1. Security Guide
  2. General Information

5 General Information

This topic provides general information about the security guide.

Cryptography

FLEXCUBE uses cryptography to protect sensitive data. It uses Hashing algorithm while storing user passwords. SHA-2 family hashing algorithm is used for this purpose. SHA-256 algorithm produces 32 bytes hash value.

For encryption, AES, which is considered to be the gold standard, is used. It produces a key size of 128 bits when it comes to symmetric key encryption.

Security Patch

Security patches need to be applied whenever it’s available for the applicable product version.

Oracle Database Security Suggestions

Table 5-1 Oracle Database Security Suggestions

Suggestion Explanation
Access Control Database Vault (DV) Provides enterprises with protection from insider threats and in advantage leakage of sensitive application data. Access to application data by users and administrators is controlled using DV realms, command rules, and multi-factor authorization. DV also addresses Access privilege by separating responsibilities.
Data Protection Advance Security provides the most advanced encryption capabilities for protecting sensitive information without requiring any change to the application. TDE is a native database solution that is completely transparent to the existing applications. TDE encrypts sensitive data stored in data files. To prevent unauthorized decryption, TDE stores the encryption keys in a security module external to the database. Advance Security also provides strong protection for data in transit by using network encryption capabilities. Features like Easy to deploy, Ensure secure by default to accept communication from a client using encryption, Network encryption using SSL/TLS.
Oracle Secure Backup (OSB) OSB is tightly integrated with the Oracle database, hence providing optimal security and performance, eliminating backup of any associated database UNDO data. Supports Comprehensive tape backup solutions for Oracle database and file systems. Provides a single point of control for enterprise-wide tape backup and associated encryption key.
Monitoring and Compliance Audit Vault (AV) transparently collects and consolidates audit data from multiple databases across the enterprise, does provide valuable insight into who did what with which data & when including privileged users. The integrity of the audit data is ensured using controls including DV, Advance Security. Access to AV data is strictly controlled. It also does provide graphical summaries of the activity causing alerts, in addition, database audit settings are centrally managed and monitored.

Oracle Software Security Assurance - Standards

Every acquired organization must complete the Mergers and Acquisitions (M&A) Security Integration process. The issues identified during this review must be addressed according to the agreed-upon M&A remediation plan. The acquired organization must complete SPOC assignments and plan the integration of OSSA methodologies and processes into its SDLC.

Oracle Digital Assistant Integration

The application supports the Integration of Oracle Digital Assistant (ODA) with the FLEXCUBE UBS Application. The ChatServer configuration to be in secure mode or Cloud Instance of ChatServer details to be configured with the application. The communication happens between applications, and ChatServer are using a secure protocol.enableSecureConnection: true,

To enable a secure connection the above configuration should be true.

  • References
    This helps the users to understand more about the security consideration and practices that are followed.