Oracle® Hardware Management Pack for Oracle Solaris 11.2 Security Guide

Exit Print View

Updated: September 2015
 
 

Basic Security Principles

There are four basic security principles: access, authentication, authorization, and accounting.

  • Access

    Use physical and software controls to protect your hardware or data from intrusion.

    • For hardware, access limits usually mean physical access limits.

    • For software, access limits usually mean both physical and virtual means.

    • Firmware cannot be changed except through the Oracle update process.

  • Authentication

    Set up all authentication features such as a password system in your platform operating systems to verify that users are who they say they are.

    Authentication provides varying degrees of security through measures such as badges and passwords. For example, ensure that personnel use employee badges properly to enter a computer room.

  • Authorization

    Authorization allows company personnel to work only with hardware and software that they are trained and qualified to use.

    For example, set up a system of read/write/execute permissions to control user access to commands, disk space, devices, and applications.

  • Accounting

    Customer IT personnel can use Oracle software and hardware features to monitor login activity and maintain hardware inventories.

    • Use system logs to monitor user logins. In particular, track system administrator and service accounts through system logs because these accounts can access powerful commands.

    • Periodically retire log files when they exceed a reasonable size, in accordance with the customer company policy. Logs are typically maintained for a long period, so it is essential to maintain them.

    • Use component serial numbers to track system assets for inventory purposes. Oracle part numbers are electronically recorded on all cards, modules, and motherboards.