System News
back5 6 7 8 9 10 11 12 13 14 15 next
Archived Security Articles
29 Mar 2014
open to premium members only
Oracle Solaris 11.1 Gets Common Criteria Certification [35598]
EAL4+ under the Canadian Common Criteria Scheme (CCCS)

The Oracle Solaris 11.1 operating system achieved a Common Criteria certification on March 18, 2014 at EAL4+ under the Canadian Common Criteria Scheme (CCCS) conformant to the BSI Operating System Protection Profile v2.0 2010-06-01 with the following 4 extended packages.

  • Advanced Management v2.0, 2010-05-28
  • Extended identification & Authentication v2.0, 2010-05-28
  • Labeled Security v2.0, 2010-05-28
  • Virtualization v2.0, 2010-05-28

The evaluation is summarized in the list of certified products.
(Get More Information . .)

19 Mar 2014
open to premium members only
Encryption of Data-at-Rest on Big Data Appliance [35393]
Jean-Pierre Dijcks Blogs

Jean-Pierre Dijcks writes, "With the release of Big Data Appliance software bundle 2.5, BDA completes the encryption story underneath Cloudera CDH. BDA already came with network encryption, ensuring no network sniffing can be applied in between the nodes, it now adds encryption of data-at-rest.

Encryption of data-at-rest can be done in 2 modes. One mode leverages the Trusted Platform Module (TPM) on the motherboard to provide a key to encrypt the data on disk. This mode does not require a password or pass phrase but relies on the motherboard. The second mode leverages a passphrase, which in turn will be used to generate a private-public key pair generated with OpenSSL. The key pair is encrypted as well..."
(Get More Information . .)

07 Mar 2014
open to premium members only
FIPS 140-2 Validations for Solaris Cryptographic Framework [35183]
Provides assurance to government and industry purchasers

Joshua Brickman blogs that, "Oracle is pleased to announce that the Oracle Solaris Cryptographic Framework has achieved a FIPS 140-2 validation with overall compliance at Level 1 of the standard. Conformance with the FIPS 140-2 standard provides assurance to government and industry purchasers that products are correctly implementing cryptographic functions as the FIPS 140-2 standard specifies.

FIPS 140-2 is a public sector procurement requirement in both the United States and Canada for any products claiming or providing encryption..."
(Get More Information . .)

26 Feb 2014
open to premium members only
Oracle Introduces Oracle Mobile Security Suite to Enable Organizations to Securely Deploy Applications and Access Data on Mobile Devices [35072]
New Suite Extends Leading Identity Management Platform with Unified Security to Support Mobility

As the workforce becomes increasingly mobile, the need for organizations to control access and protect company data on mobile devices has become more critical than ever. When it comes to mobile security, organizations need a solution that offers advanced security controls for corporate devices and personal devices (also known as Bring Your Own Device/BYOD or Corporate Owned Personally Enabled/COPE), while providing a simplified user experience. With the Oracle Mobile Security Suite, organizations have the flexibility to permit enterprise access from users' devices with more granular control by isolating corporate and personal data, enabling secure enterprise application access.
(Get More Information . .)

24 Feb 2014
open to premium members only
Lessons from the Field: A directory transition from DSEE to OUD 11gR2PS1 [35071]
By Sylvain Duloutre

Sylvain writes, "I was recently involved in a LDAP directory services transition project, from DSEE to OUD 11gR2PS1, for a large manufacturing enterprise. Directory service is medium-sized with a few of million LDAP entries, and is accessed by a wide range of services and applications, ranging from Corporate Directory to Identity Store for Identity Management and user management for intranet and extranet portals.

Here is an overview of the steps we followed and the issues we addressed during this project to successfully transition the infrastructure to OUD..."
(Get More Information . .)

20 Feb 2014
open to premium members only
Oracle Identity Federation [34978]
Released as part of Oracle Fusion Middleware 11gR2 Release 2 (

Damien Carru, a member of the Oracle Identity Management organization, writes,"This new version of OIF provides Identity Provider (IdP) and Service Provider (SP), a.k.a. Relying Party (RP), support for the SAML 2.0, SAML 1.1 and OpenID 2.0 protocols.

The admin interfaces have been revamped to provide a comprehensive and easy way for administrators to manage Federation partnership on a day-to-day basis: while the UI allows the basic administration of Federation settings, which would cover most of the daily use cases, the OIF WLST command scripting tools allow advanced configuration of the Federation servers and its partners.

In this article, I will discuss about the features included in OIF

  • Native Integration with OAM
  • Protocols
  • Additional Features

Read on for details..."
(Get More Information . .)

back5 6 7 8 9 10 11 12 13 14 15 next

News and Solutions for Users of Solaris, Java and Oracle's Sun hardware products
30,000+ Members – 30,000+ Articles Published since 1998