Security (Cloud)
Overview
HTTP accesses
Identity management
Secret management
Networking
Virtual machines
Has describe in the Virtual machine section, virtual machines used a secure boot mechanism to obtain there configuration file.
- There is no user access on a Virtual Machine.
- In a production environment RDP is not opened.
- The administrator password is very strong and not stored.
- There is no configuration information stored in a VM local storage.
Application code
When a Sage FRP 1000 solution is deployed as a Cloud Solution or is deployed with Internet access, the Application Code is executed in a restricted mode.
In restricted mode :
- The system API is sand boxed.
- This concern all api calls and functions which access to the file system, the registry, the shell execution (which is disabled).
- The SQL API is disabled.
- This concern all api calls and functions which permit execution of arbitrary SQL statements. In this mode the Application MUST works in a strictly object oriented access using framework object primitives. The QueryBroker and the SQL translators are disabled.
- The database API is disabled
- This concern all api calls and function which enable switching between databases. In this mode only one production database is view by the Application code and functions which expose database details, like the database URL, are disabled.
- The repository access is restricted.
- This concern all api and function which access to the reprository classes, repository classes are not exposed.