Field Level Encryption with Oracle Integration and OCI Vault

Integration platforms are often required to handle confidential information such as personal details, payment information or other data protected by compliance and regulatory standards such as HIPAA, GDPR, PII and PCI.

Various methods exist to protect data from unauthorized access while data is in transit and at rest. These approaches typically encrypt the entire payload. As a complementary approach Field Level Encryption has an important role to play by ensuring that only appropriately configured clients can read sensitive data fields. This approach also allows clients without the encryption keys to work with the non-sensitive data which would be impossible to do with a fully encrypted payload.

Although Field Level Encryption (FLE) is not natively supported in Oracle Integration (OIC) today, this blog will explore several options that will allow you to implement FLE with OIC. In this blog, I will present these options, discuss some guiding principles and showcase some sample implementations.

Continue reading “Field Level Encryption with Oracle Integration and OCI Vault”

Bastion Access For Minecraft

In the previous post, I did some work in managing Security Lists to protect the Minecraft Server. To read about that, head (here). Another method of connecting to the Minecraft Server is through a Bastion Host. As part of Oracle Cloud Infrastructure, it is free to create a session through the Bastion Service (service limits do apply). Here’s a brief encounter of getting this up and going.

Continue reading “Bastion Access For Minecraft”

Using OCI Bastions with PuTTY

Recently, Oracle rolled out the OCI Bastions service, which is designed to simplify the process of accessing instances which do not have a public IP address. They are really easy to use, with simple commands to allow access to these internal hosts… if you are using a Unix shell. Unfortunately I suffer from being quite wedded to various tools, and as a Windows user, I tend to use PuTTY to access hosts via SSH, so this blog post will detail both the OCI Bastion service in a little more detail, as well as how I continued to resist changing my old habits, and set up connections using the OCI Bastion service using a number of components of the PuTTY suite of tools.

Continue reading “Using OCI Bastions with PuTTY”

Getting Insights with OCI Audit Log with Logging Analytics (via Service Connector)

Recently Clay Magouyrk, EVP of Oracle Cloud Infrastructure engineering announced the new Oracle Cloud Observability and Management Platform.

The new platform will provide OCI native integration to provide operational insights into our OCI services in addition to previous capabilities available in Oracle Management Cloud. Logging Analytics is the first major Oracle Management Cloud Service to be incorporated, and so my fellow colleague @callanhp and I were itching to give it a go and see how we could implement it, so we chose the most available logs we could think of, the audit logs from the OCI control plane.

In this blog we will discuss the mechanics for forwarding OCI Audit Logs to the Logging Analytics service from the Oracle Cloud Observability and Management platform, and discuss how this pattern can be extended to other log sources.

Continue reading “Getting Insights with OCI Audit Log with Logging Analytics (via Service Connector)”
%d bloggers like this: