Oracle Hospitality Cruise Fine Dining System Security Guide Release E

Similar documents
Oracle Hospitality Cruise Meal Count System Security Guide Release 8.3 E

Oracle Hospitality Cruise AffairWhere Security Guide Release E April 2017

Oracle Hospitality Inventory Management Security Guide Release 9.1 E

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E June 2016

Oracle Hospitality Cruise Fleet Management Security Guide Release 9.0 E

Oracle Hospitality OPERA Exchange Interface Cloud Authentication. October 2017

Oracle Hospitality ecommerce Integration Cloud Service Security Guide Release 4.2 E

Oracle Payment Interface Token Proxy Service Security Guide Release 6.1 E November 2017

Oracle Hospitality ecommerce Integration Cloud Service Security Guide Release 18.1 E

Oracle Hospitality e7 Point-of-Sale. Security Guide

Oracle Hospitality RES 3700 Security Guide Release 5.5 E May 2016

Oracle Hospitality RES 3700 Server Setup Guide Release 5.5 E May 2016

Oracle Hospitality MICROS Commerce Platform Release Notes Release Part Number: E December 2015

Oracle Hospitality Suite8 Export to Outlook User Manual Release 8.9. July 2015

Oracle Communications Services Gatekeeper

Security Guide Release 4.0

Oracle Hospitality Simphony First Edition Venue Management (SimVen) Installation Guide Release 3.8 Part Number: E

Oracle Hospitality Cruise Shipboard Property Management System Topaz Signature Device Installation Guide Release 8.00 E

Oracle MICROS Simphony Server Setup Guide Server Version 1. April 2015

Oracle Hospitality Materials Control. Server Sizing Guide

Oracle Enterprise Manager Ops Center

Oracle Payment Interface Installation and Reference Guide Release E April 2018

Oracle Communications Configuration Management

Oracle Hospitality BellaVita Hardware Requirements. June 2016

Oracle Hospitality e7 Point-of-Sale Release Notes. Release 4.2

Oracle Hospitality Suite8 XML Export of Invoice Data for Hungarian Tax Authority Release and Higher E November 2016

Oracle Hospitality OPERA Property Management Security Guide Versions: Part Number: E

StorageTek Linear Tape File System, Library Edition

Oracle Hospitality 9700 Point-of-Sale Server Setup Guide - Server Version 2 Release 4.0 Part Number: E July 2016

Oracle Simphony Venue Management (SimVen) Installation Guide Release Part Number: E

Oracle Hospitality Simphony Venue Management Installation Guide Release 3.10 E March 2018

Oracle Hospitality Simphony Cloud Services Post-Installation or Upgrade Guide Release 2.10 E July 2018

Oracle Hospitality Query and Analysis Languages and Translation Configuration Guide. March 2016

Secure Configuration Guide

Oracle mymicros.net, icare, myinventory and mylabor Self Host Release Notes Release v April 2015

Oracle Hospitality Materials Control Release Notes. Release 8.32

Database Change Reference Release 6.3

Recipe Calculation Survey. Materials Control. Copyright by: MICROS-FIDELIO GmbH Europadamm 2-6 D Neuss Date: August 21 st 2007.

Microsoft Active Directory Plug-in User s Guide Release

Oracle Hospitality Simphony Engagement Cloud Service Release Notes Release 2.0 E January 2016

Oracle Hospitality Cruise Silverwhere Release Notes for GDF Interface and Template Release 8.0. March 2016

Oracle Hospitality Cruise Fleet Management Release Notes Release 9.0 E

Oracle Hospitality BellaVita Adding a New Language Release 2.7. September 2015

Oracle Hospitality e7 Point-of-Sale Release Notes. Release 4.4 Global

Oracle Linux. UEFI Secure Boot Signing Key Update Notice

What s New for Cloud at Customer What's New for the Cloud Services on Oracle Cloud at Customer New Documentation for Oracle Cloud at Customer

PeopleSoft Fluid Required Fields Standards

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Installing and Updating Local Software Packages 12c Release

Oracle Enterprise Manager

Oracle Utilities Opower Custom URL Configuration

Oracle Hospitality Simphony Venue Management Release Notes Release 3.9 E March 2017

Report Management and Editor!

