| Oracle® Retail Merchandising Cloud Service Suite Security Guide – volume 1 Release 19.2.000 F36864-01 |
|
 Previous |
 Next |
| Oracle® Retail Merchandising Cloud Service Suite Security Guide – volume 1 Release 19.2.000 F36864-01 |
|
Previous |
Next |
This section describes additional security set up that must be performed by retailers and Oracle Retail.
As part of the environment provisioning process, Oracle creates an SFTP user account. Details about this account will be sent to the Cloud Service Administrator. After the administrator verifies manual SFTP login, the customer administrator will be asked to generate a 2048 bit RSA public/private SSH key pair. The customer administrator will submit an Oracle Support request, with the public half of the key pair attached. Oracle Retail will configure the public key as an "authorized" key for the customer's account and lock the account's password. Oracle Retail will enforce a key-life policy of one (1) year by expiring the account 365 days after the SSH key is installed. The customer will use the private key for ongoing access to the SFTP server. Multiple public key files per account are supported by Oracle.
More information about SFTP key management is documented in Oracle Cloud Security Practices for Software as a Service (SaaS) Cloud Services.
http://www.oracle.com/us/corporate/contracts/gbu-cloud-services-pillar-3089817.pdf
