Oracle Public Cloud Services. Security (part 2 of 3)

by · October 28, 2015

In my preceding article I tried to explain how companies and Oracle partners can take advantage of the Oracle Cloud and its different and powerful services.
Have I missed something? Yes, SECURITY.
All of the services belonging to the Oracle Cloud are offered as public (i.e. shared by multiple companies) or private (i.e. used by a single, large company).
A public cloud is inherently unsafe, you know, but even a private one could open security holes if badly managed.
Luckily, security is one of the major strengths of the Oracle Cloud proposal.
First of all, any service must be accessed using personal credentials (username/password). There is at least one service administrator, who gives access to other users and assigns roles/privileges to them.
Each service has also specific authorization rules, for example:
ORACLE STORAGE CLOUD SERVICES

  • Offers you the possibility to create and manage objects (i.e. files or documents) inside specific containers (i.e. directories or libraries)
  • The first thing you have to do if you want to use this service is to send an authorization key request, giving your username/password credentials
  • You must send the authorization key for every single command (create, drop, modify, upload, download, …)
  • The authorization key has a thirty minutes lifetime, after that you have to send a new request to obtain another authorization key

ORACLE DATABASE SERVICES

  • You can manage one or more database instances with root privileges on the host (a virtual machine)
  • When you request the creation of your instance service, you must give a valid public/private security key pair
  • If you want to access your instance using SSH (for example by PuTTY or similar applications), you must give the same public/private security key pair

ORACLE DATABASE BACKUP SERVICES

  • You can use Oracle Recovery Manager (RMAN) to backup an in-house or cloud database to a cloud storage
  • Every single backup must be enchrypted using the standard RMAN enchryption features (service subscription extends RMAN licenses automatically if you don’t have Advanced Security Option license)
  • If you have a Standard Edition Database you have to install a specific patch (see My Oracle Support Doc ID 1640149.1) if you want to backup it in the cloud, or enchryption will not work

In summary, Oracle Cloud Services (both private or public) offer a complete security platform in order to protect customers data in a reliable way.

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *