Preface
Purpose
This guide provides security-related usage and configuration recommendations for Oracle Banking Microservices Architecture. It also describes the procedures required to implement or secure certain features, but it is not a general-purpose configuration manual.
Parent topic: Preface
Audience
Note:
Readers are expected to have basic operating system, network, and system administration skills with an awareness of vendor/third-party software’s and knowledge of Oracle Banking Microservices Architecture application.Parent topic: Preface
Scope
Read Sections Completely
Each section should be read and understood completely. Instructions should never be blindly applied. Relevant discussion may occur immediately after instructions for an action, so be sure to read whole sections before beginning implementation.
Understand the Purpose of this Guidance
The purpose of the guidance is to provide security-relevant configuration recommendations. It does not imply the suitability or unsuitability of any product for any particular situation, which entails a risk decision.
Limitations
The guide is limited in its scope to security-related issues. This guide does not claim to offer comprehensive configuration guidance. For general configuration and implementation guidance refer to other sources such as Vendor specific sites.
Test in Non-Production Environment
To the extent possible, guidance should be tested in a non-production environment before deployment.
Ensure that any test environment simulates the configuration in which the application will be deployed as closely as possible.
Parent topic: Preface
Documentation Accessibility
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.
Access to Oracle Support
Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.
Parent topic: Preface
Critical Patches
Oracle advises customers to get all their security vulnerability information from the Oracle Critical Patch Update Advisory, which is available at Critical Patches, Security Alerts and Bulletins. All critical patches should be applied in a timely manner to make sure effective security, as strongly recommended by Oracle Software Security Assurance.
Parent topic: Preface
Diversity and Inclusion
Oracle is fully committed to diversity and inclusion. Oracle respects and values having a diverse workforce that increases thought leadership and innovation. As part of our initiative to build a more inclusive culture that positively impacts our employees, customers, and partners, we are working to remove insensitive terms from our products and documentation. We are also mindful of the necessity to maintain compatibility with our customers' existing technologies and the need to ensure continuity of service as Oracle's offerings and industry standards evolve. Because of these technical constraints, our effort to remove insensitive terms is ongoing and will take time and external cooperation.
Parent topic: Preface
Related Resources
- Oracle Banking Microservices Architecture Product User Guides
- Oracle Banking Microservices Architecture API Security Guide
Parent topic: Preface
Conventions
The following text conventions are used in this document:
| Convention | Meaning |
|---|---|
|
boldface |
Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary. |
|
italic |
Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values. |
|
|
Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter. |
Parent topic: Preface
Acronyms and Abbreviations
Table -1 Acronyms
| Abbreviation | Description |
|---|---|
| JWE | JSON Web Encryption |
| JWS | JSON Web Signature |
| JWT | JSON Web Token |
| OAM | Oracle Access Manager |
| OSSA | Oracle Software Security Assurance |
| SAML | Security Assertion Mark-up Language |
| SSO | Single Sign-On |
| SSL | Secure Sockets Layer |
Parent topic: Preface