Oracle Cloud offers a broad portfolio of software as a service applications, platform as a service, and social capabilities, all on a subscription basis. Oracle Cloud delivers instant value and productivity for end users, administrators, and developers alike through functionally rich, integrated, secure, enterprise cloud services.
 Get a Free Magzine ...Profit:The Executive's Guide to Oracle Applications

Subscribe to the OracleAppsHub to receive notifications when there are new posts:

 get RSS feed
 Oracle Fusion Applications (OFA) is a portfolio of next generation suite of software applications from Oracle Corporation. It is distributed across various product families; including financial management, human capital management, customer relationship management, supply chain management, procurement, governance, and project portfolio management
 Get a Free Magzine ...Profit:The Executive's Guide to Oracle Applications

Security Profile Options in Managing a Secure Oracle Applications Environment

Posted on July 31st, 2011 by Sanjit Anand ||Email This Post Email This Post

Have you tried OracleappsHub in ipad/iphone/smart Phone? Don't wait. try it today

These Profile are recomended by Oracle strongly in secureing configuration of Oracle E-Business Suite production systems.

  • FND Validation Level : Provides in depth defense against parameter and URL tampering.

Recommended Setting: ERROR

  • ICX: Session Timeout :Idle Session Timeout. The numeric value greater than 4 (in minutes) that a SSWA session can be idle before expiring. A 0/NULL will disable timeout.

This profile option determines the length of time (in minutes) of inactivity in a user’s form session before the session is disabled. Once session is disabled , the user is provided the opportunity to re-authenticate and re-enable their timed-out session. If the reauthentication is successful, the disabled session is re-enabled and no work is lost. Otherwise, the session is terminated without saving pending work.

Recommended Setting: 30 min

  • ICX: Limit Time :Absolute maximum length of time (in hours) of any user session, active or inactive.

This profile defines the maximum connection time for a connection – regardless of user activity.
If ‘ICX:Session Timeout’ is set to NULL, then the session will last only as long as ‘ICX: Limit Time’, regardless of user activity.

  • Signon Password Failure Limit :A positive integer to limit maximum number of logon attempts before the user’s account is disabled.
  • Restrict text Input :Detects Cross Site Scripting(XSS) and other HTML injection attacks by hackers which gives access to your website and database.

Recommended Setting: Yes

  • Utilities:Diagnostics :Value determines whether diagnostic utilities, such as Help -> Tools -> Examine, may be used.

Set to No, to disable a user to view any internal form field.

Related Posts

Posted in Oracle Application, Security | No Comments »Email This Post Email This Post |

Have you tried OracleappsHub in ipad/iphone/smart Phone? Don't wait. try it today
Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.