Oracle ERP Cloud Securing Oracle ERP Cloud

Download Oracle ERP Cloud Securing Oracle ERP Cloud

Post on 11-Feb-2017

221 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • OracleERP CloudSecuring Oracle ERP Cloud

    Release 9

  • Oracle ERP Cloud Securing Oracle ERP Cloud

    Part Number E55801-02

    Copyright 2011-2014, Oracle and/or its affiliates. All rights reserved.

    Authors: Marilyn Crawford, Jeffrey Scott Dunn, Vic Mitchell, P. S. G. V. Sekhar, Angie Shahi

    This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected byintellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast,modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, ordecompilation of this software, unless required by law for interoperability, is prohibited.

    The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them tous in writing.

    If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the followingnotice is applicable:

    U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulationand agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operatingsystem, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictionsapplicable to the programs. No other rights are granted to the U.S. Government.

    This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use inany inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerousapplications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. OracleCorporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

    Oracle and Java are registered trademarks of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

    Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks orregistered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks ofAdvanced Micro Devices. UNIX is a registered trademark of The Open Group.

    This software or hardware and documentation may provide access to or information on content, products and services from third parties. Oracle Corporationand its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. OracleCorporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products,or services.

    For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc

    Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.

    http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacchttp://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacchttp://www.oracle.com/pls/topic/lookup?ctx=acc&id=infohttp://www.oracle.com/pls/topic/lookup?ctx=acc&id=infohttp://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs

  • Oracle ERP CloudSecuring Oracle ERP Cloud

    Contents

    Preface i

    1 An Overview of Securing Oracle Cloud 1Securing Oracle ERP Cloud: Overview ...................................................................................................................... 1

    Security Principles: How They Are Applied ............................................................................................................... 4

    Oracle Applications Cloud Services Security: Explained ............................................................................................ 5

    Security Across Access Methods: How It Is Enforced ............................................................................................... 6

    Role-based Security .................................................................................................................................................. 8

    Oracle Applications Cloud Security Business Fit: Explained ..................................................................................... 11

    Security Setup ........................................................................................................................................................ 12

    2 Preparing the Cloud Service for Implementation Users 14Creating Implementation Users ............................................................................................................................... 14

    Assigning Abstract and Implementation Roles ........................................................................................................ 18

    Resetting the Cloud Service Administrator Sign-In Details: Procedure ..................................................................... 19

    3 Preparing the Cloud Service for Application Users 20Preparing Oracle Applications Cloud for Application Users: Overview ...................................................................... 20

    User and Role-Provisioning Setup: Critical Choices ................................................................................................ 20

    User Account Creation Option: Explained ............................................................................................................... 21

    Default User Name Format Option: Explained ......................................................................................................... 22

    User Account Role Provisioning Option: Explained .................................................................................................. 23

    User Account Maintenance Option: Explained ........................................................................................................ 24

    Send User Name and Password Option: Explained ................................................................................................ 25

    Setting the User and Role Provisioning Options: Procedure .................................................................................... 27

    Oracle Applications Cloud Password Policy: Explained ........................................................................................... 28

    Provisioning Abstract Roles to Users Automatically: Procedure ............................................................................... 28

    FAQs for Preparing for Application Users ................................................................................................................ 30

  • Oracle ERP CloudSecuring Oracle ERP Cloud

    4 Creating and Managing Application Users 31Creating Users Using the Create User Task: Procedure .......................................................................................... 31

    Importing Users: Explained ..................................................................................................................................... 32

    Importing Users: Worked Example .......................................................................................................................... 33

    Inactive Users Report Reference ............................................................................................................................. 36

    FAQs for Creating and Managing Application Users ................................................................................................ 36

    5 Provisioning Roles to Application Users 39Role Mappings: Explained ....................................................................................................................................... 39

    Creating a Role Mapping: Procedure ...................................................................................................................... 41

    Role Provisioning and Deprovisioning: Explained ..................................................................................................... 42

    Autoprovisioning: Explained ..................................................................................................................................... 43

    Role Provisioning Status Values: Explained ............................................................................................................. 44

    User and Role Access Audit Report Reference ....................................................................................................... 46

    FAQs for Provisioning Roles to Application Users ................................................................................................... 47

    6 Customizing Security 51Security Terminology: Explained .............................................................................................................................. 51

    Preparing for Security Customizations: Points to Consider ...................................................................................... 52

    Security Customization: Points to Consider ............................................................................................................ 52

    Managing Resources and Roles ............................................................................................................................. 53

    Managing Data Roles .............................................................................................................................................. 57

    Managing Data Security Policies ............................................................................................................................. 62

    Creating Custom Duty Roles .................................................................................................................................. 66

    FAQs for Customizing Security ............................................................................................................................... 74

    7 Synchronizing User and Role Information with Oracle IdentityManagement

    77

    Synchronization of User and Role Information with Oracle Identity Management: How It's Processed ...................... 77

    Scheduling the LDAP Daily Processes: Procedure .................................................................................................. 79

    Send Pending LDAP Requests: Explained .............................................................................................................. 80

    Retrieve Latest LDAP Changes: Explained .............................................................................................................. 81

  • Oracle ERP CloudSecuring Oracle ERP Cloud

    8 Implementing Security in Oracle Fusion Financials 82Implementing ERP Security: Overview ..................................................................................................................... 82

    General Ledger ....................................................................................................................................................... 83

    Ledger Security ....................................................................................................................................................... 83

    Security on a Chart of Accounts ............................................................................................................................. 85

    FAQs for General Ledger ........................................................................................................................................ 89

    Payables ................................................................................................................................................................. 90

    Subledger Accounting ............................................................................................................................................. 90

    Cash Management .................................................................................................................................................. 92

    Assets ..................................................................................................................................................................... 93

    Payments ................................................................................................................................................................ 94

    9 Implementing Security in Oracle Fusion Project Portfolio Management 100Provisioning Access to Project Execution Management Applications: Overview ..................................................... 100

    Project User Account and Role Provisioning Statuses: Explained .......................................................................... 101

    Provisioning Project Resources on the Manage Project User Provisioning Page: Procedure ................................... 103

    Provisioning Project Resources on the Manage Project Enterprise Resources Page: Explained .............................. 105

    Project Roles in Project Execution Management Applications: Explained ............................................................... 105

    FAQs for Project Roles ......................................................................................................................................... 106

    10 Implementing Security in Oracle Fusion Procurement 108Agent Security: Explained ..................................................................................................................................... 108

    Create Procurement Agent: Critical Choices ......................................................................................................... 108

    Supplier User Provisioning : How It Works ............................................................................................................ 109

    Supplier User Account Administration: Explained ..................................................................................

Recommended

View more >