No doubt, with all the media reports about stolen databases and private information, a major concern when committing to a public or private cloud must be preventing unauthorized access of data and applications.
In this article, we discuss the security features of Oracle Solaris 11
that provide a bullet-proof cloud environment.
As an example, we show how the Oracle Solaris Remote Lab implementation utilizes these features to provide a high level of security for its users.
Note: This is the second article
in a series on cloud building with Oracle Solaris 11. See Part 1 here
When we build a cloud, the following aspects related to the security of the data and applications in the cloud
become a concern:
• Sensitive data must be protected from unauthorized access while residing on storage devices, during
transmission between servers and clients, and when it is used by applications.
• When a project is completed, all copies of sensitive data must be securely deleted and the original
data must be kept permanently secure.
• Communications between users and the cloud must be protected to prevent exposure of sensitive information
from “man in a middle attacks.
• Limiting the operating system’s exposure protects against malicious attacks and penetration by
unauthorized users or automated “bots
” and “rootkits
” designed to gain privileged access.
• Strong authentication and authorization procedures further protect the operating system from tampering.
• Denial of Service attacks
, whether they are started intentionally by hackers or accidentally by other cloud users, must be quickly detected and deflected, and the service must be restored.
In addition to the security features in the operating system
, deep auditing provides a trail of actions that can identify violations,issues, and attempts to penetrate the security of the operating system.
Combined, these threats and risks reinforce the need for enterprise-grade security solutions that are specifically designed to protect cloud environments. With Oracle Solaris 11, the security of any cloud is ensured.