1. Security Guide
  2. Preface

Preface

This guide provides security-related usage and configuration recommendations for Oracle Banking Branch. It may outline procedures required to implement or secure certain features. This guide is not for general-purpose configuration.

This topic contains the following subtopics:

Audience

This guide is primarily intended for IT department or administrators deploying Oracle Banking Branch and third party or vendor software. Some information that may be relevant to IT decision-makers and users of the application are also included.

Note:

Readers are assumed to possess the basic operating system, network, and system administration skills with an awareness of vendor/third-party software and knowledge of the Oracle Banking Branch application.

Parent topic: Preface

Conventions

The following text conventions are used in this document:

Convention Meaning

boldface

Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary.

italic

Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values.

monospace

Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter.

Parent topic: Preface

Scope

The scope of this guide is as follows:

Table - Scope

Scope Description

Read Sections Completely

Each section should be read and understood completely. Instructions should never be blindly applied. Relevant discussion may occur immediately after instructions for action, so be sure to read whole sections before beginning implementation.

Understand the Purpose of this Guidance

The purpose of the guidance is to provide security-relevant configuration recommendations. It does not imply the suitability or unsuitability of any product for any particular situation, which entails a risk decision.

Limitations

This guide is limited in its scope to security-related issues. This guide does not claim to offer comprehensive configuration guidance. For general configuration and implementation guidance, refer to other sources such as vendor-specific sites.

Test in Non-Production Environment

To the extent possible, guidance should be tested in a non-production environment before deployment. Ensure that any test environment simulates the configuration in which the application will be deployed as closely as possible.

Parent topic: Preface

Acronyms and Abbreviations

The following acronyms and abbreviations are used in this guide:

Table - Acronyms and Abbreviations

Acronym/Abbreviation Description

AES

Advanced Encryption Standard

API

Application Programming Interface

DV

Database Vault

HTTP

Hypertext Transfer Protocol

HTTPS

Hypertext Transfer Protocol Secure

IdP

Identity Provider

JSON

JavaScript Object Notation

JVM

Java Virtual Machine

JWE

JSON Web Encryption

JWS

JSON Web Signature

JWT

JSON Web Token

LDAP

Lightweight Directory Access Protocol

OAM

Oracle Access Manager

M&A

Mergers and Acquisitions

OAuth

Open Authentication

OIM

Oracle Identity Management

OSSA

Oracle Software Security Assurance

SAML

Security Assertion Markup Language

SDLC

Software Development Lifecycle

SMS

Security Management System

SPOC

Single Point of Contact

SQL

Structured Query Language

SSO

Single Sign-On

SSL

Secure Sockets Layer

TDE

Transparent Data Encryption

TLS

Transport Layer Security

UI

User Interface

Parent topic: Preface

List of Topics

This guide is organized into the following topics:

Table - List of Topics

Topics Description

Prerequisite

This topic provides information about prerequisites.

Securing Oracle Banking Branch

This topic provides information about securing Oracle Banking Branch.

General Information

This topic provides general information related to security.

Parent topic: Preface