1. Integration Security Guide
  2. Introduction

1 Introduction

Software as a Service (SaaS) is changing technology today. SaaS applications shift responsibilities from retailers and their data centers to cloud service providers. The cloud service provider is responsible for upgrades, uptime and security. Oracle provides many retail cloud services, including Oracle Retail Integration Cloud Services.

The Oracle Retail Integration Cloud Service is a suite of software-as-a service solutions that provides retailers with various integration solutions. This includes Retail Integration Bus (RIB), Retail Service Bus (RSB), Bulk Data Integration (BDI), Retail Financial Integration (RFI) and Universal Service Mapper (USM).

This document is divided into six main sections:

  • Responsibilities - The Responsibilities section of the document discusses the shared responsibility model of security.

  • Oracle Retail SaaS Security - This section of the document outlines the policies and procedures Oracle Retail uses to meet its security responsibilities.

  • Integration Cloud Service Architecture - This section details the architecture of the Integration Cloud Service, particularly as it relates to security.

  • Integration Cloud Service Authentication, and Authorization - This section describes how Integration Cloud Service performs authentication and authorization can be applied.

  • Frequently Asked Questions - This section includes a number of specific questions related to security that are frequently asked by prospects, customers and implementers.

The goals of this document are to:

  • Explain the security responsibilities of Oracle and the Retailer in the SaaS model

  • Educate retailers about Oracle's cloud security policies and controls

  • Describe Integration Cloud Service's

    • general architecture, particularly as it relates to security

    • security features

  • Define additional steps customer IT staff must perform to communicate securely with Integration Cloud Service

  • Guide Customer administrators in the actions they need to perform to

    • create application users

    • assign roles to application users

  • Provide answers to frequently asked questions about Integration Cloud Service security