Everyone gives lip service to the importance of security, but it's often relegated to the back-burner in actual practice. For example, my anecdotal experience is that when conference attendees are polled about Critical Patch Updates, usually fewer than 50% of the respondents state that they're up-to-date on the latest CPU.
One potentially complicating factor is that there are many things that one can do to secure the E-Business Suite, and it may be hard to know where to start. At minimum, all Apps DBAs should be intimately familiar with these documents:
One potentially complicating factor is that there are many things that one can do to secure the E-Business Suite, and it may be hard to know where to start. At minimum, all Apps DBAs should be intimately familiar with these documents:
- Best Practices for Securing Oracle E-Business Suite Release 11i (Note 189367.1)
- Best Practices for Securing Oracle E-Business Suite Release 12 (Note 403537.1)
- Critical Data Protection and Security in Oracle E-Business Suite (S307960, PDF, 1 MB)
Eric and Robert cover the following topics in their presentation:
If you registered for OpenWorld, here's a link to the OpenWorld On Demand page where you can download the presentation or listen to the live recording of this session.
Related Articles
- Business drivers and security challenges
- Database Defense-in-Depth
- Options for monitoring, access control, and encryption & masking
- End-to-end security strategies
- Building a secure E-Business Suite configuration
- Password policies for Apps and DB accounts (and reference notes)
- Security profile option settings and recommendations
- FND Validation Level feature
- Fixed Key profiles
- Non-reversible password hashing
- Externalizing EBS security from the apps tier
- Apps schema access via SOA Suite Apps Adapter
- Application Data Source implementation
- Java Authentication & Authorization Service (JAAS) for E-Business Suite
- Using Oracle Access Manager
- Other EBS security integrations and technologies
- Oracle Audit Vault and client identifiers
- Oracle Database Vault and segregation of duties
- Oracle Transparent Data Encryption (TDE) for columns and tablespaces
- Oracle Label Security (OLS) and Virtual Private Database (VPD)
- Future directions for E-Business Suite security
If you registered for OpenWorld, here's a link to the OpenWorld On Demand page where you can download the presentation or listen to the live recording of this session.
Related Articles
Comments (4)
Steven,
The Concurrent manager queuing,conflict resolution and scheduling is very excellent
and this is a very good product concept as a light weight standalone scheduling system.
Does oracle have a standalone scheduler like this in the product line or if not
I was thinking that just the lightweight AOL schema with its user security concepts
and the concurrent manager will be a good standalone light weight scheduling product
Just a thought
-Sam
Posted by Sam | November 19, 2009 7:07 AM
Posted on November 19, 2009 07:07
Hi, Sam,
Glad to hear that you like the Concurrent Manager's functionality. This is an integral part of the E-Business Suite's infrastructure and is not available as a standalone product. The idea of releasing it separately has been considered in the past. As far as I know, there are no current plans to break it out from the E-Business Suite.
Regards,
Steven
Posted by Steven Chan
|
November 19, 2009 10:54 AM
Posted on November 19, 2009 10:54
Hi Steven,
I have a question related to audit vault integration with EBS . in the pdf file it mentions how EBS will be integrated with AV using dbms_session.set_identifier, but that is still planned . can you let us know when that will be ready . we want to audit EBS data using AV .Is there a plan to release any patch for this integration .
Thanks,
Raghu
Posted by Raghavendra Kakarla | December 15, 2009 7:27 AM
Posted on December 15, 2009 07:27
Hi, Raghu,
Our team is still working on the Audit Vault integration with the E-Business Suite. They do plan to release a patch for this integration.
Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to my E-Business Suite Technology Stack blog (http://blogs.oracle.com/stevenChan) for updates, which I'll post as soon as soon as they're available.
Regards,
Steven
Posted by Steven Chan
|
December 15, 2009 10:53 AM
Posted on December 15, 2009 10:53