Skip to main content
AI Best Practices for Commerce
About
Log in
McFadyen Digital(opens in new tab)

Authoritative AI Best Practices for Commerce

Explore

Value ChainsUse CasesAI OverviewImplementationTechnology

Resources

AI ToolsNewsGlossaryAboutContact UsGDPR
|||Sitemap||

© 2026 McFadyen Digital. All rights reserved.

We use cookies to keep the site working and, with your consent, to understand how visitors use it (via Google Analytics, a third-party service). You can accept all, reject non-essential cookies, or choose per category. See our .

  1. News
  2. › Enterprise AI security and multi-tenant architecture
  3. › Jun 30, 2026
Enterprise AI security and multi-tenant architectureTuesday, June 30, 2026
  • Food Service / Hospitality › Restaurants and Other Eating Places › Full-Service Restaurants
AnalyticsDataLLMAmazon Web ServicesAnthropicDatabricksPAR Technology CorporationAWS Identity and Access Management · amazon-web-servicesAWS Key Management Service · amazon-web-servicesAmazon Bedrock · amazon-web-servicesClaude Sonnet 4 · anthropic

PAR Technology builds multi-tenant LLM analytics with row-level security on AWS

PAR Technology deployed a three-layer security architecture for its text-to-SQL analytics agent serving 300+ restaurant businesses, combining AWS SigV4 request signing, semantic validation on Amazon Bedrock, and Split-Plane SQL to enforce row-level data isolation. For commerce platforms handling multi-tenant data, the design proves that LLMs alone cannot enforce security boundaries—architecture-level controls are essential to prevent cross-tenant data exposure even if the model is compromised.

AI-generated. Summaries are AI-generated from cited sources. Click through for the original report.

PAR Technology, which serves over 300 restaurant businesses, built a production-ready multi-tenant LLM analytics system that enforces row-level security through three independent architectural layers (AWS Machine Learning Blog). The system enables business users to ask questions in plain English and receive data-backed answers, while ensuring that each user—whether a franchise owner with access to two locations or a brand manager overseeing 200 locations—receives only the data they are authorized to see (AWS Machine Learning Blog).

The three-layer architecture operates independently: Layer 1 uses AWS Signature Version 4 (SigV4) to cryptographically sign and authenticate every API call; Layer 2 validates semantic intent on Amazon Bedrock before any data access; and Layer 3 enforces programmatic data isolation via Split-Plane SQL at the database level (AWS Machine Learning Blog). This design addresses a critical insight: LLMs are probabilistic generators that may silently omit filters or hallucinate values, making them unsuitable as sole security enforcers in multi-tenant systems (AWS Machine Learning Blog). For commerce platforms and SaaS providers handling sensitive business data across multiple tenants, the approach demonstrates that security must be deterministic and enforced at the architecture level, regardless of what the model generates.

Sources:1 report
  • AWS Machine Learning Blog
Daily Brief

AI-in-commerce intelligence, in your inbox

One concise email each morning — the signals that matter. Free, no spam.

Join 4,200+ commerce leaders · unsubscribe anytime

‹ Newer storyGoogle Search Console launches Generative AI visibility reportingOlder story ›Majors Management partners with ResultStack for AI-driven operations

More from June 30, 2026

  • Bringg report: Last-mile AI investments missing structural decisions
  • Majors Management partners with ResultStack for AI-driven operations
  • Google Search Console launches Generative AI visibility reporting
  • Salesforce launches B2B Commerce agentic and headless innovations
Daily Brief

AI-in-commerce intelligence, in your inbox

One concise email each morning — the signals that matter. Free, no spam.

Join 4,200+ commerce leaders · unsubscribe anytime

ShareLast updated: June 30, 2026