Upload
edwinlorenzana
View
3.088
Download
5
Tags:
Embed Size (px)
DESCRIPTION
Oracle Open World S308250 Securing Your People Soft Application using Identity Management Technologies
Citation preview
S308250 Securing Your PeopleSoft Application Greg KellyProduct Strategy Manager, PeopleTools
Edwin Lorenzana IDM Program Manager, City of Boston
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions.The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Definitions
• Identity Management (IDM): IDM is the process by which various components in an identity management system manage the account life cycle for network entities in an organization, and most commonly refers to the management of an organization’s application users
• Provisioning refers to a technology and process based solution for enforcing and managing the creation, read, update, and deletion of user accounts based on a defined security policy. Provisioning is also a means of propagating security policy, for example by setting access rights on management systems based on group memberships and/or role assignments
• Authentication: The process of verifying the identity claimed by an entity based on its credentials
• Authorization: Authorization is the process of determining if a user has the right to access a requested resource
• Authorization Policies: Declarations that define entitlements of a security principal and any constraints related to that entitlement
• Account Life Cycle : The steps that are taken to provision access for a user to a given system resource
• RBAC – Role based access: Providing access to a system resource based on programmatic logic based on roles
• Authoritative Resource: System of reference for employment status and position description
• Target System Resource: System/application where the automated provisioning will occur
• LDAP: The Lightweight Directory Access Protocol is an application protocol for querying and modifying directory services running over TCP/IP
• Single Sign On: is a property of access control of multiple, related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems
What is IDM ?Identity and Access as a Service
End Users
Policy Managers
Apps & Services
DBAs
Self-Service
DelegatedAdministration
Identity & RoleLifecycle Management
IdentityAnalytics
Authentication &Authorization
Monitoring
FraudPrevention
Workflow
RBAC & SoD
Benefits Trusted and reliable security
Efficient regulatory compliance
Lower administrative and dev costs
Enable online business networks
Better end-user experience
New Hire
Step TwoManager submits forms &
phone calls for access· Facilities/Security· Telecom· MIS
Step ThreeHelpdesk receives forms &
assigns to appropriate department
· LAN· App SQL· BAIS· Facitlities
DatabaseStorage GroupActive Directory
Account
Step FourSystem admin per resource creates accounts & access
· AD Account· Application access· Telecom· Facilities· Desktop set up· Security badge
Step OneEmployee is entered into PeopleSoft HR system
· Payroll· Benefits· Job Data
Step FiveSystem Administrators
& Physical access support teams notify the employee’s manager of the completed
items.Manager approves & notifies new hire
Account Life CycleWhat are we capturing??Manual-New Hire-Employee Provisioning Process
Account Life CycleWhat about removal of access?Manual – Employee De-Provisioning Process
Step ThreeHelpdesk receives forms &
assigns to appropriate department
· LAN· App SQL· BAIS· Facitlities
DatabaseStorage GroupActive Directory
Account
Step FourSystem admin per resource removes accounts & access
· AD Account· Application access· Telecom· Facilities· Desktop set up· Security badge
Step OneHR is notified of the
employee termination
· Payroll· Benefits· Job Data
Step FiveSystem Administrators
& Physical access support teams notify the employee’s manager of the completed
items.Manager is notified
Leaves the City of Boston
Step TwoManager submits forms &
phone calls for access termination
· Facilities/Security· Telecom· MIS
Phase 1PeopleSoft Integration
In an IDM Integration PeopleSoft plays two roles
• Authoritative Resource
• Target System/Resource
Business Requirement
In fiscal year 2007-2008 the City of Boston (COB) contracted Oracle Identity Management consultants, KPMG auditors and independent security consultants to assess COB’s various MIS environments. One of the focused areas was the current lifecycle of user identities across the enterprise and the existence of data security controls on COB’s user stores and applications. The findings developed two sets of goals:
• The first set goals are driven by business demands to provide a single sign on solution that will streamline the account lifecycle by providing an automated provisioning solution along with improvements of the current authentication and authorization methods
