Browsers, Smart View, and EPM Automate

EPM Cloud uses Transport Layer Security (TLS) with SHA-2/SHA-256 Cryptographic Hash Algorithm to secure communication with browsers, Oracle Smart View for Office, and EPM Automate.

Oracle recommends that you install the newest version of the supported browser. Generally, the newest version is compatible with higher cipher strengths and has improved security. See Supported Browsers.

SAML Messages to Identity Providers

• Oracle Access Manager, which is the default EPM Cloud Service Provider (SP), uses the MD5 algorithm to sign SAML messages to the Identity Provider (IdP) that you configured when setting up SSO. See Securing EPM Cloud.
• If your IdP, for example, SiteMinder, indicates that the signature validation of authentication request from the SP fails because it is signed using MD5 while the IdP supports only newer algorithms (such as RSA), create a service request containing an Exception Request asking Oracle to provide SSO SP XML metadata (in SHA-256 format). In the service request, indicate Hosting Services Problem Type.
• On receiving the service request, Oracle will attach the SP metadata in SHA-256 format to the service request, which you can extract and upload to the IdP.
• EPM Cloud relational data is encrypted using Transparent Data Encryption (TDE).

Navigation Flows and Connections

The credentials and other secure parameters used in Navigation Flows and Connections are encrypted using AES-256.

Session Management

Session Timeout Settings

By default, the service automatically terminates inactive user sessions after 75 minutes. Smart View terminates sessions after 75 minutes or the HTTP session timeout (whichever is earlier), which may be modified using Smart View health check.

To change the idle session timeout, you can use one of the following:

• setIdleSessionTimeout EPM Automate command in Working with EPM Automate for Oracle Enterprise Performance Management Cloud
• Set Idle Session Timeout REST API in REST API for Enterprise Performance Management Cloud