| Oracle® Retail Back Office Installation Guide Release 14.1 E54457-02 |
|
 Previous |
 Next |
This chapter serves as a guide for administrators and anyone installing the product to securely configure Oracle Retail Back Office. To see a broader spectrum of suggested security-related practices for this application, see the Oracle Retail POS Suite Security Guide.
|
Note: All the Oracle Retail POS Suite applications should follow the same practices for configuring a secure environment. |
This chapter is intended for security administrators and anyone installing the products who will deploy and configure the Oracle Retail POS Suite applications. These users perform the following tasks:
Install and deploy the applications
Configure the applications
Apply patches to the applications
It is assumed that the readers of this chapter have a general knowledge of administering the underlying technologies and the Back Office application.
This chapter begins with the operating system and moves through the supporting middleware to the Back Office application, and its connections with other resources.
|
Note: The options set by default for the installer are the most secure selection. If you choose to not use any of the default selections, you need to consider the implications of that change on the security of your installed product. |
Any references to Payment Card Industry Data Security Standard (PCI-DSS) requirements are from PCI-DSS version 3.0.
To see the operating systems and browsers supported for this release of Back Office, see Chapter 1.
The Release 14.1 Oracle Retail POS Suite applications do not rely on unsecured services or protocols. If the retailer or systems integrator customizes or extends the applications, these extensions must not rely on unsecured services or protocols.
When using Microsoft Windows 7, the system restore point must be disabled. This restore point may possibly contain sensitive data (test or real) in previous versions of the operating system. To disable the system restore point:
Open the Control Panel.
Select System and then System protection. The System Properties window is displayed.
Under Protection Settings, select Configure.
Under Restore Settings, select Turn off system protection and click OK.
For more information about securing services and protocols, see the Oracle Retail POS Suite Security Guide.
The Center for Internet Security has published benchmarks for securing your systems at the operating system level. You can find the benchmarks at the following links:
Microsoft Windows 2012 Server:
http://benchmarks.cisecurity.org/en-us/?route=downloads.browse.category.benchmarks.os.windows.2012
SUSE Linux (SLEPOS):
http://benchmarks.cisecurity.org/en-us/?route=downloads.browse.category.benchmarks.os.linux.suse
To see the database and application server supported for this release of Back Office, see Chapter 1.
For recommendations on securing the database as well as JDBC communications between the POS Suite applications and the database, see the Oracle Retail POS Suite Security Guide.
Do not store sensitive data on Internet-accessible systems. For example, your web server and database server must not be on the same physical server. Oracle Retail POS Suite applications do not require the database server and web server to be hosted on the same physical server machine.
For information about secure configuration of Oracle Database, see the Oracle Database 2 Day + Security Guide. The guide is available at the following link on the Oracle Technology Network web site:
http://docs.oracle.com/database/121/TDPSG/toc.htm
For information about secure configuration of Oracle WebLogic Application Server, see the following documentation available at the following links on the Oracle Technology Network web site:
Security for Oracle WebLogic Server 11g Release 1:
http://docs.oracle.com/cd/E23943_01/web.1111/e14529/security.htm#INRMP200
Oracle Fusion Middleware Securing a Production Environment for Oracle WebLogic Server:
http://download.oracle.com/docs/cd/E17904_01/web.1111/e13705.pdf
Secure JMS messaging configuration is specific to the application server. For information about securing the JMS messaging on Oracle WebLogic, see the Oracle Retail POS Suite Security Guide.
The Release 14.1 Oracle Retail POS Suite applications do not permit a user to send unencrypted sensitive data by end-user messaging technologies, such as e-mail. If you customize an application to permit sending sensitive data, by end-user messaging technologies, you must use a solution that renders the sensitive data unreadable or implements strong cryptography.
Back Office can send notifications of the results of a scheduled job to a designated e-mail address. The e-mail contains the job name entered by the end user. Therefore, the user must take care that the scheduled job name does not contain sensitive data.
This section covers secure configuration that is recommended for all Oracle Retail POS Suite applications.
These technologies should be considered.
Except for Oracle Retail Mobile Point-of-Service, Oracle Retail POS Suite applications are not designed as wireless applications. If wireless technology is used, you must adhere to PCI-DSS compliant wireless settings, per PCI-DSS Requirements 1.2.3, 2.1.1, and 4.1.1.
The Release 14.1 Oracle Retail POS Suite applications enable out-of-the-box audit logging by default. These logs should not be disabled.
Application log files are configurable. If you modify the settings, you must ensure they are compliant with PCI-DSS requirements 10.2 and 10.3.
The POS Suite applications implement automated audit trails for all system components to reconstruct the following events:
All actions taken by any individual with administrative privileges as assigned in the application
Access to application audit trails managed by or within the application
Invalid logical access attempts
Use of application's identification and authentication mechanisms
Initialization of the application audit logs
Creation and deletion of system-level objects within or by the application
The Release 14.1 Oracle Retail POS Suite applications implement an automated audit trail logging of various events happening on the system. The audit trail logging is configured in the log4j configuration file maintained for each application. The various events that need to be logged and the file where the audit logging information will be captured are configured in the log4j configuration file.
|
Caution: Do not comment out any of the entries or prevent the logging from occurring. |
For each event, the Oracle Retail Audit log service logs the point of Origination of the event. In addition, the audit log framework logs the Initialization of the Audit log itself.
The log files are created with the following names and in following locations:
File Name: BackOffice_audit.log
Location when Back Office is deployed to an admin server or managed server:
<WEBLOGIC_HOME>\user_projects\domains\<Domain Name>\servers\<Server Name>\logs
The following events should be captured at the system level:
Login or logoff
Start or stop a process
Use of user rights
Account administration
Change the security policy
Restart and shut down the system
USB events and Mount andUnmount events
Access a file or directory (create a file, remove a file, read a file, or change file descriptors)
Various tools are available to collect audit trail information. Audit trails should be maintained for the applications and for external system events.
After installation, these settings should be used.
Set these application parameters before running Back Office.
The Temporary Password Length parameter is used to determine the length of system generated temporary passwords. This parameter resides in the application XML parameter file.
|
Caution: This parameter can be set to generate passwords to have a length between 7 and 12 characters. In order to comply with PCI-DSS section 8.2.3, the Oracle Retail POS Suite applications must not be modified to allow fewer than 7 characters. |
The Oracle Retail POS Suite applications integrate through the use of web services. For information about securing this interface protocol, see the Oracle Retail POS Suite Security Guide.
This section covers scripts and utilities used after installation.
The Release 14.1 Oracle Retail POS Suite applications come with stored procedures and scripts that permit a DBA to purge the databases of data that the retailer determines are no longer necessary to store. Access to these scripts should be restricted. For more information about the purge scripts, see the Oracle Retail POS Suite Security Guide.
