1 Oracle Financial System Mary Ann Carr September 14, 2000.

Slides:



Advertisements
Similar presentations
WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
Advertisements

Heroix Longitude - multiplatform, automated application performance monitoring and management software.
Chapter 17: WEB COMPONENTS
Oracle Financial System Project Team: Aseem Gupta Jeng Toa Lee Jun Lu Kevin Patrick Zhu Thomas Verghese Weicheng Wong Xuegong Wang ( Jeff ) Date : 26 th.
Netcentives Inc. 475 Brannan St. San Francisco, CA NASDAQ: NCNT Netcentives Inc. 475 Brannan St. San Francisco,
Secure Sockets Layer eXtended (SSLX) Next Generation Internet Security Overview Presentation April 2011.
1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
11/14 SNA Presentation 3 Survivable Network Analysis Oracle Financial System SNA step 3 Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song.
Charlie Crocker Vice President Farallon Geographics, Inc. An Overview of Internet Mapping Technology.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Microsoft Exchange Exchange is more than just Electronic Mail The server that embraces Internet standards and extends rich messaging and collaboration.
“This presentation is for informational purposes only and may not be incorporated into a contract or agreement.”
JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.
Course 201 – Administration, Content Inspection and SSL VPN
Best Practices for Securing Oracle EBS R12
Microsoft ® Official Course Module 9 Configuring Applications.
ADI SIG Meeting. Marsha Edgell ADI SIG Coordinator BizTech.
Copyright 2007, Information Builders. Slide 1 WebFOCUS Authentication Mark Nesson, Vashti Ragoonath Information Builders Summit 2008 User Conference June.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
Get more out of 11i with Oracle ADI Richard Byrom Oracle Applications Consultant Appsworld January 2003.
Databases and the Internet. Lecture Objectives Databases and the Internet Characteristics and Benefits of Internet Server-Side vs. Client-Side Special.
Oracle8 JDBC Drivers Section 2. Common Features of Oracle JDBC Drivers The server-side and client-side Oracle JDBC drivers provide the same basic functionality.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Chapter 4: Core Web Technologies
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
1 © All rights reserved. U.S International Tech Support
1 Copyright © 2004, Oracle. All rights reserved. Introduction to Oracle Forms Developer and Oracle Forms Services.
Uniting Cultures, Technology & Applications A Case Study University of New Hampshire.
Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.
Auditing Authentication & Authorization in Banner
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
Oracle Application Express Security. © 2009 Oracle Corporation Authentication Out-of-the-Box Pre-Configured Schemes LDAP Directory credentials Oracle.
Implementation - Part 2 CPS 181s March 18, Pieces of the Site-building Puzzle Page 180, figure 4.1.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
Computer Emergency Notification System (CENS)
Source: Peter Eeles, Kelli Houston, and Wojtek Kozaczynsky, Building J2EE Applicationa with the Rational Unified Process, Addison Wesley, 2003 Prepared.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Mainframe (Host) - Communications - User Interface - Business Logic - DBMS - Operating System - Storage (DB Files) Terminal (Display/Keyboard) Terminal.
® Gradient Technologies, Inc. Inter-Cell Interworking Access Control Across the Boundary Open Group Members Meeting Sand Diego, CA USA April 1998 Brian.
Securing Internet Access Designing an Internet Acceptable Use Policy Securing Access to the Internet by Private Network Users Restricting Access to Content.
CS 7: Introduction to Computer Programming Java and the Internet Sections ,2.1.
Operating System Security Fundamentals Dr. Gabriel.
SmartReport Backend Reporting Tool © 2003 ITC Software
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
WEB SERVER SOFTWARE FEATURE SETS
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Interstage BPM v11.2 1Copyright © 2010 FUJITSU LIMITED INTERSTAGE BPM ARCHITECTURE BPMS.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
E-commerce Architecture Ayşe Başar Bener. Client Server Architecture E-commerce is based on client/ server architecture –Client processes requesting service.
October 2014 HYBRIS ARCHITECTURE & TECHNOLOGY 01 OVERVIEW.
Introduction to Oracle Forms Developer and Oracle Forms Services
Introduction to Oracle Forms Developer and Oracle Forms Services
Introduction to Oracle Forms Developer and Oracle Forms Services
Server-to-Client Remote Access and DirectAccess
PLANNING A SECURE BASELINE INSTALLATION
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

1 Oracle Financial System Mary Ann Carr September 14, 2000

9/14/002 Financial Management Project The Financial Management Project (FMP) is a university- wide initiative to improve Carnegie Mellon’s financial systems and processes. FMP includes implementation of: Integrated financial system (Oracle) Redesigned work processes Financial policies and consistent, university-wide procedures Comprehensive user education

9/14/003 Oracle Implementation Timeline May Acquired Oracle Applications and development tools August Beta Test Grants Management Project Implementation November “Big Bang” Go-Live Today - System Stabilization and Upgrade Preparation Central and Campus Business Users Casual Users

