1 2 Previous Next 15 Replies Latest reply on May 23, 2016 9:08 AM by handat

    EBS R12.2.5 Cloud

    Beauty_and_dBest

      Hi ALL,

       

      I am currently studying docs about cloud.

       

      Re: Doc ID 2066260.1

       

      Note: We highly recommend you to use the https protocol, not the http protocol, in all deployments.

      The http examples shown in this document are only intended to demonstrate how a security list can be set up: they are not a recommendation to use this protocol.

       

      I can not understand much about cloud security>  http or https connection.

      If I deploy my EBS cloud using http by default, can I switch it or change it to https? and vice versa?

       

      How do you know  that https is secure? and http is not? or Can I secure my http connection, if I allow only my IP address to connect to it and  not all other IPs?

       

       

      Kind regards,

        • 1. Re: EBS R12.2.5 Cloud
          Bashar.

          Hi,

           

          You may review the following document for details on enabling secure access to EBS 12.2 instances:

           

          Enabling SSL or TLS in Oracle E-Business Suite Release 12.2 (Doc ID 1367293.1)

           

          The https protocol ensures that the data traffic is encrypted.

          You can switch between https and http at any time.

          Even if you allow only your IP to access the cloud instance, this does not guarantee that the traffic is encrypted unless you use https.

           

          Regards,

          Bashar

          1 person found this helpful
          • 2. Re: EBS R12.2.5 Cloud
            Beauty_and_dBest

            Thanks

             

            I seee....  "encryption" is the key word, so https is encrypted. Does this mean they can tamper the data or just able to see it?

            But It seems not really a big deal if some of our the data is seen by other people? or how can they get interested of it?

            • 3. Re: EBS R12.2.5 Cloud
              Bashar.

              Usually it involves sniffing the data to find anything useful.

              We are talking about business data that is usually sensitive. It has to be secured while transmitted over the internet.

              If any data theft takes place then you are the one to blame!

              Some companies establish a secure connection to their cloud environment and this makes it not necessary to implement SSL or TLS for their EBS system.

               

              Regards,

              Bashar

              1 person found this helpful
              • 4. Re: EBS R12.2.5 Cloud
                Beauty_and_dBest

                Thanks bashar

                 

                I do not understand other secure connection protocols SSL TLS etc. I just want to implement the most basic and simple one. So this is using https right?

                You just set it to https and it is automatically secured?

                • 5. Re: EBS R12.2.5 Cloud
                  handat

                  Both. SSL/TLS prevents hackers from seeing your data as well as changing it on the fly. For example, when you order something, you don't want people to see your credit card details nor do you want them to change the delivery address or quantity for example.

                  1 person found this helpful
                  • 6. Re: EBS R12.2.5 Cloud
                    handat

                    Using https ensures that connections to your web/app server are encrypted. It does not guarantee complete security like someone stealing your password, etc.. Also make sure you use proper CA signed certificates instead of self-signed certificates so you can be sure you are connecting to your servers instead of some bogus servers imitating to be yours.

                    1 person found this helpful
                    • 7. Re: EBS R12.2.5 Cloud
                      Beauty_and_dBest

                      Thanks handat and bashar,

                       

                      Do I need to worry about those hackers even if I used Oracle Cloud? Or does Oracle Cloud takes care of it, thru the use https.

                      Is CA certificates  still needed even if we are in Oracle Cloud https?

                      • 8. Re: EBS R12.2.5 Cloud
                        handat

                        You NEED to worry about hackers if you use any cloud services with oracle cloud being no exception to this. Having a CA certified certificate is even more important when using a cloud service as it sits on the internet and is subject to dns spoofing attacks.

                        Additionally, when using the cloud, your authentication services also need to be SSL/TLS encrypted, so if you are using LDAP for your users, make sure it is using LDAPS to ensure that all your passwords are send via secure ldap (ldaps) instead of just plain unencrypted ldap.

                        1 person found this helpful
                        • 9. Re: EBS R12.2.5 Cloud
                          Roy-Susmit

                          Anything and everything that you are deploying,configuring,maintaining or using outside your organization firewall you should be using Encryption Technologies. For Web Based Access(HTTP Layer) SSL/TLS(Latest) being the solution.

                          However if its a demo/vision thing without any critical data (that again you have to analyze) you can use simple HTTP. Check if Oracle Public Cloud allows a simple HTTP or it mandates the sue of HTTPS(i have not yet deployed any instance in OPC so i am not sure).

                          1 person found this helpful
                          • 10. Re: EBS R12.2.5 Cloud
                            Beauty_and_dBest

                            Thanks ALL,

                             

                            We always assume it is for PROD instance.

                            So this is what I need as base line or basic requirement to implement EBS Cloud.

                             

                            1. CA certificates.

                            2. Https.

                            3. What else?

                             

                            What is LDAP, how do I know if we use it of not. Afaik, we are currently using standard ISP internet provider for office and home.

                            • 11. Re: EBS R12.2.5 Cloud
                              handat

                              Are your EBS users in the DB or are they using SSO? SSO usually need users to be in LDAP.

                              1 person found this helpful
                              • 12. Re: EBS R12.2.5 Cloud
                                Beauty_and_dBest

                                They are just direct connect to internet.

                                We do not have LDAP. In our internet ISP provider we just type http://app.oracle.com:8000

                                • 13. Re: EBS R12.2.5 Cloud
                                  handat

                                  Just make sure that any connection to and from your cloud based app is using an encrypted protocol when traversing the internet. If its a direct connect, you may be ok depending on how trustworthy and secure your isp is. If in doubt, enable encryption.

                                  1 person found this helpful
                                  • 14. Re: EBS R12.2.5 Cloud
                                    Beauty_and_dBest

                                    Yeah, I thought CA signed certificates is the one handling this?

                                    1 2 Previous Next