System News
back5 6 7 8 9 10 11 12 13 14 15 next
Archived Security Articles
10 Apr 2014
open to premium members only
Oracle Enhances Oracle Identity Management Platform to Secure the Extended Enterprise [35723]
New Features Enable Customers to Consistently and Securely Deploy Enterprise, Cloud and Mobile Environments While Helping Reduce Total Cost of Ownership

As organizations increasingly adopt cloud and mobile applications, user identities are proliferating and becoming unmanageable. This causes organizations to struggle to embrace new business opportunities while keeping their corporate user information and data secure. Enterprises often end up adopting separate solutions for enterprise applications, cloud applications and mobile device management - with increased cost, complexity and risk. Instead, what companies need is a complete and integrated identity management platform that can help ensure the security of their data, regardless of where it is accessed, or through which kind of device. With the latest updates to the Oracle Identity Management platform, Oracle is providing organizations with new and enhanced features to further secure enterprise, cloud and mobile applications. Oracle refers to this expanding technology perimeter as the Extended Enterprise, which includes employees, customers, contractors, partners and their respective devices and applications that reside within the enterprise or in public or private clouds.
(Get More Information . .)

31 Mar 2014
open to premium members only
Enhanced Oracle Solaris Cluster Security Framework [35609]
By Krishna K Murthy

"Besides providing high availability (HA) & reliability to the applications, Oracle Solaris Cluster data services (agents) strive to provide a very secure HA environment by leveraging some of the salient security features implanted in the Oracle Solaris Cluster software. Oracle Solaris Cluster Resource Group Manager (RGM) callback methods such as Start, Stop or Validate execute with a high level of privilege and must be protected against modification by a non-privileged user. These callback methods in turn might execute application programs that often do not require elevated privilege. If an application program is to be executed with elevated privilege, it must similarly be protected against modification by an unprivileged user..."
(Get More Information . .)

29 Mar 2014
open to premium members only
Oracle Solaris 11.1 Gets Common Criteria Certification [35598]
EAL4+ under the Canadian Common Criteria Scheme (CCCS)

The Oracle Solaris 11.1 operating system achieved a Common Criteria certification on March 18, 2014 at EAL4+ under the Canadian Common Criteria Scheme (CCCS) conformant to the BSI Operating System Protection Profile v2.0 2010-06-01 with the following 4 extended packages.

  • Advanced Management v2.0, 2010-05-28
  • Extended identification & Authentication v2.0, 2010-05-28
  • Labeled Security v2.0, 2010-05-28
  • Virtualization v2.0, 2010-05-28

The evaluation is summarized in the list of certified products.
(Get More Information . .)

19 Mar 2014
open to premium members only
Encryption of Data-at-Rest on Big Data Appliance [35393]
Jean-Pierre Dijcks Blogs

Jean-Pierre Dijcks writes, "With the release of Big Data Appliance software bundle 2.5, BDA completes the encryption story underneath Cloudera CDH. BDA already came with network encryption, ensuring no network sniffing can be applied in between the nodes, it now adds encryption of data-at-rest.

Encryption of data-at-rest can be done in 2 modes. One mode leverages the Trusted Platform Module (TPM) on the motherboard to provide a key to encrypt the data on disk. This mode does not require a password or pass phrase but relies on the motherboard. The second mode leverages a passphrase, which in turn will be used to generate a private-public key pair generated with OpenSSL. The key pair is encrypted as well..."
(Get More Information . .)

07 Mar 2014
open to premium members only
FIPS 140-2 Validations for Solaris Cryptographic Framework [35183]
Provides assurance to government and industry purchasers

Joshua Brickman blogs that, "Oracle is pleased to announce that the Oracle Solaris Cryptographic Framework has achieved a FIPS 140-2 validation with overall compliance at Level 1 of the standard. Conformance with the FIPS 140-2 standard provides assurance to government and industry purchasers that products are correctly implementing cryptographic functions as the FIPS 140-2 standard specifies.

FIPS 140-2 is a public sector procurement requirement in both the United States and Canada for any products claiming or providing encryption..."
(Get More Information . .)

26 Feb 2014
open to premium members only
Oracle Introduces Oracle Mobile Security Suite to Enable Organizations to Securely Deploy Applications and Access Data on Mobile Devices [35072]
New Suite Extends Leading Identity Management Platform with Unified Security to Support Mobility

As the workforce becomes increasingly mobile, the need for organizations to control access and protect company data on mobile devices has become more critical than ever. When it comes to mobile security, organizations need a solution that offers advanced security controls for corporate devices and personal devices (also known as Bring Your Own Device/BYOD or Corporate Owned Personally Enabled/COPE), while providing a simplified user experience. With the Oracle Mobile Security Suite, organizations have the flexibility to permit enterprise access from users' devices with more granular control by isolating corporate and personal data, enabling secure enterprise application access.
(Get More Information . .)

back5 6 7 8 9 10 11 12 13 14 15 next

News and Solutions for Users of Solaris, Java and Oracle's Sun hardware products
30,000+ Members – 30,000+ Articles Published since 1998