1. Security Guide
  2. Shared Security

Shared Security

This document contains recommendations on how to make software installation more secure. All of these recommendations should be evaluated carefully and implemented based on the unique needs of the customer and the compliance requirements for internal security procedures and guidelines.

This guide applies generally to Oracle Fusion Cloud Warehouse Management. This document lays down the guidelines that ensures that users have the proper authority to see data, load new data, or update existing data as this is an important aspect of the Oracle WMS Cloud Application.

A few points for you to consider - Do all users need the same level of access to the data and to the functions provided on customers side of applications? Are there subsets of users that need access to privileged functions? Are some documents restricted to certain classes of users? This document will serve as answers to questions like these which helps to provide the basis for the security requirements for the application.

Acronyms

Term Definition
CPUs Critical Patch Updates
Machine The physical (or virtual) server.
IHT Inventory History Transactions

The Oracle Warehouse Management Cloud Service implements many security measures to ensure the service is secure by default. However, cloud customers share the responsibility to ensure the security of their service. It is absolutely critical for customers to read this Security Guide and follow the recommendations and best practices.

Overall Goals of Security

There are two main goals to Security System.

  1. Preventing unauthorized access consists of the following larger pieces:
    • Authentication: is the person or process that is attempting to access the system who they say theyare?
    • Authorization: is the person or process allowed to be doing what they are attempting todo?
    • Data Access: does the person have the right level of access permissions for what kind of data they canaccess?
    • Auditing: is there a way to tell that some aspect of security has beencompromised?
  2. Both preventing unauthorized access and keeping the system up and running are vital aspects to consider. Both can be compromised by deliberate acts and accidental failures.
    • Ensuring that the service stays up and running is vitally important, of course, and is therefore an essential part of security. Deliberate attempts to bring a system down are called Denial of Service attacks, and the base components along with the service itself are configured by default to guard against these attacks. Performance problems can also bring a system down, which has the same effect as someone maliciously targeting the system, so this document will on occasion point out ways in which performance can be affected.

Finally, there are security issues that do not fall cleanly into either of these broad categories, but they will be talked about andaddressed as well further in this document.