Skip Headers
Oracle® Key Manager 3 Security Guide
Release 3.0
E49728-01
Next
Contents
List of Figures
Title and Copyright Information
Preface
Audience
Documentation Accessibility
1
Overview
Product Overview
General Security Principles
Keep Software Up To Date
Restrict Network Access to Critical Services
Follow the Principle of Least Privilege
Monitor System Activity
Keep Up To Date on Latest Security Information
2
Secure Installation
Understand Your Environment
Which resources am I protecting?
From whom am I protecting the resources?
What will happen if the protections on strategic resources fail?
Recommended Deployment Topologies
Installing a Key Management Appliance
Installing a KMA in a Rack
Securing the BIOS of a KMA
Securing the ILOM of a KMA
Configuring the First KMA in an OKM Cluster
Considerations When Defining Key Split Credentials
Considerations When Defining Additional OKM Users
Adding Additional KMAs to the OKM Cluster
Considerations When Adding Additional KMAs
Characteristics of Hardened KMAs
3
Security Features
Potential Threats
Objectives of the Security Features
The Security Model
Authentication
Access Control
Users and Role-Based Access Control
Quorum Protection
Audits
Other Security Features
Secure Communication
Hardware Security Module
AES Key Wrapping
Key Replication
4
Linux PKCS#11 KMS Provider
A
Secure Deployment Checklist
B
References