Fusion apps security_con8714_pdf_8714_0001

544 views
463 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
544
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
43
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Fusion apps security_con8714_pdf_8714_0001

  1. 1. Graphic Section Divider1 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  2. 2. Fusion Applications SecureOut of the BoxNigel King, VP Fusion ApplicationsFunctional Architecture 2 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  3. 3. Safe Harbor Statement "Safe Harbor" Statement: Statements in this press release relating to Oracles or its Board of Directors’ future plans, intentions and prospects are "forward-looking statements" and are subject to material risks and uncertainties. Many factors could affect our current expectations and our actual results, and could cause actual results to differ materially. We presently consider the following to be among the important factors that could cause actual results to differ materially from expectations: (1) Economic, political and market conditions, including the recent global economic and financial crisis, could adversely affect our business, operating results or financial condition, including our revenue growth and profitability, through reductions in customer IT budgets and expenditures and through the general tightening of access to credit. (2) We may fail to achieve our financial forecasts due to such factors as delays or size reductions in transactions, fewer large transactions in a particular quarter, unanticipated fluctuations in currency exchange rates, delays in delivery of new products or releases or a decline in our renewal rates for software license updates and product support. (3) We cannot assure market acceptance of new products or services or new versions of existing or acquired products or services. (4) We have an active acquisition program and our acquisitions may not be successful, may involve unanticipated costs or other integration issues or may disrupt our existing operations. (5) Our international sales and operations subject us to additional risks that can adversely affect our operating results, including risks relating to foreign currency gains and losses and risks relating to compliance with international and U.S. laws that apply to our international operations. (6) Intense competitive forces demand rapid technological advances and frequent new product introductions and could require us to reduce prices or cause us to lose customers. A detailed discussion of these factors and other risks that affect our business is contained in our SEC filings, including our most recent reports on Form 10-K and Form 10-Q, particularly under the heading "Risk Factors." Copies of these filings are available online from the SEC or by contacting Oracle Corporations Investor Relations Department at (650) 506-4073 or by clicking on SEC Filings on Oracle’s Investor Relations website at http://www.oracle.com/investor. All information set forth in this release is current as of October 7, 2009. Oracle undertakes no duty to update any statement in light of new information or future events.3 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  4. 4. Program Agenda • About Fusion Applications Security • Secure Out of the Box • Demonstration: Chief Security Officer • Q&A4 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  5. 5. Fusion Applications Security Role-Based Access + Comprehensive & Integrated Process Who Does What?  Role-Based Access  Reference Implementation  Oracle Identity Management5 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  6. 6. Fusion Applications Powered by Fusion Middleware • Complete • Open • Integrated • Best-in-class6 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  7. 7. Fusion Security Delivers Reduced Reduced Increased Risk Administrative Costs Productivityo Secure “Out of the Box” o Self service provisioning o Easier to make new and automated on-boarding employees productiveo Secure across tools and transformations o Transparent security o Regulatory compliance is policies easier and cheapero Secure across the information lifecycle o Standards based and o Easier for management to integrated security model review and approve accesso Integrated SOD Testing7 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. o Single sign on across apps
  8. 8. Fusion Applications Security The model is not so different… • Yes, we externalized security to Fusion Middleware, LDAP and OPSS • But we paid a lot of attention to the consistency in Fusion E-Business Suite PeopleSoftJob Role Top Level Menu Top Level MenuData Role Responsibility Employee ID + RoleDuty Role Sub Menu Role(s)Privilege Form Function Permission ListsPermission Executable Executable8 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  9. 9. Program Agenda • About Fusion Applications Security • Secure Out of the Box • Demonstration : Making a New Hire Productive • Q&A9 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  10. 10. Secure Out of the Box1. Role Based Access2. Integration with Governance Risk and Compliance3. Transparent Security Policies4. Pervasive Privacy Protections5. Secure Across the Information Lifecycle6. Automated Workflows for Account and Role Provisioning7. Enforcement Across Tools and Transformations8. Comprehensive Reference Implementation9. Complete Audit of Security Changes10. Co-existing with your current Security Infrastructure10 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  11. 11. Role Based Access Vision Enterprises You have Operations in Vision Germany Vision US Germany & the US You need to hire a “Procurement Manager” for your German Operations…11 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  12. 12. Job Posting FA Job Def Screen Job Title  Job Role All Duties assigned under Job Role 1 3 2 4 4 1 Line in Job Description  Duty 2 3 4 412 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  13. 13. Fusion Automatically Creates Business Unit specific Roles Data Role = Job + Data Access Job Role Procurement Manager Procurement Manager – Germany Procurement Manager – US13 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  14. 14. Meet Doris She applies for the job…14 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  15. 15. Doris is hired… For doing what all employees do •Expense Reports • Purchase Requisitioner For doing the job she was hired for.. Procurement ProcurementData Roles Manager - Manager - US Germany Abstract Employee Job Procurement Role Roles Manager Duty Enter Duty Buyer Mgt PO Changes Roles Enter Expenses Requisitions Roles Duty Duty 15 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  16. 16. What can Doris do and view ?Duties  Roles ProvideProvide Access to dataAccess to behind theScreens, screensReports,Dashboards Via Data Via Security Privileges 16 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  17. 17. Doris Starts Using Fusion AppsShe starts work…Sees only the Tasks she is entitled to. Sees only data for Vision Germany. 17 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  18. 18. Menu Items18 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  19. 19. Tasks19 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  20. 20. Buttons, Regions and ActionsControls access to work areas, dashboards, task flows, reports, services 20 Copyright © 2011, Oracle and/or its affiliates. All rights 20 reserved.