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Hardware and Software Configuration

Microsoft Internet Information Services (IIS) Plug-in User s Guide Release

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need

General Security Principles

JavaFX. JavaFX System Requirements Release E

Defining Constants and Variables for Oracle Java CAPS Environments

Oracle Retail MICROS Stores2 Functional Document Sales - Receipt List Screen Release September 2015

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Creating vservers 12c Release 1 ( )

Oracle Enterprise Manager Ops Center E Introduction

Oracle Configuration Manager

Oracle Hospitality Simphony First Edition Server Setup Guide - Version 2.0 Release 1.7 Part Number: E February 2016

Introduction to Auto Service Request

Materials Control. Account Classes. Product Version Account Classes. Document Title: Joerg Trommeschlaeger

Oracle Hospitality Hotel Mobile Release Notes. Release (1.30)

Copyright 1998, 2009, Oracle and/or its affiliates. All rights reserved.

Oracle Payment Interface Oracle Hospitality OPERA Property Management System Installation Guide Release 6.1 E

PeopleSoft Fluid Icon Standards

Taleo Enterprise Deep Linking Configuration Guide Release 17

Oracle. Field Service Cloud Using the Parts Catalog

OKM Key Management Appliance

Oracle Enterprise Manager Ops Center. Introduction. Creating Oracle Solaris 11 Zones 12c Release 2 ( )

Oracle Database Mobile Server

Oracle Enterprise Manager Ops Center

Oracle Hospitality Materials Control Server Sizing Guide Release 8.31 E February 2017

Oracle Hospitality Cruise Shipboard Property Management System DESKO Penta Installation Guide Release 8.00 F

Managing Zone Configuration

Oracle Enterprise Manager Ops Center. Overview. What You Need. Create Oracle Solaris 10 Zones 12c Release 3 ( )

Oracle Cloud What's New for Oracle WebCenter Portal Cloud Service

What s New for Oracle Cloud Stack Manager. Topics: July Oracle Cloud. What's New for Oracle Cloud Stack Release

Release for Microsoft Windows

Oracle Hospitality Hotel Mobile OPERA Web Services Server Installation Guide Release 1.1 E May 2017

Materials Control Recipe Reduction based on Article Defaults

Microsoft.NET Framework Plug-in User s Guide Release

Oracle Banking Channels Bank User Base

Oracle Identity Manager Connector Guide for Dropbox. Release

Oracle Hospitality Materials Control Mobile Solutions. Installation and Configuration Guide

Oracle. Field Service Cloud Using Android and ios Mobile Applications 18B

Oracle Communications WebRTC Session Controller

Oracle Cloud E

Oracle Retail MICROS Stores2 Functional Document Stores2 for Portugal Disaster Recovery Release

Oracle Utilities Meter Data Management Release Utility Reference Model Maintain Generic Usage Subscription

Oracle Enterprise Manager Ops Center. Introduction. Provisioning Oracle Solaris 10 Operating Systems 12c Release 2 ( )

Oracle Hospitality RES 3700 Enterprise Management Patch Release Notes Release Part Number: E

Oracle Hospitality OPERA Exchange Interface HTTP Communication Specification for Business Event XML Retrieval. October 2017

Oracle Communications Convergent Charging Controller. Sample Message Flows Reference Guide Release 6.0.1

Oracle Utilities Advanced Spatial and Operational Analytics

User's Guide Release

Oracle Fusion Middleware Oracle Stream Analytics Release Notes. 12c Release ( )

Transcription:

Oracle Hospitality Cruise Fine Dining System Security Guide Release 9.0.2.29 E99054-01 August 2018

