1. Security Guide
  2. Retail Analytics and Planning Cloud Services Architecture

1 Retail Analytics and Planning Cloud Services Architecture

Retail Analytics and Planning (RAP) is a suite of applications deployed on Oracle's Cloud Infrastructure (OCI). The applications are deployed in a highly available, horizontally scalable architecture. These cloud services use Oracle Cloud Infrastructure Identity and Access Management (OCI IAM)) as an identity provider (IdP). Information about logical, physical, and data architecture in this document focuses on how this architecture supports security.

Architecture Overview

Most customer access to the RAP services is through the public web tier, which uses HTTPS/1.2 TLS encryption. The web tier contains the perimeter network services that protect the applications from the internet at large. All traffic from the web tier continues to the Web Tier Security Server that provides authentication (AuthN) and authorization (AuthZ) services, which in turn use the customer's Oracle IdP service within their OCI tenancy.

Further information about OCI IAM is available in the Oracle Retail Identity Management for OCI IAM Startup Guide.

The RAP applications are deployed within a managed Kubernetes cluster. Scheduling of batch processes is provided by Job Orchestration and Scheduling (JOS). Reporting is provided by a common Oracle Analytics Server (OAS) instance which can connect to the underlying RAP schemas.

The underlying database for RAP applications is provided by the OCI Autonomous Data Warehouse. Each RAP customer instance has an instance of OCI ADW, shared across RAP application schemas.

Transparent data encryption (TDE) is automatically set within ADW during provisioning. All tablespaces are encrypted. When data is otherwise stored at rest, it is encrypted using AES-256.

RAP applications primarily integrate with external business systems using files through a service-based upload to OCI Object Storage. All files are scanned by an anti-virus and anti-malware service. Other integration points are provided by RAP Innovation Workbench, using Oracle Restful Data Services (ORDS).

When RAP is integrated with Oracle Retail Merchandising Cloud Service (version 24 onwards) it is integrated through OCI GoldenGate.

RAP authenticates all REST services using OAuth2.0 through IdP. As a common authentication pattern is used, web service users are subject to the same security controls as application users. All service calls are recorded in the application security logs.

Application Data Flow

Analytics and Planning Application Data Flow

RAP services are deployed within a managed Kubernetes cluster, providing isolation for each customer instance. Each tier of the infrastructure is isolated by OCI Virtual Cloud Network (VCN) traffic ingress/egress lists.

Application traffic from a customer’s network can ingress either through the public internet, or through an Application Private Endpoint within their own OCI tenancy. In either case, the traffic is encrypted. The traffic is routed to the customer’s instance where authentication and authorization is verified against their IdP before reaching the relevant RAP service.

When file movement to or from OCI Object Storage is required, a time-limited Pre-authenticated Request (PAR) URL is issued subject to OAuth2.0 validation.

Typically, only HTTPS services are available to customers. Optionally, a customer can subscribe to the Data Private Endpoint service – this provides direct, encrypted SQL*Net access to the Innovation Workbench schema, but only to their OCI tenancy.

Oracle Application Management Services has limited access to the underlying application tiers to allow for service administration, deployment, and troubleshooting. This access is tightly controlled and granted to only a small number of Oracle employees as described in Oracle's Cloud Hosting and Delivery Policies.