  21. 21. Secure OOTB: Integration with GRC  Segregation of Duties (SOD)  respected during role provisioning  you choose enforcement21 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  22. 22. Secure OOTB: Transparent Security Policies22 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  23. 23. Secure OOTB: Pervasive Privacy Protections• Fusion Applications always protect personally identifiable information (PII)• PII = any piece of information which can potentially be used to uniquely identify, contact, or locate a single person. – Social Security Number (SSN) – Driver’s license number – State or National Identifier (Identification Card number) – Passport Number – Account number, credit card number (CCN) or debit card number – Home or Physical address (e.g street address) – Email address – Telephone number 23 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  24. 24. Secure OOTB: Secure Across Info Lifecycle • Sensitive data in file system and backups (data-at- rest) protected using Transparent Data Encryption • Sensitive data in cloned, non-production databases protected using Oracle Data Masking • Sensitive data protected from database administrators and other privileged users using Oracle Database Vault24 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  25. 25. Secure OOTB: Account & Role Provisioning Oracle Identity Manager GRANT REVOKE Governance Risk GRANT REVOKE GRANT REVOKE Compliance Employee Provisioning Fusion GRC Fusion Approval Workflows Controls Applications Joins / Leaves HR System • Lower Risks • Lower Costs • Greater Productivity25 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  26. 26. Secure OOTB: Enforcement Across Tools Common Security Services • Defined Once. Used Everywhere. • Same policies used across technologies – ADF – Enterprise Search – Business Intelligence – Reporting – Mobile – Web Services26 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  27. 27. Secure OOTB: Reference Implementation OOTB  roles you will recognize as jobs  hierarchy of duties  data security policies APM  SOD Policies to extend  Provisioning Events Authorization Policy Manager  new jobs  new duties27 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  28. 28. Secure OOTB: Audit of Security Changes Manage Audit Policies • Who made what changes, when Oracle Platform Security Services28 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  29. 29. Secure OOTB: Co-existing with your current Security InfrastructureAllows a user to log in once & access all Existingapplications… Identity authentication Management Infrastructure Identity Provider Service access Custom Applications OID Federation Enabled Service Providers Applications Unlimited 29 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  30. 30. Secure Out of the Box1. Role Based Access2. Integration with Governance Risk and Compliance3. Transparent Security Policies4. Pervasive Privacy Protections5. Secure Across the Information Lifecycle6. Automated Workflows for Account and Role Provisioning7. Enforcement Across Tools and Transformations8. Comprehensive Reference Implementation9. Complete Audit of Security Changes10. Co-existing with your current Security Infrastructure30 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  31. 31. Program Agenda • About Fusion Applications Security • Secure Out of the Box • Demonstration: Making a New Hire Productive • Q&A31 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  32. 32. Demonstration32 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  33. 33. Security Flow • Set up security profile • Create data role • Create role provisioning rule • Create Employee33 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  34. 34. 34 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  35. 35. 35 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  36. 36. 36 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  37. 37. 37 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  38. 38. 38 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  39. 39. 39 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  40. 40. 40 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  41. 41. 41 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  42. 42. 42 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  43. 43. 43 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  44. 44. 44 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  45. 45. Security Flow • Set up security profile • Create data role • Create role provisioning rule • Create Employee45 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  46. 46. 46 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  47. 47. 47 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  48. 48. 48 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  49. 49. 49 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  50. 50. 50 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  51. 51. 51 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  52. 52. 52 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  53. 53. 53 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  54. 54. 54 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  55. 55. 55 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  56. 56. 56 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  57. 57. 57 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  58. 58. 58 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  59. 59. 59 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  60. 60. 60 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  61. 61. 61 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  62. 62. 62 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  63. 63. 63 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  64. 64. 64 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  65. 65. 65 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  66. 66. 66 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  67. 67. 67 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  68. 68. 68 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  69. 69. 69 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  70. 70. 70 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  71. 71. 71 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  72. 72. Security Flow • Set up security profile • Create data role • Create role provisioning rule • Create Employee72 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  73. 73. 73 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  74. 74. 74 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  75. 75. 75 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  76. 76. Security Flow • Set up security profile • Create data role • Create role provisioning rule • Create Employee76 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  77. 77. 77 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  78. 78. 78 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  79. 79. 79 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  80. 80. 80 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  81. 81. 81 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  82. 82. 82 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  83. 83. 83 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  84. 84. 84 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  85. 85. 85 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  86. 86. 86 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  87. 87. 87 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  88. 88. 88 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  89. 89. Fusion Security Delivers Reduced Reduced Increased Risk Administrative Costs Productivity89 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  90. 90. Q&A90 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  91. 91. 91 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  92. 92. 92 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  93. 93. 93 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.

×