Copyright 2015, 2018, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle. ii

Contents Preface... 2 Audience... 2 Customer Support... 2 Documentation... 2 Revision History... 2 1 Fine Dining System Security Overview... 3 Basic Security Considerations... 3 Overview of Fine Dining System Security... 3 Fine Dining System Architecture Overview... 3 Technology... 3 User Authentication... 4 Understanding the Fine Dining System Environment... 4 Recommended Deployment Configurations... 5 Component Security... 6 Operating System Security... 6 Oracle Database Security... 6 2 Performing a Secure Fine Dining System Installation... 7 Pre-Installation Configuration... 7 Fine Dining System Installation... 7 Post-Installation Configuration... 7 Operating System... 7 Application... 8 Passwords Overview... 8 Contents 1

Audience Preface This document provides security reference and guidance for Fine Dining System. This document is intended for: Customer Support Documentation Revision History System administrators installing Fine Dining System. End users of Fine Dining System. To contact Oracle Customer Support, access My Oracle Support at the following URL: https://support.oracle.com When contacting Customer Support, please provide the following: Product version and program/module name Functional and technical description of the problem (include business impact) Detailed step-by-step instructions to re-create Exact error message received and any associated log files Screen shots of each step you take Oracle Hospitality product documentation is available on the Oracle Help Center at http://docs.oracle.com/en/industries/hospitality/ Date Description of Change August 2018 Initial publication 2 Preface

1 Fine Dining System Security Overview This chapter provides an overview of Oracle Hospitality Fine Dining System security and explains the general principles of application security. Basic Security Considerations The following principles are fundamental to using any application securely: Keep software up to date. This includes the latest product release and any patches that apply to it. Limit privileges as much as possible. Users should be given only the access necessary to perform their work. User privileges should be reviewed periodically to determine relevance to current work requirements. Monitor system activity. Establish who should access which system components, and how often, and monitor those components. Install software securely. For example, use firewalls, secure protocols using Transport Layer Security (TLS) (SSL), and secure passwords. See Chapter 2 Performing a Secure Fine Dining System Installation for more information. Use secure development practices. For example, take advantage of existing database security functionality instead of creating your own application security. Keep up to date on security information. Oracle regularly issues securityrelated patch updates and security alerts. You must install all security patches as soon as possible. See the Critical Patch Updates and Security Alerts website: http://www.oracle.com/technetwork/topics/security/alerts-086861.html Overview of Fine Dining System Security Fine Dining System Architecture Overview Fine Dining System uses N-Tier Architecture and is a collection of applications and interfaces. It is scalable and do not have to be deployed on a single machine. Technology Fine Dining System product is developed using industry standards of encryption. Every communication can be configured to use TLS if required. It also uses powerful encryption/hashing algorithms (Microsoft Windows Data Protection Application Programming Interface (DPAPI), Password-Based Key Derivation Function 2 (PBKDF2)) to encrypt and store sensitive information like application user passwords, application configuration information and database user passwords. Fine Dining System Security Overview 3

Figure 1 Fine Dining System Architecture User Authentication Overview Authentication is the process of ensuring that people are who they say they are. Client Authentication All users credentials of Fine Dining System are stored in the database. Anyone who wish to access the clients must provide a valid user name and password. To ensure strict access control of the Fine Dining System, always assign unique usernames and complex passwords to each user. Password must be at least 8 characters long including letters and numbers. Database Users Fine Dining System works with both Oracle Server databases. Understanding the Fine Dining System Environment When planning your Fine Dining System implementation, consider the following: Which resources need to be protected? o o o You need to protect customer data. You need to protect internal data, such as proprietary source code. You need to protect system components from being disabled by external attacks or intentional system overloads. 4 Fine Dining System Security Overview

