| Oracle® Retail Advanced Science Engine Security Guide Release 14.1 E59123-01 |
|
 Previous |
 Next |
This chapter provides an overview of the security features in the application. It includes the following sections:
The following figure illustrates the physical deployment model of the application:
The Web-based application user interface is accessed using the Microsoft Internet Explorer on Windows-based systems. The retailer is responsible for applying the necessary security patches to the Web browser and operating system (Microsoft Windows).
The typical configuration of the application runs on multiple servers: one for the Oracle WebLogic Server 12c Release 1 (12.1.3) extended to use Oracle Application Development Runtime 12.1.3 that hosts the application and one for the Oracle database.
The application, the ETL scripts, and the export scripts are hosted on the WebLogic server, and the database instances are installed on the server running the Oracle Database 12c Release 1 (12.1.0.2). The retailer is responsible for applying any critical patch updates released for the server hardware, application server, and database.
The database server contains database schemas and includes a set of PL/SQL procedures. All the application stages are executed on the database server. ETL scripts are used for the loading, staging, and transformation of the application data input. Each of the application stages that are executed on the Database Server performs operations on a set of input tables and generates results to output tables. The output from one stage is provided to the next stage in succession as each stage is executed. The application output files are generated for import by the subscribing Oracle Retail applications, including Category Management and RDF, from the Database Server. It is the retailer's responsibility to ensure the integrity of the import data and output files and to secure access to the import files on the servers.
The application produces files used by subscribing Oracle Retail applications. If these files are modified, the resulting calculations may be inaccurate. For this reason, the files should be put in directories where appropriate permissions have been applied and unauthorized access is prevented.
Oracle Retail Advanced Science Engine has separate modules: ORASE and Assortment and Space Optimization, both supported on the cloud Ensure that the server systems running the database and application server and the client systems are located within a secured network. For scalability reasons, it is possible to add (optional) computation node(s), connected into a Oracle Coherence cluster. Oracle Coherence communication can be secured by performing the relevant configuration.
Security Guides for dependent applications can be found at the following links:
Oracle Database 12c Release 1 (12.1.0.2):
http://docs.oracle.com/database/121/DBSEG/E48135-09.pdf
Oracle WebLogic Server 12c Release 1 (12.1.3):
http://docs.oracle.com/middleware/1213/wls/wls-secure.htm
|
Caution: Oracle is not responsible for the security compliance of any product customization performed by a retailer, system integrator, or reseller. |
The relevant security features fall into one or more of the following categories. For information on these categories, see the following sections:
Securing access to the application against malicious attacks and auditing secure events are accomplished with passwords, additional testing of Web applications, and additional examination of source code.
The application does not contain any default accounts, user IDs, or passwords. The application uses the database schema user names created when setting up the application database. For more information, refer to the relevant installation guides.
Password policy settings for database schema access are configured through the database. As such, passwords must conform to the database password policies set for your business needs. For more information on setting up and maintaining password policies, see the Guidelines for Securing Passwords section in the Oracle Database 12c Security Guide.
The application utilizes WebLogic and ADF Security API's for authentication and authorization. The application contains the necessary application roles and WebLogic-integrated LDAP allows mapping of application roles to enterprise roles. Fusion Middleware Control (aka Enterprise Manager) can be used to perform the mapping.
The application does not prevent the use of network address translation, port address translation, traffic filtering devices, anti-virus protection, or encryption. Also, it does not interfere with the installation of patches or updates. Due to the nature of subtle incompatibilities between application server implementations, retailers are advised to test the latest application server updates with the application prior to putting those updates into production environments.
The application implements a uniform time out of the application when left unattended. If the application is left unattended for longer defined time, the application will time out. The user returning to the application will be taken back to the login screen and will have to log in again. The transaction that the user was executing is cancelled and the user will have to re-execute the transaction. The time-out value can be configured in the web.xml file for the application.
Securing the application environment and configuration covers the following area:
Once sensitive data is stored in a database, that data must be protected from unauthorized access. Oracle Retail provides the following recommendations on how to protect that data:
Access to the stored procedures used in the data purge scripts should be restricted.
Authentication to the database should be done with a different user ID than authentication to the applications.
The application does not populate the database with any pre-defined users. An administrative user is created during installation.
Oracle recommends using certificates that have been signed by a trusted CA. Self-signed certificates may be acceptable in a development or test environment, but should be avoided in a production setting. For more information, see:
https://docs.oracle.com/middleware/1213/wls/SECMG/identity_trust.htm#SECMG365
