Critical Data Protection + Security in EBS (OpenWorld 2009 Recap)

Everyone gives lip service to the importance of security, but it's often relegated to the back-burner in actual practice.  For example, my anecdotal experience is that when conference attendees are polled about Critical Patch Updates, usually fewer than 50% of the respondents state that they're up-to-date on the latest CPU.

One potentially complicating factor is that there are many things that one can do to secure the E-Business Suite, and it may be hard to know where to start.  At minimum, all Apps DBAs should be intimately familiar with these documents:
There are many other security-related Oracle products that you can use with your E-Business Suite environment, too.  Eric Bing and Robert Armstrong profiled all of the latest security-related tools and options that are relevant to E-Business Suite users in their recent OpenWorld 2009 session:

defense_in_depth.png

Eric and Robert cover the following topics in their presentation:
  • Business drivers and security challenges
    • Database Defense-in-Depth
    • Options for monitoring, access control, and encryption & masking
    • End-to-end security strategies
  • Building a secure E-Business Suite configuration
    • Password policies for Apps and DB accounts (and reference notes)
    • Security profile option settings and recommendations
    • FND Validation Level feature
    • Fixed Key profiles
    • Non-reversible password hashing
  • Externalizing EBS security from the apps tier
    • Apps schema access via SOA Suite Apps Adapter
    • Application Data Source implementation
    • Java Authentication & Authorization Service (JAAS) for E-Business Suite
    • Using Oracle Access Manager
  • Other EBS security integrations and technologies
    • Oracle Audit Vault and client identifiers
    • Oracle Database Vault and segregation of duties
    • Oracle Transparent Data Encryption (TDE) for columns and tablespaces
    • Oracle Label Security (OLS) and Virtual Private Database (VPD)
  • Future directions for E-Business Suite security
Listening to the Session

If you registered for OpenWorld, here's a link to the OpenWorld On Demand page where you can download the presentation or listen to the live recording of this session.

Related Articles
Comments:

Steven,
The Concurrent manager queuing,conflict resolution and scheduling is very excellent
and this is a very good product concept as a light weight standalone scheduling system.
Does oracle have a standalone scheduler like this in the product line or if not
I was thinking that just the lightweight AOL schema with its user security concepts
and the concurrent manager will be a good standalone light weight scheduling product

Just a thought
-Sam

Posted by Sam on November 18, 2009 at 11:07 PM PST #

Hi, Sam,

Glad to hear that you like the Concurrent Manager's functionality. This is an integral part of the E-Business Suite's infrastructure and is not available as a standalone product. The idea of releasing it separately has been considered in the past. As far as I know, there are no current plans to break it out from the E-Business Suite.

Regards,
Steven

Posted by Steven Chan on November 19, 2009 at 02:54 AM PST #

Hi Steven,

I have a question related to audit vault integration with EBS . in the pdf file it mentions how EBS will be integrated with AV using dbms_session.set_identifier, but that is still planned . can you let us know when that will be ready . we want to audit EBS data using AV .Is there a plan to release any patch for this integration .

Thanks,
Raghu

Posted by Raghavendra Kakarla on December 14, 2009 at 11:27 PM PST #

Hi, Raghu,

Our team is still working on the Audit Vault integration with the E-Business Suite. They do plan to release a patch for this integration.

Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to my E-Business Suite Technology Stack blog (http://blogs.oracle.com/stevenChan) for updates, which I'll post as soon as soon as they're available.

Regards,
Steven

Posted by Steven Chan on December 15, 2009 at 02:53 AM PST #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
4
5
6
7
8
9
10
11
12
13
14
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today