Preface
Introduction
This guide provides security-related usage and configuration recommendations for Oracle Banking Microservices Architecture. It also describes the procedures required to implement or secure certain features, but it is not a general-purpose configuration manual.
Audience
Note:
Readers are expected to have basic operating system, network, and system administration skills with an awareness of vendor/third-party software’s and knowledge of Oracle Banking Microservices Architecture application.Scope
Read Sections Completely
Each section should be read and understood completely. Instructions should never be blindly applied. Relevant discussion may occur immediately after instructions for an action, so be sure to read whole sections before beginning implementation.
Understand the Purpose of this Guidance
The purpose of the guidance is to provide security-relevant configuration recommendations. It does not imply the suitability or unsuitability of any product for any particular situation, which entails a risk decision.
Limitations
The guide is limited in its scope to security-related issues. This guide does not claim to offer comprehensive configuration guidance. For general configuration and implementation guidance refer to other sources such as Vendor specific sites.
Test in Non-Production Environment
To the extent possible, guidance should be tested in a non-production environment before deployment.
Ensure that any test environment simulates the configuration in which the application will be deployed as closely as possible.
Acronyms and Abbreviations
Table -1 Acronyms
Abbreviation | Description |
---|---|
JWE | JSON Web Encryption |
JWS | JSON Web Signature |
JWT | JSON Web Token |
OAM | Oracle Access Manager |
OSSA | Oracle Software Security Assurance |
SAML | Security Assertion Mark-up Language |
SSO | Single Sign-On |
SSL | Secure Sockets Layer |
List of Topics
Table -2 List of Topics
Topics | Description |
---|---|
Prerequisite | This topic provides the information about prerequisites. |
Securing the Oracle Banking Microservices Architecture Application | This topic provides the information about securing Oracle Banking Microservices Architecture. |
General Information | This topic provides the information about general information related to security. |