We should identify an appropriate design for multi-tenant authorization allowing administrators to establish authority per entity to a specific process group with reasonable transitivity to child groups. Much of the plumbing to make this work already exists and the user experience around authorization should not require any drastic changes. The types of process group specific authorizations should be granular enough to support read-only, changing dataflow behavior, starting and stopping components, viewing data provenance sourced to that group, viewing content sourced to or belonging in that group, etc..
Another approach may be to introduce the concept of different workspaces. Each workspace would act as a boundary for user authorization while providing the benefit of an additional canvas to design on. Workspaces could be created/removed dynamically (by a user with appropriate authority) allowing for the creation of visually separate dataflows. Additionally, this approach would allow each workspace to define root group ports for performing site to site communications. Of course, we would support sending data between workspaces locally. This may work similar to existing site to site connections.