• A secondary set of goals have been set by the regulatory and audit findings from the 07 KPMG audit of COB’s Financial and MIS systems. These audit findings require COB to establish a security and risk management strategy that provides controls that will satisfy regulatory compliance requirements. The solution needs to safeguard the privacy data of City of Boston residents and employees found in the various user account repositories and applications managed by the COB MIS teams
PeopleSoft/IDM Integration Goals
Address the City of Boston’s tactical need to provision PeopleSoft HCM user accounts to support its rollout of PeopleSoft Portal and Employee Self-Service by implementing the following solutions:
• An Authoritative Resource for user data
• Centrally managed LDAP directory
• Automated provisioning of PeopleSoft user accounts
• Access control to PeopleSoft Portal/Self-Service
PeopleSoft Integration Challenges
Define an Authoritative Resource for user data
• Discover which user directory/user store contains all user data
• The directory must provide data that is related to the users employment status and describe the users position
• Define the account life cycle for employees and non-employees
• Data required for an IDM integration is usually not collected by an organization in a centralized location
• The directory/user store must be able to communicate with the IDM suite
PeopleSoft Integration Challenges
Centrally Managed LDAP Directory
• An enterprise user directory containing all users does not exist
• The current Active Directory LDAP environment is highly decentralized and accounts are managed independently across departments within City of Boston. Active Directory domain trusts are not implemented.
• Decentralization, while sensible within the distributed, autonomous culture of the City’s departments, inevitably leads to inconsistent levels of security across the Active Directory domain.
• The absence of a centrally managed LDAP directory will need to be addressed before a Single sign-on solution could be implemented.
PeopleSoft Integration Challenges
Automated provisioning of PeopleSoft user accounts
• The primary obstacle to the initial rollout is the fact that thousands of new user accounts must be provisioned in a secure and efficient manner
• Ensure that access to employee data is limited to the given employee
• Provide non-employee access to the portal
• Ensure that accounts are disabled at termination of employment
• Provide a roadmap to meeting audit & compliance goals
PeopleSoft Integration Challenges
Access control to PeopleSoft Portal/Self-Service
• Integrate with existing PeopleSoft authentication
• Provide Web Single Sign On
• Centralize Password Self Service
• Delegate Administration by non IT/MIS staff
• Integrate with the Enterprise Directory
• Provide enforcement of the password policy
PeopleSoft Integration Solutions
Define an Authoritative Resource for user dataPeopleSoft HR
• The PeopleSoft HR database will serve as the authoritative source for all identity data within the City of Boston as it contains all employee data
• Programmatic authentication/access decisions will be made by the IDM system based on user status & job data received from PeopleSoft
• PeopleSoft will be responsible for triggering the updates of an account status within the IDM provisioning system
• PeopleSoft can be configured to maintain the account lifecycle for employees and non-employees
• PeopleSoft can be configured to collect user & job data required by an IDM implementation
• PeopleSoft is compatible with the messaging and LDAP requirements of the IDM suite
PeopleSoft Integration Solutions
Centrally managed LDAP directoryOracle Internet Directory (OID)
• OID is the enterprise directory for all user accounts
• OID provides a secure industry standard protocol (LDAP) for authentication
• A centralized enterprise directory simplifies the integration of applications
• The enterprise directory provides applications the ability to authenticate all users that currently exist across the various Active Directory environments
• Provides integration with Oracle Identity Management (OIM) for automated account provisioning employees and non-employees
• Integration with Oracle Access Manager will lead to single sign on
PeopleSoft Integration Solutions
Automated provisioning of PeopleSoft user accountsOracle Identity Management (OIM)
• OIM provides automated account provisioning of users/employees
• OIM receives real time user status messages from PeopleSoft
• The access logic is based on user job data from PeopleSoft
• Automated provisioning targets the HCM, Portal & OID system
• Non-employees are created manually & given role based access in OIM
• Integration with OIM provides the ability to enforce IDM policies & controls
• Integration with OIM lays the foundation for audit and compliance
• OIM can be configured to maintain the account lifecycle for employees and non-
employees based on PeopleSoft data
PeopleSoft Integration Solutions
Access control to PeopleSoft Portal/Self-Service
Oracle Access Manager (OAM)
• Application single sign-on allows users who have been authenticated by OAM to access applications without being re-authenticated.
