Veridra
Built for regulated environmentsEU AI ActNIST AI RMFSR 11-7ISO 42001 (mapped)SOC 2 (in progress)
PlatformSolutionsArchitectureTrustDevelopersCompanyRequest review
Architecture · Data security

Tenant isolation. At every layer.

Veridra enforces tenant boundaries simultaneously across the data path, the identity path, and the key path — rather than relying solely on correctly-configured IAM policies.

A tenant boundary must withstand misconfiguration, compromised service accounts, or insider threats. Five independent layers provide defense-in-depth.

Layered isolation

Network

Service-to-service traffic uses mTLS exclusively with SPIFFE/SPIRE-issued identities. A pod without a valid SPIFFE identity can't open a TCP connection to any other service.

Identity

Every request carries a SPIFFE ID encoding tenant scope. The kms-adapter, log-writer, and pack-builder each independently check the scope on every call. Scope mismatch is a hard reject, not a warning.

Storage

Postgres row-level security enforces tenant_id at the database layer. A query without a tenant context fails at the server, so a bug in application code can't escape the tenant boundary.

Key custody

Each tenant maintains separate KMS keys and DEK hierarchies. Cross-tenant decryption is unreachable, not policy-blocked.

Log

Each tenant has an independent Trillian tree with tenant-specific root verification. Two tenants can never share a log leaf, by construction.

Data in motion and at rest

Encryption is the floor, not the ceiling.

  • Transport — TLS 1.3 at ingress, mTLS 1.3 internally, no plaintext fallback.
  • At rest — AES-256-GCM with per-tenant DEKs wrapped by customer KMS CMK.
  • In use — Policy engine and signer operate on canonical bytes; plaintext never persists outside tenant boundary.
  • Backups — Encrypted with tenant DEKs, stored in-region, restorable only with active tenant KMS.
  • Deletion — Tombstoned in Postgres, crypto-shredded via key rotation.

Operator access

No ambient production access

Operators don't have standing access to tenant data. Access is requested per-incident, requires two-person sign-off, is time-bounded, and is scoped to a specific tenant.

Signed break-glass

Every elevated action is a signed event in the same transparency log that holds tenant decisions.

No decryption without tenant KMS

Even a fully compromised admin account can't decrypt tenant data. The wrapping keys are in your KMS, and the admin role is not on the grant list.

Customer-visible audit

Operator-access events are exported to customer evidence streams upon request.

Defense in depth
Why five layers, not one
Any single layer can fail. A misconfigured IAM policy, a compromised service account, a database bug — none of these individually defeats the isolation boundary, because the next layer still holds. A tenant's data remains unreachable unless every layer is simultaneously breached.
The whole picture
Data security + key management + multi-region
Data security answers whether another tenant (or Veridra itself) can reach your data. Key management answers who can sign and decrypt. Multi-region deployment answers where your data lives. Together they're the substrate on which every regulatory claim Veridra makes is built.
Request a review Key management Multi-region deployment