Security Architecture on IBM Cloud

This reference architecture layers SCC Workload Protection with IBM watsonx.governance and confidential computing options across data, model, and runtime planes.

Data Security

Data security measures include:

Encryption
At rest and in transit using IBM Key Protect or HSMs, with tokenization and masking for sensitive fields.
Confidential computing
For data in use (for example, Intel SGX/TDX, IBM Hyper Protect) for high-sensitivity training and inference.
Immutable lineage metadata
Dataset versioning and controlled data residency with IBM Cloud regions and Satellite.

Model Security

Model security measures include:

Model registries
With signed artifacts and SBOMs, integrity verification, and provenance (factsheets).
Dependency scanning
For Python, Java, and OS packages with supply chain validation.
Access control
RBAC and ABAC for model promotion, secured endpoints with rate limiting and anomaly detection.

Runtime Security

Runtime security measures include:

Image scanning
Across CI/CD and registries with admission controls and policy gates.
Falco-based runtime detection
eBPF telemetry, incident response, and container forensics.
Kubernetes hardening
Network policies, Pod Security Standards, secrets management, and Zero Trust segmentation.

Access and Identity Governance

Identity governance measures include:

Centralized IAM
With least privilege and CIEM to right-size permissions and detect toxic combinations.
Service identities
For pipelines, agents, and model serving with short-lived credentials and vault-backed secrets.

Reference Architecture and Workflow

The reference architecture follows this workflow:

  1. Code and data commit
  2. Policy-as-code checks and image scanning
  3. Model training with signed artifacts and factsheets
  4. Security tests (prompt injection, adversarial robustness, bias)
  5. Deploy via GitOps with SCC WP policy gates
  6. Runtime monitoring, guardrails enforcement, and continuous compliance
  7. Evidence packaged for audits

Deployment Options

You can deploy SCC Workload Protection in the following environments:

  • IBM Cloud fully managed
  • Hybrid with IBM Cloud Satellite (on AWS, Azure, Google, or on-premises)
  • On-premises OpenShift with SCC Workload Protection agents and integrations

Deployment Steps

To deploy SCC Workload Protection for AI workloads:

  1. Prepare your environment with an IBM Cloud account, SCC Workload Protection instance, Object Storage for evidence, and IAM roles.
  2. Integrate SCC Workload Protection with Security and Compliance Center. Register scopes and profiles, and connect multicloud accounts.
  3. Configure policy-as-code and CI/CD integrations. Enable image and registry scanning and admission controls.
  4. Harden clusters with network policies and secrets management. Enable runtime sensors and Falco rules.
  5. Deploy watsonx.governance for factsheets, evaluation, and AI risk workflows. Connect inference endpoints.
  6. Enable confidential computing for sensitive workloads. Configure attestation and key management.
  7. Operationalize monitoring, alerting, and automated evidence collection. Run periodic red teaming and posture reviews.

Automation Patterns

Automation patterns include:

Terraform modules
For IBM Cloud, OpenShift, and SCC WP configuration.
GitOps
With OpenShift GitOps or ArgoCD to enforce policy gates and progressive delivery.
API-driven evidence export
Compliance report generation.

Next Steps