• OAM integrates with PeopleSoft’s Single Sign technology via secured headers and/or cookies
• OAM when integrated with OID also provides an option for LDAP authentication for PeopleSoft applications
• Self service password reset can be provided by OAM or OIM
• OAM allows for delegated administration
Implementation Issues• Governance
– IT Security Policies– Data Standards– Account Standards
• Business Process– Account Lifecycle– Data Standards
• Technology– Architecture (deployment of firewalls & web-gates)– Introduction of Reverse Proxy– Database Encryption for account data– Role Based Access – (AD groups vs OVD groups)– Software Development Lifecycle
• Support– Internal IDM Support– Knowledge Transfer from implementation– Help Desk Support– Branding– Training
Lessons Learned• Governance
– IT Security Policies– Assign a Data Steward
• Business Process– Account Lifecycle– Development Lifecycle
· Uses cases· Test Scripts
• Technology– Architecture (deployment of firewalls & web-gates)– Group assignment (roles) (AD groups vs OVD groups)– Architecture Security (firewall/web gates)– Data & Password encryption (OIM/OID)
• Support– Oracle Support / Integration Partner– Architecture direction – stay on the oracle roadmap– Proper internal support
· Java developer· LDAP admin· Integration support (web)· Integration support (servers
Next Steps Continuous Improvement
Infrastructure ExpansionEnhanced authentication and single sign-on for applications
authenticated via the Enterprise Directory
• Oracle Virtual Directory– Provides real time change of access as employees change
positions
• Active Directory Integration – Automated Account Provisioning for windows logins– Active Directory Password Sync
• Audit & Compliance– Attestation/Recertification for non-employee accounts– Attestation/Recertification for service accounts
Next Steps – Enterprise Directory
ProposedEnterprise Application Authentication Model
Via Oracle Virtual DirectoryUsing AD/ IDM Directory Architecture
OVDOracle Virtual Directory Server
OIDOracle Internet
Directory
AssesingMicrosoft
Active Directory
BPSMicrosoft
Active Directory
PoliceMicrosoft
Active Directory
ISDMicrosoft
Active Directory
DNDMicrosoft
Active Directory
Boston-nt-netMicrosoft
Active Directory
BPLMicrosoft
Active Directory
FireMicrosoft
Active Directory
Enterprise Applications
OAMOracle Access
Manager
Em
p D
ata
Mes
sag
ing
Em
plo
yee
Acc
ess
Ver
ific
atio
n
Authentication Model IntroductionIn this model, we assume that all Active Directory (AD) and Oracle Internet Directory (OID) user stores on the directory level contain a common unique identifier (employee ID) for each user account.
In this model we have an OID “enterprise directory” that synchronizes with the main source of enterprise employee information for all users (PeopleSoft).
For each user in the OID enterprise directory, there is a corresponding account in Microsoft Active Directory for user-authentication & group permission purposes via the OVD layer.
