This study presents a Secure Multi-Tenant Architecture (SMTA) combined with a novel concept Burn-After-Use (BAU) mechanism for enterprise LLM environments to effectively prevent data leakage. As institutions increasingly adopt LLMs across departments, the risks of data leakage have become a critical security and compliance concern. The proposed SMTA isolates LLM instances across departments and enforces rigorous context ownership boundaries within an internally deployed infrastructure. The BAU mechanism introduces data confidentiality by enforcing ephemeral conversational contexts that are automatically destroyed after use, preventing cross-session or cross-user inference. The evaluation to SMTA and BAU is through two sets of realistic and reproducible experiments comprising of 127 test iterations. One aspect of this experiment is to assess prompt-based and semantic leakage attacks in a multi-tenant architecture (Appendix A) across 55 infrastructure-level attack tests, including vector-database credential compromise and shared logging pipeline exposure. SMTA achieves 92% defense success rate, demonstrating strong semantic isolation while highlighting residual risks from credential misconfiguration and observability pipelines. Another aspect is to evaluate the robustness of BAU under realistic failure scenarios (Appendix B) using four empirical metrics: Local Residual Persistence Rate (LRPR), Remote Residual Persistence Rate (RRPR), Image Frame Exposure Rate (IFER), and Burn Timer Persistence Rate (BTPR). Across 72 test iterations, BAU achieves a 76.75% success rate in mitigating post-session leakage threats across the client, server, application, infrastructure, and cache layers. These results show that SMTA and BAU together enforce strict isolation, complete session ephemerality, strong confidentiality guarantees, non-persistence, and policy-aligned behavior for enterprise LLMs.

翻译：本研究提出了一种结合新型"用后即焚"机制的安全多租户架构，用于企业级大语言模型环境以有效防止数据泄漏。随着各机构日益跨部门采用大语言模型，数据泄漏风险已成为关键的安全与合规问题。所提出的安全多租户架构在内部部署基础设施中实现跨部门大语言模型实例隔离，并执行严格的上下文所有权边界。"用后即焚"机制通过强制实施临时性会话上下文实现数据机密性，这些上下文在使用后自动销毁，从而防止跨会话或跨用户推理。对安全多租户架构和"用后即焚"机制的评估通过两组现实可复现实验完成，共计127次测试迭代。实验一方面评估多租户架构中的提示型与语义泄漏攻击，在55次基础设施级攻击测试中，包括向量数据库凭据泄露和共享日志管道暴露。安全多租户架构实现92%的防御成功率，展现出强大的语义隔离能力，同时揭示了凭据配置错误和可观测性管道带来的残余风险。另一方面通过四个实证指标评估"用后即焚"机制在现实故障场景下的鲁棒性：本地残余留存率、远程残余留存率、图像帧暴露率和销毁计时器留存率。在72次测试迭代中，"用后即焚"机制在客户端、服务器、应用层、基础设施层和缓存层实现76.75%的会话后泄漏威胁缓解成功率。这些结果表明，安全多租户架构与"用后即焚"机制共同为企业级大语言模型提供了严格隔离、完整会话临时性、强保密性保证、非持久化和策略一致的行为保障。