Who are you protecting data from? For example, you need to protect your subscribers data from other subscribers, but someone in your organization might need to access that data to manage it. You can analyze your workflows to determine who needs access to the data; for example, it is possible that a system administrator can manage your system components without needing to access the system data. What will happen if protections on strategic resources fail? In some cases, a fault in your security scheme is nothing more than an inconvenience. In other cases, a fault might cause great damage to you or your customers. Understanding the security ramifications of each resource will help you protect it properly. Recommended Deployment Configurations This section describes the recommended deployment configurations for Fine Dining System. The Fine Dining System product can be deployed on a single server or in a cluster of servers. The simplest deployment architecture is the one shown in Figure 2 - Single- Computer Deployment Architecture. This single-computer deployment may be cost effective for small organizations; however, it cannot provide high availability because all components are stored on the same computer. In a single server environment such as the typical installation, the server should be protected behind a firewall. Figure 2 - Single-Computer Deployment Architecture. The general architectural recommendation is to use the well-known and generally accepted Internet-Firewall-DMZ-Firewall-Intranet architecture shown in Figure 3 - Traditional DMZ View. Fine Dining System Security Overview 5

Figure 3 - Traditional DMZ View The term demilitarized zone (DMZ) refers to a server that is isolated by firewalls from both the Internet and the intranet, thus forming a buffer between the two. Firewalls separating DMZ zones provides two essential functions: Blocking any traffic types that are known to be illegal Providing intrusion containment, should successful intrusions take over processes or processors Component Security Operating System Security Prior to installation of Fine Dining System, it is essential that the operating system are updated with the latest security updates. Refer to the following Microsoft TechNet articles for more information about operating system security: Windows Server 2012 Security Windows Server 2008 R2 Security Oracle Database Security Oracle Database Refer to the Oracle Database Security Guide for more information about Oracle Database security. 6 Fine Dining System Security Overview

2 Performing a Secure Fine Dining System Installation This chapter presents planning information for your Fine Dining System installation. Pre-Installation Configuration Prior to installation of Fine Dining System, perform the following tasks: Apply critical security patches to the operating system Apply critical security patches to the database server application Acquire TLS compliant security certificate from Certification Authority Fine Dining System Installation You can perform a custom installation or a typical installation. Perform a custom installation to avoid installing options and products you do not need. If you perform a typical installation, remove or disable features that you do not need after the installation. The installation requires the user running the installation to have an administrator privileges. No other users have the required access to successfully complete the installation. When creating a database, enter a complex password that adheres to the database hardening guides for all users. The following modules are required for proper operation of the system: DMS Web Service Helper DMS Database Installer DMS Display DMS System DMS Web Service DMS Mobile Client DMS Mobile Service DMS Mobile Updater Service Post-Installation Configuration This section explains the additional security configuration steps to complete after Fine Dining System is installed. Operating System Turn On Data Execution Prevention (DEP) Turn on DEP if required. Refer to the Microsoft product documentation library at https://technet.microsoft.com/en-us/ for instructions. Turning Off Auto Play Turn off Auto play if required. Refer to the Microsoft product documentation library at https://technet.microsoft.com/en-us/ for instructions. Performing a Secure Fine Dining System Installation 7

Turning Off Remote Assistance Turn off Remote Assistance if required. Refer to the Microsoft product documentation library at https://technet.microsoft.com/en-us/ for instructions. Application Software Patches Apply the latest Fine Dining System patches available on My Oracle Support, if any. Follow the deployment instructions included with the patch. Passwords Overview The configuration of Fine Dining System product passwords is performed in the Fine Dining System Administration module. Administrators are recommended to configure a strong password policy after initial installation of the application and review the policy periodically. Maintaining Strong Passwords Ensure that passwords adhere to the following strength requirements: 1. The password must be at least 8 (eight) characters long. 2. The password must contain letters, numbers. 3. Must not choose a password equal to the last 3 (three) passwords used. Change Default Passwords Fine Dining System is installed with a default administrative user and password. Please change the default administrative user password in the Fine Dining System, following the above guidelines, after logging in for the first time. Configure User Accounts and Privileges When setting up users of the Fine Dining System application, ensure that they are assigned the minimum privilege level required to perform their job function. User privileges are described in Access Control of the user guide. 8 Performing a Secure Fine Dining System Installation

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback