X

The Oracle NoSQL Database Blog covers all things Oracle NoSQL Database. On-Prem, Cloud and more.

  • March 30, 2017

Oracle NoSQL Database Keeps Your Data Secure

Ashutosh Naik
Senior Development Manager

Recent news has
brought back the focus on how a poorly secured database server can cause
irreversible damage to the reputation of the software vendor apart from many
other tangible and intangible losses.

The security features in Oracle NoSQL Database makes it a
member of Oracle family of products which prides themselves in being called as very
secure.

This blog briefly describes these security features.

1) There are two levels of security: network security and
user authentication and authorization

  1. Network
    security provides an outer layer of protection at the network level and is
    configured during the installation process using cryptographic keys, X.509
    certificate chains and trusted certificates. What this means is the
    communication between the client and server nodes and also between the server
    nodes is encrypted using the SSL/TLS protocol.

  2. User
    authentication and authorization can either be managed by using Oracle NoSQL Database
    utilities or relegated to any Kerberos compliant LDAP/Single-sign-on server.

2) Starting with release 4.3 of Oracle NoSQL Database,
the security features are enabled by default.

3) Access to a secure Oracle NoSQL Database is limited to
only authenticated users. Oracle NoSQL Database provides tools for
user
and password management
.

4) Password credentials for connecting to database are stored
in a client-side
Oracle
Wallet
, a secure software container used to store
authentication and signing credentials. With Oracle Wallet, applications no
longer need to embed user and password in application code and scripts. This considerably
reduces risks because the user credentials are no longer exposed in the clear
and password management policies are more easily enforced without changing
application code whenever user names or passwords change.

5) Oracle NoSQL Database provides a set of default rules for
creating and updating a user password in order to enhance security. These rules
enable the administrator to enforce
strong
password policies
such as minimum and maximum password length,
minimum number of upper and lower case characters, digits and special
characters, password expiry, list of restricted passwords and maximum passwords
to be remembered that cannot be reused when setting new password.

6) Successfully authenticated users receive an identifier
for a login session that allows a single login operation to be shared across
Storage Nodes. That session has an initial lifetime associated with it, after
which the session is no longer valid. The server notifies the user with an
error once the session is no longer valid. The application then needs to
re-authenticate.

7) Oracle NoSQL Database provides role
based authorization
. A user can be assigned one or more roles. Roles can either be a built-in system role
(readonly, writeonly, readwrite, dbadmin, sysadmin and public) or user defined
role. These built-in roles map to one or more privileges. Privileges can either
be System privileges or Object (table level) privileges. System privilege
grants the user the ability to perform a store wide action while Object
privilege grants the user the ability to perform an action only on that specific
object (table).

8) With Kerberos integration Oracle NoSQL Database can
relegate the authentication and authorization job to any Kerberos compliant
LDAP or single-sign-on server.

In summary, Oracle takes security very seriously for all
of its products. Oracle NoSQL Database has been designed from the start to be
secure and protect user’s data.

Please refer to Security
Guide
for more details on any of the above mentioned security features.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha
Oracle

Integrated Cloud Applications & Platform Services