Get Started. It's Free
or sign up with your email address
OCI Security by Mind Map: OCI Security

1. Shared Security Model

1.1. on-premises

1.1.1. You manage security Applications Data Runtime Middleware Operating System Visrtualization Server Storage Networking

1.2. OCI

1.2.1. you manage Applications Data Runtime Middleware Operating System Customer responsible for security in the cloud Patching applications and OS OS Configuration IAM Networking security(VCN) Endpoint protection Data classification Compliance

1.2.2. Oracle manage Visrtualization Server Storage Networking Oracle Responsible for security of the cloud Physical security for the data center Hardware Software Networking

2. Security services

2.1. Security Services

3. IAM

3.1. Use RBAC

3.2. Multi-factor Authentication(MFA)

3.2.1. Use of more than one factor to verify a user's identity Eg Use Password Use Devices

3.3. Federation

3.3.1. Enterprise use an identity provider (IdP) manage login and password

3.3.2. Your administrator can federate with supported idp Active directory(AD)

4. Data protection

4.1. Block Volume

4.1.1. Data encrypted at-rest

4.1.2. Data encrypted in-transit

4.1.3. BYOK

4.2. File Storage

4.2.1. Data encrypted at-rest

4.2.2. Data encrypted in-transit

4.2.3. BYOK

4.3. Object Storage

4.3.1. Data encrypted at-rest

4.3.2. BYOK

4.3.3. Private Buckets

4.3.4. Pre-authentications Request

4.4. Data Base

4.4.1. Transparent Data Encryption

4.4.2. Data Safe Security Assessment User Assessment Data discovery Data Masking Activity Auditing No extra cost to use

4.4.3. Data Vault

4.5. Key Managment

4.5.1. BYOK

4.5.2. Centralized key management capabilities

4.5.3. HA

4.5.4. Durable

4.5.5. Secure key Storage

4.5.6. Use Hardware security modules(HSMs) Is a physical computing device that safeguards digital keys Provides crypto processing FIPS 140-2 HSM hardware is tamper-evident Delete keys from device when it detect tampering

4.5.7. Integration with select OCI Services

5. OS and workload isolation

5.1. Dedicated VM host

5.1.1. Security os Bare Metal

5.1.2. Single-tenant

5.1.3. Pay only dedicates VM Hosts

5.1.4. Control and Convenience Control over placement across DVMs Oracle Optimize it automatically Oracle hypervisor and hadware Manage Monitor

5.2. OS Management Service

5.2.1. Execute and automates common and complex management

5.2.2. Packages Management

5.2.3. Configurations management

5.2.4. Security / compliance reporting

5.2.5. Enables live patching of critical components

5.2.6. Linux Kernel w/o downtime

5.2.7. Configured by default for Oracle Linux Instances in OCI

6. Infrastructure protection

6.1. Network protection

6.1.1. Gateways

6.1.2. Security List

6.2. OCI Web Application Firewall(WAF)