Go to main content
Oracle® Server X5-8

Exit Print View

Updated: August 2015
 
 

Security Principles

There are four basic security principles: access, authentication, authorization, and accounting.

  • Access

    Access refers to physical access to hardware, or physical or virtual access to software.

    • Use physical and software controls to protect your hardware and data from intrusion.

    • Refer to the documentation that came with your software to enable any security features available for the software.

    • Install servers and related equipment in a locked, restricted access room.

    • If equipment is installed in a rack with a locking door, keep the door locked except when you have to service components in the rack.

    • Restrict access to connectors or ports, which can provide more powerful access than SSH connections. Devices such as system controllers, power distribution units (PDUs), and network switches provide connectors and ports.

    • Restrict access to hot-plug or hot-swap devices in particular because they can be easily removed.

    • Store spare field-replaceable units (FRUs) and customer-replaceable units (CRUs) in a locked cabinet. Restrict access to the locked cabinet to authorized personnel.

  • Authentication

    Authentication refers to ensuring that users of hardware or software are who they say they are.

    • Set up authentication features such as a password system in your platform operating systems to ensure that users are who they say they are.

    • Ensure that your personnel use employee badges properly to enter the computer room.

    • For user accounts: use access control lists where appropriate; set time-outs for extended sessions; set privilege levels for users.

  • Authorization

    Authorization refers to restrictions placed on personnel to work with hardware or software.

    • Allow personnel to work only with hardware and software that they are trained and qualified to use.

    • Set up a system of Read/Write/Execute permissions to control user access to commands, disk space, devices, and applications.

  • Accounting

    Accounting refers to software and hardware features used to monitor login activity and maintenance of hardware inventories.

    • Use system logs to monitor user logins. Monitor system administrator and service accounts in particular because those accounts can access powerful commands.

    • Keep a record of the serial numbers of all your hardware. Use component serial numbers to track system assets. Oracle part numbers are electronically recorded on cards, modules, and motherboards, and can be used for inventory purposes.

    • To detect and track components, provide a security mark on all significant items of computer hardware such as FRUs. Use special ultraviolet pens or embossed labels.

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. 
Previous
Next