或顾虑,请联系您的 Palantir 代表。