This white paper describes the overall security posture of Cloud Pak for Data for private cloud and on-premises deployments.
In June, we published the first white paper on Security for Cloud Pak for Data 3.0, which covered a range of security aspects including secure engineering practices, constraints and roles, authentication, encryption, network access, audit logging, privacy and compliance assessments, and best practices.
New content in the 3.5 white paper includes:
* A new SCC (cpd-noperm-scc) and SA (cpd-norbac-sa)
* New user groups
* Explanation on session expiry time and refresh time and guidance for developers to use API keys for long-running programs
* Platform API key and Service Instance API key
* Mention of how passwords are stored internally in the database using one-way hash and unique salts
Choose the PDF that corresponds to your version of Cloud Pak for Data.