Table of Contents
- Title and Copyright Information
- Preface
- 1 BRM Security Overview
-
2
Performing a Secure BRM Installation
- Pre-Installation Tasks
- Installing BRM Securely
-
Post-Installation Tasks
- Lock and Expire Default User Accounts
- Change Default User Passwords
- Use Strong Passwords for BRM User Schema
- Enable SSL/TLS for SQL*NET
- Use Secure TLS Connections
- Enforce Password Management
- Tighten File Permissions
- Configure Maximum Number of Invalid Login Attempts
- Log Customer Service Representative Activities
- Integrate Paymentech
-
3
Performing a Secure Pricing Design Center Installation
- Recommended Installation Mode
- Operating System Security
- Pre-Installation Tasks
- Installation Tasks
- Post-Installation Configuration
- Uninstalling Pricing Design Center
- About Changing Passwords in the Wallets
- Implementing Pricing Design Center Security
- About Authentication
- About Authorization
- Configuring Authentication and Authorization by Using OIM
- Verifying OIM Configuration in WebLogic Server
-
4
Performing a Secure ECE Installation
- About Deploying ECE into a Secure Environment
- Installing ECE
- About ECE Security
- About Oracle Coherence Security
- About Oracle Database Security
- About Oracle NoSQL Database Security
- About Cluster Security
- About the KeyStore Files and SSL Considerations
- About Trusted Host Information
- About JMX Security
- Post-Installation Security Tasks
-
5
Managing BRM Security
- The Security Model
- Configuring and Using Authentication
- Configuring and Using Access Control
- Configuring and Using Security Audit
- Monitoring Login Attempts
- Encryption
- Securing Sensitive Customer Data
- Using Credit Card Tokenization
- Masking Sensitive Data in Log Files
- Securing BRM Network Ports
- About Managing ECE Security
- 6 Security Considerations for Developers
- 7 Billing Care Security
-
8
Billing Care REST API Security
- About Authentication and Authorization
-
Setting Up OAuth with Oracle
Identity Cloud Service
- Creating a Confidential OAuth Application for the Resource Server
- Creating a Confidential OAuth Application for Your Client Application
- Encoding the Client's Credentials in Base64 Format
- Configuring OAuth Settings Using IDCS
- Storing the Resource Server's Credentials in the Wallet
- Requesting an OAuth Access Token
- Setting Up OAuth with Oracle Access Management
-
9
BRM REST Services Manager Security
- About Authentication and Authorization
- Setting Up OAuth with Oracle Identity Cloud Service
- Setting Up OAuth using Oracle Access Management
- Scopes and Roles for Accessing REST Services Manager
-
10
PDC REST Services Manager Security
- About PDC REST Services Manager Security
- Setting Up OAuth for PDC REST Services Manager with Oracle Identity Cloud Service
-
Setting Up OAuth for PDC REST
Services Manager with Oracle Access Management
- Enabling OAuth Services for PDC REST Services Manager
- Creating an OAuth Identity Domain for PDC REST Services Manager
- Creating a Resource Server for PDC REST Services Manager
- Creating an OAuth Client for PDC REST Services Manager
- Setting Up Security with Oracle Access Management in the PDC REST Services Manager Configuration File
- Requesting an OAuth Access Token from Oracle Access Management
- Securing Inbound Communications
- Securing Outbound Requests to PDC
- Encrypting Sensitive Data
- PDC REST Services Manager Security Configuration Reference Information
- 11 Business Operations Center Security
- A Secure Deployment Checklist