Previous Topic

Next Topic

Book Contents

Transport layer protection

If your client is calling the InForm User Management Interface web service that is hosted by Oracle, you must use Transport Layer Security (TLS) 1.2 or above to avoid man-in-the-middle attacks.

Web client developers should enforce encrypted data transport when the application transports sensitive data, and should validate that all certificates are legitimate and signed by public authorities.

Ciphers should be restricted to modern implementations.

Send Feedback