Oracle Enterprise Performance Management Cloud uses Transport Layer Security (TLS) with SHA-2/SHA-256 Cryptographic Hash Algorithm to secure communication and data
Encryption Level for Browsers, Smart View, and the EPM Automate
EPM Cloud uses Transport Layer Security (TLS) with SHA-2/SHA-256 Cryptographic Hash Algorithm to secure communication with browsers, Oracle Smart View for Office, and the EPM Automate.
Oracle recommends that you install the newest version of the supported browser. Generally, the newest version is compatible with higher cipher strengths and has improved security. See Supported Browsers.
Encryption Level for SAML Messages to Identity Providers
- Oracle Access Manager, which is the default EPM Cloud Service Provider (SP), uses the MD5 algorithm to sign SAML messages to the Identity Provider (IdP) that you configured when setting up SSO. See Securing EPM Cloud.
If your IdP, for example, SiteMinder, indicates that the signature validation of authentication request from the SP fails because it is signed using MD5 while the IdP supports only newer algorithms (such as RSA), create a service request.
- Sign in to My Services.
- Create a service request containing an Exception Request asking Oracle to provide SSO SP XML metadata (in SHA-256 format). In the service request, indicate
Hosting ServicesProblem Type.
On receiving the service request, Oracle will attach the SP metadata in SHA-256 format to the service request, which you can extract and upload to the IdP.
EPM Cloud relational data is encrypted using Transparent Data Encryption (TDE).
About Session ManagementTo ensure security, EPM Cloud encrypts all sessions. The session information contained in cookies is encrypted and the session ID is randomly generated.
Session Timeout Settings
The service automatically terminates inactive user sessions after 75 minutes.Smart View terminates sessions after 75 minutes or the HTTP session timeout, which may be modified using Smart View health check.