2 Oracle SDM Cloud Transport Layer Security

Communications between the Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) on customer premises components are protected by Transport Layer Security (TLS).

For customer tenant data, Oracle SDM Cloud uses at-rest data encryption by default, using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption. For customer tenant data at rest, Oracle SDM Cloud uses the Advanced Encryption Standard (AES) algorithm with 256-bit encryption. For customer Tenant data in-transit, Oracle SDM Cloud data encryption uses TLS 1.2+.

The Oracle SDM Cloud supports the following ciphers for on-premises TLS connections, which includes TLS connections between the MCE and Network Functions (NF)s:

• ECDHE-ECDSA-AES128-GCM-SHA256
• ECDHE-ECDSA-AES256-GCM-SHA384
• ECDHE-RSA-AES128-GCM-SHA256
• ECDHE-ECDSA-AES128-SHA256
• ECDHE-RSA-AES128-SHA256
• TLS_AES_128_GCM_SHA256
• TLS_AES_256_GCM_SHA384
• TLS_AES_128_CCM_SHA256
• TLS_CHACHA20_POLY1305_SHA256

The Oracle SDM Cloud supports secure ground-to-cloud communications via TLS 1.2+. This includes the TLS connection between the on-premises Management Cloud Engine (MCE) and the Oracle SDM Cloud in the cloud.

Oracle SDM Cloud services handles the encryption keys. However, on customer premises, the customer is responsible for storing, managing, and securing the encryption keys needed for communication between the MCE and NFs.

Note:

Oracle SDM Cloud does not support devices with enabled Mutual Authentication.