Network and Web Services Security

Network Security

When deploying Oracle Health Insurance onto a network there are many security issues to take into consideration, especially the use of Secure Socket layers (SSL), firewalls and VPN technologies.

Secure Socket layers (SSL)

The Secure Sockets Layer (SSL) protocol provides communication security by encrypting traffic across a network in a way designed to prevent eavesdropping and tampering. It uses asymmetric cryptography for privacy and a keyed message authentication code for message reliability. Setting up an SSL-secured connection requires a digital certificate issued by a trusted certificate authority. Self-signed digital certificates should only be used for internal testing.

Oracle recommends that all OHI Components applications related data communication, whether it is browser or web services based and whether it is within the organization’s firewall or accessed through VPN, is at least secured using SSL.

See Configuring SSL for detailed information on how to configure Secure Socket Layers in Weblogic.

Firewalls

A firewall permits or denies network access based on configured rules It protects the internal network from malicious actions while permitting legitimate communications.

Firewalls perform the following functions in a typical OHI environment:

  • Guard the company Intranet from unauthorized outside access.

  • Separate Intranet users accessing the OHI system from internal subnetworks where critical corporate information and services reside.

  • Protect from IP spoofing and routing threats.

  • Prohibit unauthorized users from accessing protected networks and control access to restricted services.

  • Throttle requests / apply rate limiting.

  • Act as Web Application Firewall protecting against malicious requests.

A typical Oracle Health Insurance environment usually has the following security zones:

  • Internet - External web service clients may come from outside of the company network.

  • Intranet - A company network separated by the external firewall that gives remote workers access to the Oracle Health Insurance user interface. This is also where OHI web servers and / or load balancers may be placed. Alternatively, for additional protection, web and load balancing servers may be placed in a separate demilitarized zone (DMZ) where external and internal clients first interact with the Oracle Health Insurance environment.

  • Oracle Health Insurance application server and database zone - Oracle Health Insurance application servers, database servers and possibly authentication servers (for example, if a customer chooses to delegate authentication using LDAP servers) typically reside in this zone.

Ensure that the firewalls used to secure an Oracle Health Insurance environment support the HTTP 1.1 protocol; it enables browser cookies and inline data compression for improved performance.

Web Services Security Overview

For any web service, it is important to guarantee integrity and confidentiality of messages and to ensure the identity of a client that is accessing Oracle Health Insurance web services. This can be achieved by implementing different types of security measures.

Security Type Description

Transport-level security

Secures the connection between the client application and a web service with Secure Sockets Layer (SSL).

Message-level security

Includes all the security benefits of SSL, but with additional flexibility and features. Message-level security is end-to-end, which means that a message is secure even when the transmission involves one or more intermediaries. The message itself is digitally signed and encrypted, rather than just the connection.

Access control security

Specifies which roles are allowed to access web services (answers the question "who can do what?").

By default Oracle Health Insurance web services verify that the request is executed by an authenticated user. For HTTP API REST services, proper authorization also needs to be set up. Transport-level security is not enabled by default; it should be put in place, at least to cover the communication between the client that initiates the request and the firewall / load balancer that handles the traffic. Load balancers often provide efficient support mechanisms for transport-level decryption and encryption which is to be preferred over having a WebLogic domain handling transport-level decryption and encryption.

Before these are used, make sure that the OHI Components applications web services are properly secured in accordance with your organization’s security requirements and standards.

Minimal Required Security for OHI Components Applications Web Services

The minimal security measures for OHI web services should comprise the following:

  • Encrypt any message using SSL in order to assure message confidentiality. Note that OHI web services may receive or send messages that contain protected health information. Even within the intranet or internal network the messages that are exchanged should be encrypted.

  • At the network level, e.g. in a switch or router, configure that OHI web services can only be accessed through the load balancer or web server that is set up to regulate any access to OHI. OHI web services should not be accessible from any other device within the organization. Additional security measures to allow or prevent message traffic from certain clients within the organization may be configured in the load balancer or web server.

Virtual Private Networks (VPN)

Oracle Health Insurance' user interfaces are browser-based and will allow remote workers to access the application services. It is recommended that these users access the application from within the company network, secured behind the outside firewall. Virtual Private Network (VPN) technology should be used to allow employees working remotely to access an OHI application. A VPN tunnels outside traffic through the firewall, placing remote workers virtually inside the firewall.