Oracle%20Financial%20System - PowerPoint PPT Presentation

About This Presentation
Title:

Oracle%20Financial%20System

Description:

The Financial Management Project (FMP) is a university-wide ... Logic is executed through the Web Application Server's PL/SQL Cartridge, and Java servlets ... – PowerPoint PPT presentation

Number of Views:91
Avg rating:3.0/5.0
Slides: 22
Provided by: financialm6
Category:

less

Transcript and Presenter's Notes

Title: Oracle%20Financial%20System


1
  • Oracle Financial System
  • Mary Ann Carr
  • September 14, 2000

2
Financial Management Project
  • The Financial Management Project (FMP) is a
    university-wide initiative to improve Carnegie
    Mellons financial systems and processes. FMP
    includes implementation of
  • Integrated financial system (Oracle)
  • Redesigned work processes
  • Financial policies and consistent,
    university-wide procedures
  • Comprehensive user education

3
Oracle Implementation Timeline
  • May 1997 - Acquired Oracle Applications and
    development tools
  • August 1997 - Beta Test Grants Management
  • 1998 - 1999 - Project Implementation
  • November 1999 - Big Bang Go-Live
  • Today - System Stabilization and Upgrade
    Preparation
  • - 300 Central and Campus Business Users
  • - 600 Casual Users

4
FMP Deployment Requirements
  • Support all major campus desktop platforms
  • Achieve excellent performance on all platforms
  • Implement a thin client
  • Minimize software installation, distribution and
    maintenance
  • Leverage existing infrastructure
  • Mitigate any/all security risks

5
Oracle Applications Overview
  • Core Financial Applications
  • Self Service Web Applications
  • Application Desktop Integrator Applications
  • Budget Spreadsheet
  • Feeder File Interface System
  • CITRIX Application Server

6
Core Financial Applications - Overview
  • Internet (Network) Computing Architecture
  • Multi-Tier Tier Architecture
  • Database Tier - DB, stored procedures,
    executables
  • Application - web server, forms server
  • Client - java-enabled web browser or applet
    viewer, forms client applet
  • GUI Interface with Thin Client Implementation
  • Java Applet connects to Oracles forms server,
    excepting initial signon HTML page

7
Multi-Tier Architecture
8
Self Service Web Applications
  • Web-based Interface for Casual Users (travel
    expense reporting, pcard distributions)
  • HTML and JavaScript
  • Direct connection to an HTTP listener running
    Oracle Web Application Server
  • Logic is executed through the Web Application
    Servers PL/SQL Cartridge, and Java servlets
  • Database communication via JDBC

9
Application Desktop Integrator
  • Excel-based interface and extension to Oracle
    application database
  • Supports budget entry, journal entry, reporting,
    and analysis
  • Communicates via SQLNet to database

10
Budget Spreadsheet
  • Custom Excel-based budgeting tool
  • Template files stored on file server
  • Working budget files updated and stored locally
  • Two possible transport mechanisms
  • Budget inload functionality of ADI
  • Web-based upload to interface tables

11
Feeder File Interface System
  • Mechanism for uploading feeder files for import
    into Oracle GL and/or GM
  • Validates and inloads feeder transactions
  • Provides e-mail notification of process
    success/failure

12
CITRIX Application Server
  • NT terminal server implementation to support
    UNIX, Macintosh and low-end PCs
  • Access to Core Financials
  • Access to ADI
  • Possible file server for budget spreadsheet

13
System Configuration
14
Core Financial Applications Security
  • Features
  • Signed Java Applet guarantees its authenticity to
    the forms client and ensures that the forms
    server only accepts connections from certified
    forms clients (open TAR)
  • All communication between the Forms client applet
    and forms server is encrypted using the RSA RC4
    40-bit standard form of encryption
  • Application level security intact login
    id/password challenge/response
  • Concerns
  • Neither Web Browser (w/Java Plug-In, Jinitiator)
    nor Applet Viewer supports Secure Socket Layer
    transport (data encryption between the client and
    web server) at this timedesire for stronger
    encryption
  • No certified Macintosh or Unix JVM as of 3/31/99
  • Additional login/passworddesire to move to
    kerberos-based single sign-on

15
Self Service Web Applications Security
  • Features
  • Supports Secure Socket Layer transport (data
    encryption between the client and web server)
  • Application level security intact login
    id/password challenge/response
  • Concerns
  • Additional login/passworddesire to move to
    kerberos-based single sign-on

16
Application Desktop Integrator Security
  • Features
  • Application level security intact encrypted
    login id/password challenge/response
  • Ability to implement Oracles advanced networking
    option for stronger encryption
  • Concerns
  • Additional login/passworddesire to move to
    kerberos-based single sign-on.
  • Physical security of local filestraining issue
  • Excel is susceptible to viruses... train users to
    use anti-virus protection and to use caution when
    enabling embedded macros

17
Budget Spreadsheet Security
  • Features
  • Supports Secure Socket Layer transport (data
    encryption between the client and web server) via
    HTTPS to upload site
  • Kerberos authentication of Andrew ID
  • Concerns
  • Physical security of local filestraining issue
  • Excel is susceptible to viruses... train users to
    use anti-virus protection and to use caution when
    enabling embedded macros

18
Feeder File Interface Process Security
  • Features
  • Secure transfer options
  • HTTPS - andrew authenticated and SSL encrypted,
    web-based upload
  • SCP - encrypted transfer via public key
    encryption for unix to unix transfers
  • Secured directory structure based on
    authenticated user id and limited access (only
    upload or download)
  • Concerns
  • Physical security of local files with hardcoded
    login/passwordtraining issue

19
CITRIX Application Server Security
  • Features
  • Standard NT account security (encrypted login)
  • RSA RC5 add-on option
  • Secured directory structure based on
    authenticated user id and limited access
  • Supports all standard Oracle application security
    features
  • Concerns
  • Virus susceptibilityuse anti-virus protection
  • Security holes in NTapply service paks and all
    patches

20
FMP Application Security
FMP Application Security
  • Application Username/Password
  • Custom responsibilities determine which forms,
    reports, functions, and data users can access
  • Employee level set-ups determine approval
    relationships (workflow) and purchasing authority
  • Secured value sets limit the range of data
    users can access by responsibility
  • Customizations provide additional security to
    implement business rules, e.g. GM Award Security
    Extension

21
Additional Security Measures
  • Fire wall (TIS) prevents direct connection to any
    administrative host
  • Business Net isolates trusted user community
    (caveat need to verify on an on-going basis)
  • SSH 1.2.26 for encrypted developer connections
  • Reset Oracles default passwords for root
    accounts
  • Audit user sessions (performance considerations)
Write a Comment
User Comments (0)
About PowerShow.com