PeopleSoft Environment
OIMEnvironment
Authentication via the Hub
Authentication outside the Hub
Colors
By
Jessie
· HR Account Life Cycle – Completed
(capture of procedures)
· Hire, Transfer & Termination
Procedures
· BAIS HCM Process
(PeopleSoft)
· IDM Process
· AD Account Life Cycle -
· AD Provisioning Procedures
· BAIS HCM Process
(PeopleSoft)
· IDM Process
· Application Account Life Cycle
· Application Provisioning
Procedure
· BAIS HCM Process
(PeopleSoft)
· IDM Process
Account LifecycleBusiness ProcessGovernance
Drive Enterprise Direction & Standards
· Governance standards
· Governance Board Charter
· Selecting Members/Owners
· Business Policy / IT Policy
· Current Policy
· Policy creation & approval
· Data Standards & Procedures -
· HR Data Standards
· BAIS HCM Process
(PeopleSoft)
· IDM Process
· Directory Standards & Procedures-
· Business Requirements
· Data Requirements
· Directory Requirements
· Functional, Security &
Provisioning Procedures
· Application Standards & Procedures-
· Business Requirements
· Data Requirements
· Functional, Security &
Provisioning Procedures
Standardizing Employee ID as the Unique Identifier in the Enterprise
· Account Matching & Data
Recertification
· Acct Matching &
Recertification Tool
· HR Reps Data Recertification
· AD Admin Data Recertification
· Emp ID Data Load Process
· Active Directory- Emp- ID
Implementation
· Emp ID as Username
· Emp ID E-mail Alias
· Application– Emp- ID Implementation
· Emp ID as Username
· Emp ID E-mail Alias
ID Aggregation (UID) & Sync
Application Integration
Enterprise Directory access for Applications,
· Authentication & Single Sign On
· Integration & authentication
with Oracle Internet Directory (OID) to provide access to the enterprise user store via LDAP
· Authentication via Oracle
Access Manager(OAM) to provide single sign on
· Integration with OAM to
enforce password policy
· User Management & Provisioning
· Implement user management
tools
· Automate Provisioning/De-
Provisioning procedures
· Provide auditing & reporting of
the life cycle of the users various application accounts
Infrastructure ExpansionImplement Virtual Directory
· Implement Virtual Directory
· Business Requirements
· Employee ID Data Standards
· Role Based Standards
(e.g. OU/Containers)
· Authentication Standards
· Define Functional, Security &
Provisioning Procedures
Enterprise DirectorySupport Model
· Data & Business Processes
· Governance Board
· HR Departments
· Business Analyst – MIS
· Functionality Development & Support
· PeopleSoft - BAIS
· IDM – App-SQL
· Active Directory – AD group
· Administration
· IDM App-SQL
· Active Directory Group
· Application Owner
· Help Desks
· Audit & Reporting
· Enterprise Security Team
· IDM-App SQL
Enterprise Directory ServicesGoals
· Enterprise Security Model
· Establish a governance board to define security
priorities in the area of privacy and compliance requirements
· Establish the PeopleSoft HR user store as the
authoritative source for the status of all City of Boston employees
· Role based assignment based on HR department &
job data
· Automated user account lifecycle events based on
triggers from HR data
· Improved tracking of non-employees using PeopleSoft
functionality
· Enterprise Directory Services
· Provide authentication for the City wide user store
· Group employees by their current HR department ID to
support future role based assignment
· Provide authentication services for applications in the
various AD Domain environments
· Improve legal and regulatory compliance by enforcing
standard policies at all points of entry (e.g. password policy)
· Implement password synchronization in AD directories
and application user stores
· Enterprise Access Control & User Management
· Document the business requirements for user access
& management as defined by the business owners
· Implement functionality that supports centralized
management of user identities & role based assignment of resources while maintaining delegated administration capabilities for business lines
· Improve user experience by enabling single sign-on &
password self service
· On demand compliance monitoring via IDM services
· Enterprise wide workflow and policies to accommodate
job changes
· Automate non-employee & privileged account
recertification process
· Reduce operating costs related to user administration
Phase 1 Phase 5Phase 4Phase 3Phase 2
Infrastructure ExpansionActive Directory Integration
· Implement AD Password Sync Tools
· Data Standards
· Implement AD User Management Tool
(Provisioning)
· Business Requirements
· Data Requirements
· Enterprise Directory
Requirements
· Functional, Security &
Provisioning Procedures
Next Steps – Enterprise Directory Service Model
31
Market Drivers/Business NeedsSecurity Administration
• Market Drivers• Industry Requirements• Government Mandates
• Business Need• Customer Adoption of Standards• Reduce Audit Impact
• Value Proposition• With every release of PeopleTools, we strengthen existing, or
add new, security features.