9/14/004 FMP Deployment Requirements Support all major campus desktop platforms Achieve excellent performance on all platforms Implement a ‘thin client’ Minimize software installation, distribution and maintenance Leverage existing infrastructure Mitigate any/all security risks

9/14/005 Oracle Applications Overview Core Financial Applications Self Service Web Applications Application Desktop Integrator Applications Budget Spreadsheet Feeder File Interface System CITRIX Application Server

9/14/006 Core Financial Applications - Overview Internet (Network) Computing Architecture Multi-Tier Tier Architecture Database Tier - DB, stored procedures, executables Application - web server, forms server Client - java-enabled web browser or applet viewer, forms client applet GUI Interface with ‘Thin’ Client Implementation Java Applet connects to Oracle’s forms server, excepting initial signon HTML page

9/14/007 Multi-Tier Architecture

9/14/008 Self Service Web Applications Web-based Interface for Casual Users (travel expense reporting, pcard distributions) HTML and JavaScript Direct connection to an HTTP listener running Oracle Web Application Server Logic is executed through the Web Application Server’s PL/SQL Cartridge, and Java servlets Database communication via JDBC

9/14/009 Application Desktop Integrator Excel-based interface and extension to Oracle application database Supports budget entry, journal entry, reporting, and analysis Communicates via SQL*Net to database

9/14/0010 Budget Spreadsheet Custom Excel-based budgeting tool Template files stored on file server Working budget files updated and stored locally Two possible transport mechanisms Budget inload functionality of ADI Web-based upload to interface tables

9/14/0011 Feeder File Interface System Mechanism for uploading feeder files for import into Oracle GL and/or GM Validates and inloads feeder transactions Provides notification of process success/failure

9/14/0012 CITRIX Application Server NT terminal server implementation to support UNIX, Macintosh and low-end PCs Access to Core Financials Access to ADI Possible file server for budget spreadsheet

9/14/0013 System Configuration

9/14/0014 Core Financial Applications Security Features Signed Java Applet guarantees its authenticity to the forms client and ensures that the forms server only accepts connections from “certified” forms clients (open TAR) All communication between the Forms client applet and forms server is encrypted using the RSA RC4 40-bit standard form of encryption Application level security intact: login id/password challenge/response Concerns Neither Web Browser (w/Java Plug-In, Jinitiator) nor Applet Viewer supports Secure Socket Layer transport (data encryption between the client and web server) at this time…desire for stronger encryption No certified Macintosh or Unix JVM as of 3/31/99 Additional login/password…desire to move to kerberos-based single sign-on

9/14/0015 Self Service Web Applications Security Features Supports Secure Socket Layer transport (data encryption between the client and web server) Application level security intact: login id/password challenge/response Concerns Additional login/password…desire to move to kerberos-based single sign-on

9/14/0016 Application Desktop Integrator Security Features Application level security intact: encrypted login id/password challenge/response Ability to implement Oracle’s advanced networking option for stronger encryption Concerns Additional login/password…desire to move to kerberos-based single sign-on. Physical security of local files…training issue Excel is susceptible to viruses... train users to use anti-virus protection and to use caution when enabling embedded macros

9/14/0017 Budget Spreadsheet Security Features Supports Secure Socket Layer transport (data encryption between the client and web server) via HTTPS to upload site Kerberos authentication of Andrew ID Concerns Physical security of local files…training issue Excel is susceptible to viruses... train users to use anti-virus protection and to use caution when enabling embedded macros

9/14/0018 Feeder File Interface Process Security Features Secure transfer options HTTPS - andrew authenticated and SSL encrypted, web-based upload SCP - encrypted transfer via public key encryption for unix to unix transfers Secured directory structure based on authenticated user id and limited access (only upload or download) Concerns Physical security of local files with hardcoded login/password…training issue

9/14/0019 CITRIX Application Server Security Features Standard NT account security (encrypted login) RSA RC5 add-on option Secured directory structure based on authenticated user id and limited access Supports all standard Oracle application security features Concerns Virus susceptibility…use anti-virus protection Security holes in NT…apply service paks and all patches

9/14/0020 FMP Application Security Application Username/Password Custom ‘responsibilities’ determine which forms, reports, functions, and data users can access Employee level set-ups determine approval relationships (workflow) and purchasing authority Secured ‘value sets’ limit the range of data users can access by responsibility Customizations provide additional security to implement business rules, e.g. GM Award Security Extension

9/14/0021 Additional Security Measures Fire wall (TIS) prevents direct connection to any administrative host Business Net isolates ‘trusted’ user community (caveat: need to verify on an on-going basis) SSH for encrypted developer connections Reset Oracle’s default passwords for ‘root’ accounts Audit user sessions (performance considerations)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.