1. Security Guide
  2. Introduction to Oracle Private Cloud Appliance Security
  3. Product Security Overview

Product Security Overview

Product Security Overview

The core security components of the Oracle Private Cloud Appliance are layered. The three layers of the Oracle Private Cloud Appliance are:

  • Infrastructure - This is the physical rack hardware installed on the customers premises. Some security-related tasks are performed at this basic level when the system is installed.

  • Service Enclave - This is the part of the system where the appliance infrastructure is controlled. Access to this enclave is closely monitored and restricted to privileged administrators. The Service Enclave runs on a cluster of three management nodes, and many security-related tasks are performed at this level.

  • Compute Enclave - The Compute Enclave, designed for compatibility with Oracle Cloud Infrastructure, is where workloads are created, configured and hosted by users or groups and where cloud resources such as compute instances, networks, and storage are controlled.

The Oracle Private Cloud Appliance follows the same basic security principles as other Oracle products. These principles are:

  • Authentication: Authentication is how a user is identified, typically through confidential information such as user name and password, or shared keys. All components use authentication to ensure that users are who they say they are. By default, local user names and passwords are used for authentication. Shared key-based authentication is also available.

  • Authorization: Administrators configure user or group privileges to resources along with the level of access allowed to the resources. Personnel can only access the resources with the level of access that has been given to them. Users with administrative privileges can authorize users and groups with one or more types of access (inspect, read, use, manage) to resources (all-resources, instance-family, and so on).

  • Auditing: Auditing maintains a record of user activity at the various layers of the Oracle Private Cloud Appliance. Audit records exist for the Service Enclave, Compute Enclave, and for the infrastructure. Using audit records, an administrator is able to associate a particular user with a change that occurred in one or more components in the system. Monitor audit records to ensure users in the layers are properly accessing and using components and monitoring for excessive or insufficient resource privileges for users. Audit records can also identify unexpected system usage patterns that could identify denial of service attempts, attempts to access services through probing attacks of the boundaries or misuse of resources that resulted in data loss or unexpected resource modifications.

  • Accounting: Accounting lets administrators track inventories of hardware and cloud resources. Hardware assets are tracked through serial numbers whereas cloud resources are tracked through Oracle Cloud IDs (OCIDs). For hardware components, Oracle part numbers are electronically recorded on all cards, modules and mother boards. These can be used for inventory or for association with issues reported to Oracle. Cloud resources tracked by OCIDs can be monitored by administrators to track usage and resource consumption.

When applied properly, the above security principles allow:

  • Survivability of Mission-Critical Workloads - Oracle Private Cloud Appliance prevents or minimizes the damage caused from accidental and malicious actions taken by internal users or external parties. This is accomplished by security testing of components, checking protocols for vulnerabilities, and verifying software continuity even during security breaches.

  • Defense in Depth to Secure the Operating Environment - Oracle Private Cloud Appliance employs multiple, independent, and mutually-reinforcing security controls to help organizations create a secure operating environment for their workloads and data. All levels of the system are protected by an array of security capabilities.

  • Least-Privilege Access for Services and Users - Oracle Private Cloud Appliance promotes the use of security policies that ensure that applications, services, and users have access to the capabilities that they need to perform their tasks. However, it is equally important to ensure that access to unnecessary capabilities, services, and interfaces are limited. Users and administrators are confined to their particular areas of concern.

  • Accountability of Events and Actions - Oracle Private Cloud Appliance offers detailed audit trails at each layer as well as controls to help account for resources. This helps an administrator detect and report incidents as they are occurring (such as a denial of service attack) or after they occurred if it was not preventable (through traceability through audit logs to resulting changes to resources).

  • Understanding of Operating System Security - The operating system requires stringent security during patches and updates to ensure the integrity of the operating system at all times. This is possible by enforcing security policies, limiting network access, and monitoring all operating-system-level activities.