32
New and Changed FeaturesSecurity Administration
We are taking steps to increase the infrastructure security for those customer who have invested in Oracle and are able to take advantage of Oracle Technology security features. Auditors are requiring and customers are requesting the capability of protecting data at rest in the database, establishing segregation of duties in database administration and more granular auditing of PeopleSoft across the enterprise.
• Support for Transparent Data Encryption (TDE) and Oracle Data Vault (ODV)
• Support for Oracle Audit Vault
33
New and Changed FeaturesSecurity Administration
We are also extending the available resources for the Identity Lifecycle by facilitating the adoption of resources and disciplines to protect user access and file transfer and to reduce the cost of deployment.
• Preconfigured integration with Oracle Access Manager• Support for FTPS (FTP security)• Support for Microsoft ADAM (AD LDS)• Use of JNDI libraries for LDAP support
34
New and Changed FeaturesSecurity Administration
We continue to deliver increased protection for system to system or services based communication by extending the web service security option available. This protection is also based on open standards.
• SAML for web services security (note: NOT federated identity)
• Extended WS-Security support
35
New and Changed FeaturesSecurity Administration
In PeopleTools 8.50 we have added additional hardening features to mitigate abusive access attempts and to reduce data leakage.
• Decoupled PS_HOME• Server based anti-virus• Background tasks to remove orphan files on the web
server/app, server mitigating data leakage• Mitigation of abusive access attempts (bot based)
– Configurable error messages for incorrect login, reduces data leakage (some hackers use the error messages to modify their attempts)
– Throttling invalid access attempts• Reducing false positives from threat analysis (customers
are using more of these threat analysis tools)
38
SAML Support Description
• With PeopleTools 8.50, you can now secure web services using SAML, providing greater flexibility and granularity. This is based on node to node certificate trust.
Note: This is NOT SAML support for user authentication or an integration with identity federation. SAML is a token based on standards, NOT a standard token. SAML is not synonymous with Identity Federation
39
SAML Support Business Need and Benefits
• PeopleSoft can now verify user IDs included in the SOAP header or associated with a node definition before invoking a web service request. The user ID must be defined in the system as a valid PeopleSoft ID, and, as with any other user ID in the PeopleSoft system, the user ID gains access to system resources through permission lists.
• The Web Services page in the permission lists component enables you to assign web service permissions to user IDs.
40
SAML Support Setup and Process
Go to SAML Inbound Setup: PeopleTools > Security>SAML Administration Setup > SAML Inbound Setup
43
FTPS SupportDescription
• In PeopleTools 8.50 we will be introducing support for FTPS using file transfer libraries.
• SFTP is still facilitated using the ftpunx script customization
So when will SFTP be supported … ?
44
FTPS Support Business Need and Benefits
• This will provide secured file transfer capability on all platforms
• Although PeopleSoft always considered that FTP servers would be protected behind corporate firewalls customers and their auditors have raised concerns
• Corporations are insisting on building security into their infrastructures
45
FTPS SupportSetup and Process
• Certificate Alias
• The Certificate Alias must be an alias name of a certificate stored in thedatabase (using the PeopleTools Digital Certificates page).
• Verify Host
• 0: Do not verify the server for host name.
• 1: Checks if there exists any value in the common name field in the server certificate. Does not verify if it matches with what the client specifies.
• 2: (Default) Checks for a match with the hostname in the URL with thecommon name or Subject Alternate field in the server certificate.
• Verify Peer
• False: Do not verify the Peer.
• True: (Default) Verify Peer. This will authenticate the certificate sent by the server.
• SSL Usage Level
• 0 - No SSL: No SSL will be used.
