Shared Responsibility Model#

Security and compliance are shared responsibilities among the operator, tenant, and end user.

The operator oversees and controls components from the host operating system and virtualization layer through the orchestration systems, down to the physical security of the facilities where the service operates. It may also include platform services. The operator is ultimately responsible for maintaining strict tenant isolation and preventing cross-tenant data leakage.

The tenant administrator is responsible for ensuring that all the machines and services the tenant consumes are accessed only by tenant users who have access to each type of service. The tenant is responsible for managing and configuring the application software they develop, which runs as containers in the KaaS solution provided by the NVIDIA® Cloud Partner. Tenants are also responsible for how they integrate with external parties, manage their IT environment, and comply with relevant laws and regulations.

The end user is responsible for the security of the application, user authentication, and the security of data generated or used by the application.