Title and Copyright Information
Preface
- Conventions Used in This Book
1 Introducing Oracle NoSQL Database Security
2 Security Configuration
- Security Configuration Overview
- Configuring Security with Makebootconfig
- Configuring Security with Securityconfig
3 Performing a Secure Oracle NoSQL Database Installation
- Single Node Secure Deployment
  - Adding Security to a New Installation
  - Adding Security to an Existing Installation
- Multiple Node Secure Deployment
  - Adding Security to a New Installation
  - Adding Security to an Existing Installation
4 Kerberos Authentication Service
- Installation Prerequisites
- Kerberos Principal
- Keytabs
- Kadmin and kadmin.local
- Kerberos Security Properties
- JAAS programming framework integration
- Performing a Secure Oracle NoSQL Database Installation with Kerberos
  - Adding Kerberos to a New Installation
  - Adding Kerberos to an Existing Secure Installation
- Using Oracle NoSQL Database with Kerberos and Microsoft Active Directory (AD)
5 External Password Storage
- Oracle Wallet
- Password store file
6 Security.xml Parameters
- Top-level parameters
- Transport parameters
7 Encryption
- SSL model
- SSL communication properties
- Disk Encryption in a Linux Environment
8 Configuring Authentication
- User Management
- Sessions
9 Configuring Authorization
- Privileges
- Roles
  - System Built-in Roles
  - User-Defined Roles
- Managing Roles, Privileges and Users
10 Security Policies
- Security Policy Modifications
11 Audit Logging
- Security Log Messages
12 Keeping Oracle NoSQL Database Secure
- Guidelines for Securing the Configuration
- Guideline for Securing Store Topology
- Guidelines for Deploying Secure Applications
- Guidelines for Securing the SSL protocol
- Guidelines for Disabling TLSv1.1 and TLSv1 Protocols
- Guidelines for enabling TLSV1.3 protocol
- Guidelines for using JMX securely
- Guidelines for using PKCS12 Java KeyStore
- Guidelines for Updating Keystore Passwords
- Guidelines for Updating Kerberos Passwords
- Guidelines for Updating SSL Keys and Certificates
- Guidelines for Configuring External Certificates for a new Installation
- Guidelines for Configuring External Certificates for an Existing Default Secure Installation
- Guidelines for Updating the External Certificates
- Guidelines for Operating System Security
- Guidelines for Resetting Admin Password
A Password Complexity Policies
B SSL keystore generation
C Java KeyStore Preparation
- Import Key Pair to Java Keystore
D KVStore Required Privileges
- Privileges for Accessing CLI Commands
- Privileges for DDL Commands
- Privileges for Accessing KVStore APIs
- Privileges for Accessing KVStore TableAPIs
- Privileges for Accessing KvLargeObject APIs
- Privileges for Running XRegion Service
E Configuring the Kerberos Administrative Utility
F Manually Registering Oracle NoSQL Database Service Principal
G Generating Certificate and Private Key for the Oracle NoSQL Database Proxy
- Guidelines for Generating Self-Signed Certificate and Private Key using OpenSSL
- Guidelines for Generating Certificate Chain and Private Key using OpenSSL
- Troubleshooting issues with self-signed certificate