• 1 - Try SSL: Try using SSL, proceed as normal otherwise.
• 2 - SSL for Control: Require SSL for the control connection.
47
Oracle Access Manager PeopleSoft Native Support
• Business Benefits– This feature provides check box configuration for OAM with
PeopleSoft
• Business Need/Business Benefits– This feature will simplify adoption by PeopleSoft customers of OAM
Note: With the release of PeopleTools 8.50, PeopleSoft will be dropping native support for OSSO
49
TDE and Data Vault Support
• While customers have implemented TDE and Data Vault with PeopleSoft, this feature provides support for install and Upgrade
• Transparent Data Encryption
• Oracle Data Vault
50
Data Encryption Challenges
• Meeting Regulatory Requirements surrounding Data protection of PII data.
– In recent years there have been numerous incidents of identity theft and credit card fraud resulting in damages reaching into the tens of millions of dollars.
– Protecting against these types of threats requires security solutions that are transparent by design.
– Universities and health care organizations are tightening security around personally identifiable information (PII) such as social security numbers while retailers are working to comply with PCI-DSS requirements.
51
Transparent Data Encryption -TDE Benefits
• What are the benefits of using the Transparent Data Encryption (TDE)?
– TDE Is Application Transparent: • No Views Required• Application logic performed thru SQL will continue to work • Transparent Key Management and Separation of Duty• Manages the encryption keys transparently• Encrypts the index value associated with a given application table
– Regulatory compliance• Media protection: (For data at rest )
– Disk drive replacement or backup tapes• Low implementation costs:
– No database triggers or views required– Index support for equality searches
52
Database Vault Support
• There is no explicit integration between PeopleSoft and the Oracle DB Vault feature.
• Templates for DB Vault Rule-sets which can be used with a PeopleSoft installation have been developed and posted on the Oracle technology network (OTN).
• http://www.oracle.com/technology/software/products/database_vault/index.html
– Database Vault 9.2.0.8 security policies for PeopleSoft – Database Vault 10.2.0.3 security policies for PeopleSoft
• Database Vault 10.2.0.3 security policies for PeopleSoft can also be used for 11g
• Separate templates exist for each version of Oracle where DB Vault is supported. These templates are applicable to the following PeopleSoft releases: PT8.2x, PT8.4x and beyond
53
Data Vault Support PeopleSoft Realm
• This realm protects against unauthorized access by privileged users to business data. It protects all objects owned the PeopleSoft Access Id in addition to some PeopleSoft database roles. Access to this Realm is granted to PeopleSoft Access Id as well as the user PSFTDBA.
• The user PSFTDBA is a new user designed to do administration activities on the PeopleSoft applications (such as patching) but it is not allowed to access business data inside the PeopleSoft applications.
• The PeopleSoft Access Id authorization is restricted to specific processes. This is enforced through the PeopleSoft Access Rule Set.
