Oracle Database Appliance is an optimized, prebuilt and ready-to-us clustered database system that is easy to deploy, operate, and mange. By integrating hardware and software, Oracle Database Appliance eliminates the complexities of nonintegrated, manually assembled solutions. Oracle Database Appliance reduces deployment time from weeks or months to just a few hours, while preventing configuration and setup errors that often result in suboptimal, hard-to-manage database environments.
Within this framework, there are basic security principles that should be adhered to for all software and hardware. The following are the principles:
Authentication: Authentication is how a user is identified, typically through confidential information such as user name and password, or shared keys. All components in Oracle Database Appliance use authentication to ensure that users are who they say they are. By default, local user names and passwords are used for authentication. Shared key-based authentication is also available.
Authorization: Authorization allows administrators to control what tasks or privileges a user may perform or use. Personnel can only access the tasks and privileges that have been given to them. Oracle Database Appliance system administrators can configure resources with read/write/execute permissions to control user access to commands, disk space, devices, and applications.
Accounting and Auditing: Accounting and auditing are maintain a record of a user's activity on the system. Oracle Database Appliance software and hardware features allow administrators to monitor login activity, and maintain hardware inventories.
User logins are monitored through system logs. System administrators and service accounts have access to commands that used incorrectly could cause harm and data loss. Access and commands should be carefully monitored through system logs.
Hardware assets are tracked through serial numbers. Oracle part numbers are electronically recorded on all cards, modules, and mother boards, and can be used for inventory purposes.
In addition to the basic security principles, Oracle Database Appliance addresses survivability, defense in depth, least privilege, and accountability. Oracle Database Appliance delivers a well-integrated set of security capabilities that help organizations address their most-pressing security requirements and concerns. The following sections describe these principles:
Organizations selecting hardware and software platforms for their mission-critical workloads can be assured that Oracle Database Appliance can prevent or minimize the damage caused from accidental and malicious actions taken by internal users or external parties. As part of the Oracle Maximum Availability Architecture best practices, survivability is increased by the following:
Ensuring that the components used have been designed, engineered, and tested to work well together in support of secure deployment architectures. Oracle Database Appliance supports secure isolation, access control, cryptographic services, monitoring and auditing, quality of service, and secure management.
Reducing the default attack surface of its constituent products to help minimize the overall exposure of the machine. Organizations can customize the security settings of Oracle Database Appliance based upon the organization's policies and needs.
Protecting the machine, including its operational and management interfaces, using a complement of open and vetted protocols, and APIs capable of supporting traditional security goals of strong authentication, access control, confidentiality, integrity, and availability.
Verifying that software and hardware contain features that keep the service available even when failures occur. These capabilities help in cases where attackers attempt to disable one or more individual components in the system.
Oracle Database Appliance employs multiple, independent, and mutually-reinforcing security controls to help organizations create a secure operating environment for their workloads and data. Oracle Database Appliance supports the principle of defense in depth as follows:
Offering a strong complement of protections to secure information in transit, in use, and at rest. Security controls are available at the server, storage, network, database, and application layers. Each layer's unique security controls can be integrated with the others to enable the creation of strong, layered security architectures.
Supporting the use of well-defined and open standards, protocols, and interfaces. Oracle Database Appliance can be integrated into an organization's existing security policies, architectures, practices and standards. Integration is critical as applications and devices do not exist in isolation. The security of IT architectures is only as strong as its weakest component.
Conducting multiple security scans using industry-leading security analyzers to implement all high-priority security items prior to the release of each new Oracle Database Appliance software version.
Ensuring that applications, services and users have access to the capabilities that they need to perform their tasks is only one side of the least-privilege principle. It is equally important to ensure that access to unnecessary capabilities, services, and interfaces are limited. Oracle Database Appliance promotes the principle of least-privilege as follows:
Ensuring that access to individual servers, storage, operating system, databases, and other components can be granted based upon the role of each user and administrator. The use of role-based and multi-factor access control models with fine-grained privileges ensures that access can be limited to only what is needed.
Constraining applications so that their access to information, underlying resources, network communications, and local or remote service access is restricted based upon need.
Whether caused by an accident or malicious attack, applications can misbehave, and without enforcement of least privilege, those applications may be able to cause harm beyond their intended use.
When an incident occurs, a system must be able to detect and report the incident. Similarly, when an event cannot be prevented, it is imperative that an organization be able to detect that the event occurred so that proper responses can be taken. Oracle Database Appliance supports the principle of accountability as follows:
Ensuring each of the components used in Oracle Database Appliance supports activity auditing and monitoring, including the ability to record login and logout events, administrative actions, and other events specific to each component.
Leveraging features in Oracle Database to support fine-grained, auditing configurations. This allows organizations to tune audit configurations in response to their standards and goals. Administrators can ensure that critical information is captured, while minimizing the amount of unnecessary audit events.