This study presents a Secure Multi-Tenant Architecture (SMTA) combined with a novel concept Burn-After-Use (BAU) mechanism for enterprise LLM environments to effectively prevent data leakage. As institutions increasingly adopt LLMs across departments, the risks of data leakage have become a critical security and compliance concern. The proposed SMTA isolates LLM instances across departments and enforces rigorous context ownership boundaries within an internally deployed infrastructure. The BAU mechanism introduces data confidentiality by enforcing ephemeral conversational contexts that are automatically destroyed after use, preventing cross-session or cross-user inference. The evaluation to SMTA and BAU is through two sets of realistic and reproducible experiments comprising of 127 test iterations. One aspect of this experiment is to assess prompt-based and semantic leakage attacks in a multi-tenant architecture (Appendix A) across 55 infrastructure-level attack tests, including vector-database credential compromise and shared logging pipeline exposure. SMTA achieves 92% defense success rate, demonstrating strong semantic isolation while highlighting residual risks from credential misconfiguration and observability pipelines. Another aspect is to evaluate the robustness of BAU under realistic failure scenarios (Appendix B) using four empirical metrics: Local Residual Persistence Rate (LRPR), Remote Residual Persistence Rate (RRPR), Image Frame Exposure Rate (IFER), and Burn Timer Persistence Rate (BTPR). Across 72 test iterations, BAU achieves a 76.75% success rate in mitigating post-session leakage threats across the client, server, application, infrastructure, and cache layers. These results show that SMTA and BAU together enforce strict isolation, complete session ephemerality, strong confidentiality guarantees, non-persistence, and policy-aligned behavior for enterprise LLMs.

翻译：本研究提出了一种结合新型"用后即焚"机制的安全多租户架构，旨在有效防范企业级大语言模型环境中的数据泄漏风险。随着各机构跨部门日益广泛地部署大语言模型，数据泄漏已成为关键的安全与合规隐患。所提出的安全多租户架构通过在内部部署的基础设施中隔离跨部门的大语言模型实例，并实施严格的上下文所有权边界。用后即焚机制通过强制实施临时性会话上下文（使用后自动销毁）来保障数据机密性，从而防止跨会话或跨用户推理。我们通过两组包含127次测试迭代的真实可复现实验对安全多租户架构和用后即焚机制进行评估。实验一方面在多租户架构中评估基于提示和语义的泄漏攻击，涵盖55次基础设施层攻击测试，包括向量数据库凭据泄露和共享日志管道暴露。安全多租户架构实现了92%的防御成功率，在展现强大语义隔离能力的同时，也揭示了凭据配置错误和可观测性管道带来的残余风险。另一方面，我们使用四个实证指标评估用后即焚机制在真实故障场景下的鲁棒性：本地残余留存率、远程残余留存率、镜像帧暴露率和销毁计时器留存率。在72次测试迭代中，用后即焚机制在客户端、服务器、应用层、基础设施层和缓存层实现了76.75%的会话后泄漏威胁缓解成功率。这些结果表明，安全多租户架构与用后即焚机制共同为企业级大语言模型提供了严格的隔离性、完整的会话临时性、强保密性保证、非持久化特性以及策略一致的行为规范。