Table of Contents
This chapter provides a set of guidelines to keep your Oracle NoSQL Database secure. To maximize the security features offered by Oracle NoSQL Database, it is imperative that the database itself be well protected.
Security guidelines provide advice about how to securely configure Oracle NoSQL Database by recommending security practices for operational database deployments.
Follow these guidelines to keep the security configuration secure:
The initial security configuration should be generated on
a host that is not intended for KVStore operational use, using
the securityconfig create config command.
Storage Nodes should be deployed by running makebootconfig
with the -store-security enable argument. The configured
security directory from the reference host should be copied to the new
Storage Node KVROOT using a secure copy mechanism prior to starting the store.
The security configuration should be kept in a protected location for future use.
Updates to the security configuration should be performed on the configuration host and copied to the operational Storage Node hosts using a secure copy mechanism.
After the first user is configured but before allowing applications
to use the store, you may wish to restart all SNA processes on hosts
running Admin processes and then use the Admin CLI show users
command to ensure that there is only the single user definition that
is expected. This step validates that no other user creation occurred
during the period when administrative login was not required.