Go to main content
1/2
Contents
Security Guide
1
Introduction
2
General Security Principles
2.1
Restrict Network Access to Critical Services
2.2
Monitor System Activity
2.3
Set Up a Change Management Process
2.4
Change Passwords Periodically
2.5
Keep Passwords Private and Secure
2.6
Use Profiles
2.7
Lock Computers to Protect Data
2.8
Close All Open Ports Not in Use
2.9
Secure the Environment
2.10
Provide Only the Necessary Rights to Perform an Operation
3
Secure Installation and Configuration
3.1
Install Critical Patch Updates (CPUs) and Critical Patch Set
3.2
Use SSL (HTTPS) Between Browser and Web Server
3.3
Signed Certificates for HTTPS
3.4
Disable Unused Services
3.5
Replace Verbose Errors with Custom Messages
3.6
Secure the WebLogic Server
3.7
Provide Security for Session-Tracking Cookies
3.8
Provide Security for Cross-Frame Scripting
3.9
Provide Security for HTTP Strict-Transport-Security
3.10
Configure Strong Passwords on the Database
3.11
Hide Oracle Forms Version Numbers
3.12
Secure the Reports Server
4
Application Security Features
4.1
Secure the Reports Server
4.2
TMS Security
4.2.1
Use Data Access Groups to Restrict Access to the Application
4.2.2
Enforce Password Security
4.2.3
Database Roles and Menu-Based Security
5
Documentation Accessibility
Scripting on this page enhances content navigation, but does not change the content in any way.