Secure Compute
How Does OCI Ensure That Provisioned Servers Are Free From Malware?
A primary design principle of OCI is protecting tenants from firmware-based attacks.
Threats at the firmware level are becoming more common, raising potential risks for public cloud providers. To ensure that each server is provisioned with clean firmware, Oracle has implemented a hardware-based root of trust for the process of wiping and reinstalling server firmware.
Oracle uses this process every time a new server is provisioned for a tenant or between tenancies, regardless of the instance type.
The hardware-based root of trust is a protected hardware component that’s manufactured to Oracle specification. It’s limited to performing the specific task of wiping and reinstalling the firmware. It triggers a power cycle of the hardware host, prompts for the installation of known firmware, and confirms that the process has been completed as expected.
This firmware installation method reduces the risk from firmware-based attacks, such as a permanent denial of service (PDoS) attack or attempts to embed backdoors in the firmware to steal data or make it otherwise unavailable.
How Does OCI Protect The Hypervisor That Underpins Virtual Machines?
With traditional virtualization techniques, compute, memory, storage and network I/O is managed and handled by the hypervisor software running on a physical host. One or more virtual machines then run within that hypervisor.
This translates into a security risk because if an unauthorized user can take control of a virtual machine and gain access to the hypervisor, they can perform lateral movements and potentially gain access to other hosts within the network.
Oracle Cloud Infrastructure takes a different approach.
All network I/O is managed and handled by custom designed SmartNIC’s that are physically separate from the physical host running the virtual machines.
This means that Oracle Cloud Infrastructure maintains greater external control of host network functionality and can prevent network traversal attacks.
What Does OCI Use To Ensure That Disk Images Are Secure?
OCI customers can make use of hardened virtual images that meet the standards of the CIS Benchmarks.
The CIS Benchmarks are a widely recognized set of configuration guidelines that focus on security. The images are made available through CIS and can be found on the Oracle Cloud Marketplace.
For more information about the CIS hardened images please see here…
The Oracle Cloud Marketplace can be found here…
How Does OCI Ensure That Security Patching Follows Best Practice?
Autonomous Linux performs automatic patch updates without human interaction.
Using Oracle’s Ksplice technology, the Linux kernel and critical user-space libraries (glibc and OpenSSL) are patched while systems are running.
Core libraries, Oracle Cloud and Linux utilities, pre-installed dependency packages for Oracle Database, and Oracle Applications are other key components that are automatically patched daily whenever updates are available. Patches are fully tested to validate compatibility.
The built-in zero-downtime self-patching capabilities eliminate the need to reboot the system after updating the kernel and user-space libraries. Linux kernel updates with important new security and reliability patches are released about once per month. Updates for the KVM hypervisor also are released regularly.
Industry regulations and best practices require companies to apply these security updates and patches as soon as possible because security will be compromised by a failure to update. Operators are forced to choose between known best practices versus forced system reboots that are costly and disruptive.
For more information about Autonomous Linux please see here…