NxtAssets for security
NxtAssets runs on a single-vendor, fully managed stack: Oracle Cloud Infrastructure, Oracle Autonomous Database 23ai, and Oracle APEX. The database, application platform, and infrastructure are all designed, maintained, and patched by Oracle. There's no window where the system waits on someone to schedule an update.
Platform stack
- Cloud: Oracle Cloud Infrastructure. US-based commercial regions. OCI Government Cloud (FedRAMP High JAB P-ATO, DISA IL4/IL5) available on request.
- Database: Oracle Autonomous Database 23ai. Fully managed, self-patching, self-securing. Automated patch application eliminates manual patching windows.
- Application: Oracle APEX 24.2. Runs entirely within the Oracle Database — no separate application server. Stateless HTTP with server-side session management.
- IoT / Tracking: Oracle OCI Cloud IoT Service for GPS and Bluetooth tracking device management.
- Uptime SLA: OCI compute and database: 99.995%.
Encryption
At rest
- Transparent Data Encryption with AES-256 tablespace encryption.
- TDE is enabled by default on Oracle Autonomous Database and cannot be disabled. It is not a configuration option — it is a platform invariant.
- Each database instance has a unique master encryption key. Backups use separate encryption keys. Keys are stored in a PKCS#12 keystore on the database host.
- Key rotation is supported and configurable to meet organizational rotation policies.
In transit
- TLS 1.2 and 1.3. TLS 1.3 is the default on Oracle Database 23ai.
- TCPS connections use certificate-based mutual authentication via connection wallet. Wallet distribution is controlled — only authorized clients receive credentials.
- Unencrypted connections are rejected at the server level. This server-side configuration cannot be changed by administrators or users.
Immutable and blockchain tables
NxtAssets uses Oracle 23ai blockchain tables for chain-of-custody events, seal logs, and other critical audit records. These are insert-only tables with cryptographic integrity guarantees.
- Insert-only: DELETE, UPDATE, and TRUNCATE rejected by the database engine with ORA-05715. Enforced at the kernel level, not the application level.
- Cryptographic chaining: Each row stores a SHA2-512 hash of its data plus the hash of the previous row. Tampering with any row breaks the chain and is detectable via
DBMS_BLOCKCHAIN_TABLE.VERIFY_ROWS. - Retention policies:
NO DROP UNTIL n DAYS IDLEandNO DELETE UNTIL n DAYS AFTER INSERT.
Where insert-only semantics are needed without the cryptographic-chaining overhead — operational logs, non-critical audit — NxtAssets uses immutable tables with the same no-update, no-delete semantics.
Access control and identity
Infrastructure (OCI IAM)
- Identity federation with external IdPs (SAML 2.0, OIDC). MFA available.
- OCI resources isolated in compartments with policy-based access. NxtAssets infrastructure is segregated from other OCI tenancy resources.
- All OCI control plane operations are logged by the OCI Audit service regardless of interface.
Application (Oracle APEX)
- Configurable authentication schemes: database accounts, LDAP, Oracle SSO, social sign-in, custom PL/SQL.
- Granular authorization at application, page, region, button, and item level. Dynamic authorization via PL/SQL conditions.
- Server-side session state with cryptographic checksums preventing URL parameter manipulation.
- Built-in CSRF protection.
Role model
Least-privilege roles configured per implementation: System Administrator, Warehouse Operations, Field Technician, Election Site Lead, IT/Reporting, Auditor (read-only), Service Desk. Extendable with attribute-based constraints (location, election, time period).
Unified auditing
Oracle Unified Auditing is always on in Database 23ai. The AUD$UNIFIED audit table only allows INSERT — any attempt to truncate, delete, or update it fails and itself generates an audit record. The audit tablespace can be encrypted with TDE and protected with Oracle Database Vault. Key audit fields stream to syslog in parallel. Scope includes unified audit policies, fine-grained audit records, Real Application Security records, and APEX session-level activity.
OCI security services in use
- Cloud Guard — automated threat detection and response across the OCI tenancy; detector recipes find issues, responder recipes can auto-remediate.
- OCI Vault — FIPS 140-2 Level 3 validated HSMs for customer-managed key storage when county policy requires keys outside the database host.
- VCN Security — Virtual Cloud Networks with security lists and Network Security Groups; VCN Flow Logs for compliance and forensic analysis.
- Data Safe — integrated database security assessment, activity auditing, data discovery, and masking.
- Bastion Service — time-limited, audited SSH access for administration without exposing hosts to the public internet.
SOC 1/2/3 Type II · ISO 27001:2013, ISO 27017 (Cloud Security), ISO 27018 (Cloud Privacy) · FIPS 140-2 validated cryptographic modules · NIST 800-53 high-impact baseline · PCI DSS, HIPAA, GDPR, C5, IRAP, MTCS.
OCI Government Cloud adds FedRAMP High JAB P-ATO and DISA Impact Levels 4 and 5. NxtAssets currently deploys to OCI commercial regions; GovCloud deployment with FedRAMP and TxRAMP compliance is available at extra cost.