Security Model
Threat model
Fabric is designed for multi-tenant environments where workloads from different teams, organizations, or trust levels share physical infrastructure. The security model assumes that workloads are not necessarily trusted and must be isolated from each other.
Identity
Every workload, service, and operator in Fabric has a verifiable identity. Identities are issued by the platform identity service and are short-lived, automatically rotated, and cryptographically verifiable. No long-lived credentials are used within the platform.
Isolation
Workload isolation is enforced at multiple levels: compute isolation through hardware virtualization and resource limits, network isolation through policy-enforced segmentation, and storage isolation through access controls and namespace separation.
Audit
All privileged operations on the platform are recorded in a tamper-evident audit log. Audit logs include the identity of the actor, the operation performed, the affected resources, and the timestamp. Audit logs are written to a separate, append-only store.