Oracle® Health Sciences Cohort Explorer Secure Installation and Configuration Guide Release 1.0 E24988-02 |
|
|
PDF · Mobi · ePub |
This chapter includes the following sections:
Your systems must meet the requirements of the Oracle Health Sciences Cohort Explorer (OHSCE) application.
The diagram below depicts the technology stack of OHSCE.
The required technology stack for Oracle Health Sciences Cohort Explorer consists of the following products:
The following principles are fundamental to using any application securely.
One of the principles of good security practice is to keep all software versions and patches up to date.
Oracle continually improves its software and documentation. Critical Patch Updates are the primary means of releasing security fixes for Oracle products to customers with valid support contracts. They are released on the Tuesday closest to the 17th day of January, April, July and October. We highly recommend customers apply these patches as soon as they are released.
Although the importance of passwords is well known, the following basic rule of security management is worth repeating:
Ensure all passwords are strong passwords.
You can strengthen passwords by creating and using password policies for your organization. For guidelines on securing passwords and for additional ways to protect passwords, refer to the Oracle® Database Security Guide specific to the database release you are using.
You should modify the following passwords to use your policy-compliant strings:
Passwords for the database default accounts, such as SYS and SYSTEM.
Passwords for the database application-specific schema accounts, such as HDM.
The password for the database listener. You must not configure a password for the database listener as that will enable remote administration. For more information, refer to the section "Removing the Listener Password" of Oracle® Database Net Services Reference 11g Release 2 (11.2)
The principle of least privilege states that users should be given the least amount of privilege to perform their jobs. Overly ambitious granting of responsibilities, roles, grants — especially early on in an organization's life cycle when people are few and work needs to be done quickly — often leaves a system wide open for abuse. User privileges should be reviewed periodically to determine relevance to current job responsibilities.
Before executing DDL scripts to create Healthcare Data Warehouse Foundation (HDWF), the database user should be created with the specified limited set of privileges. DBA access should not be given to the user.
This section describes the tasks that you must complete before you can install the Oracle Health Sciences Cohort Explorer (OHSCE) application.
Install Oracle Database 11.2.0.1.0 according to platform-specific installation instructions available at http://www.oracle.com/pls/db112/portal.portal_db?selected=11&frame=
.
Install Oracle Healthcare Data Warehouse Foundation 3.1 according to instructions in the Oracle® Healthcare Data Warehouse Foundation Release Notes.
Note:
You must install the HDWF and OHSCE schemas on different databases.Important:
Three OHSCE implementation scripts—cohort_hdwf_test_data_load_v1.0.sql, cohort_hdwf_test_data_delete_v1.0.sql, and create_cxe_user_example.sql
are provided with this release. Refer the Oracle® Health Sciences Cohort Explorer Implementation Scripts Guide for details.
Install Oracle Data Integrator 11.1.1.5.0 according to the Oracle® Fusion Middleware Installation Guide for Oracle Data Integrator. Do not create ODI repositories during the installation.
Install Oracle Health Sciences Clinical Development Center 3.1 SP1 on the same instance as OHSCE, according to the CDC-CDR 3.1 SP1 Client Installation Qualification document.
Install Oracle Business Intelligence 11.1.1.5.0 according to Oracle® Fusion Middleware Installation Guide for Oracle Business Intelligence.