http://www.oracle.com/technology/software/products/database_vault/index.html (see link for “Database Vault 10.2.0.3+ and 11.1.0.6+ security policies for
PeopleSoft”)
54
Database Vault (DBV) can help mitigate the risks of the following regulations at the data tier level
Regulatory Legislation Regulation Requirement Does DBV Mitigate
This Risk? Sarbanes-Oxley Section 302 Unauthorized changes to data Yes
Sarbanes-Oxley Section 404 Modification to data, Unauthorized access Yes
Sarbanes-Oxley Section 409 Denial of service, Unauthorized
access Yes
Gramm-Leach-Bliley Unauthorized access,
modification and/or disclosure Yes HIPAA 164.306 Unauthorized access to data Yes HIPAA 164.312 Unauthorized access to data Yes
Basel II – Internal Risk Management Unauthorized access to data Yes CFR Part 11 Unauthorized access to data Yes
Japan Privacy Law Unauthorized access to data Yes
Data Vault Support PeopleSoft Realm
Oracle Database Vault can be used to help fulfill various compliance related requirements, such as the following:
Feature Overview
• AppServer and PRCS domain configuration outside PS_HOME
• Support existing behavior but not as default• Allows customer to:
– Deploy secure-by-default environment– Minimize disk-space by PS_HOME sharing– Apply patches easier– Reduce administration overhead
• No impact to Web Server – PIA deployment
Secure PS_HOME Overview
• Install PeopleTools using admin account making directory tree read-execute only
• Create and start domains using a restricted account which cannot write to PS_HOME
• Achieved using:– Management of users and groups– Root / sudo access– Network drives on Windows
• Technique used should be suited to the security processes for the organization in question
Secure PS_HOME
• PeopleSoft Applications no longer write to PS_HOME at runtime - all writes now outside PS_HOME
• Installation should be performed by an admin user who can restrict write-access access to the PS_HOME directory tree– On UNIX this may be achieved using umask settings – On Windows this is achieved by installing with an admin
account
• Due to differences between user and security models on UNIX and Windows steps taken are quite different
Sys Admins – Action Items
1. Review System and Server Administration PeopleBooks
2. Identify post-installation customizations required => ensure these are done using the installer admin account
3. Decide on whether to deviate from the default PS_CFG_HOME
4. Test the environment to verify security
5. Identify and resolve any problems
63
Other Features
• ADAM (AD LDS) Support• JNDI Replacing LDAP libraries• Securing Server Based File Directories• PIA Hardening• MCF/CTI
– Presence– UAD– CTI Applet– Genesys
65
• PeopleTools Strategy eMail• [email protected]
• PeopleTools on Oracle Wiki• http://wiki.oracle.com/page/PeopleSoft
• PeopleSoft discussion forums• http://forums.oracle.com/forums/category.jspa?categoryID=152
• PeopleTools Blog landing page• http://blogs.oracle.com/peopletools
• Open Group Jericho Forum "de-perimeterization":• http://www.opengroup.org/jericho/deperim.htm
• Oracle's Critical patch Update• http://www.oracle.com/security/critical-patch-update.html
More Information
66
Go to OTN - Oracle Technology Networkhttp://www.oracle.com/technology/index.html
Look at the upper right hand corner ( Account | Manage Subscriptions | Sign Out ) Make sure you're logged in, thenClick on “Manage Subscriptions” Scroll down to “Opt-in to Oracle Communications” Check box for “Oracle Security Alerts - Get the latest Security Alerts issued by
Oracle as they become available” ... and any other alert or newsletter you want to receive Scroll down to the end of the page and "Confirm"
Not getting Security and other Alerts?
More Information
• FMW Best Practice Center for Peoplesoft– http://www.oracle.com/technology/tech/fmw4apps/peoplesoft
• PeopleSoft Tools and technology– http://www.oracle.com/technology/products/applications/peoplesoft_ent/
• PeopleSoft Technology Blog– http://blogs.oracle.com/peopletools/
• Fusion Middleware @ oracle.com– http://www.oracle.com/fusion
• Fusion Middleware @ OTN– http://www.oracle.com/technology/products/middleware
• FAQ: Using PeopleSoft Enterprise with Oracle Technology Components– http://www.peoplesoft.com/corp/en/iou/red_papers/index.jsp
68
Additional Resources
• For more information about Oracle Applications• http://www.oracle.com/us/products/applications/peoplesoft-enterprise/index.htm
• For more information about Education• http://www.oracle.com/education/index.html
• For more information about Support• http://www.oracle.com/support/
• For MetaLink information• https://metalink.oracle.com/CSP/ui/index.html
• For Oracle Product documentation:• http://www.oracle.com/applications/peoplesoft/tools_tech/ent/index.html
• Certification Information– Https://metalink3.oracle.com/od/faces/secure/km/DocumentDisplay.jspx?id=747587.1
• Technical Updates– https://metalink3.oracle.com/od/faces/secure/km/DocumentDisplay.jspx?id=764222.1