Oracle Financial System - PowerPoint PPT Presentation

Loading...

PPT – Oracle Financial System PowerPoint presentation | free to download - id: c4286-ZDVjN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Oracle Financial System

Description:

Oracle Financial System. Project Team: Aseem Gupta. Jeng Toa ... Chinook, SUN E3500. 8CPUs, 8GB RAM. Ethernet. Outside. Firewall. Firewall. Testing. Production ... – PowerPoint PPT presentation

Number of Views:2889
Avg rating:5.0/5.0
Slides: 18
Provided by: zmo2
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Oracle Financial System


1
Oracle Financial System
  • Project Team
  • Aseem Gupta
  • Jeng Toa Lee
  • Jun Lu
  • Kevin
  • Patrick Zhu
  • Thomas Verghese
  • Weicheng Wong
  • Xuegong Wang ( Jeff )

Date 26th September, 2001
2
AGENDA
  • Project Objective
  • Project Scope and Plan
  • Team Charter
  • Communication Plan
  • System Understanding

3
Project Objective
Understand Survivability Risks and Strategies to
improve survivability
  • A university-wide accounting and financial system
  • Services
  • Financial service modules
  • Self-service applications
  • Application desktop integrator (ADI)
  • Budget spreadsheet
  • Integrate feeder systems
  • Billing, reporting, reconciliation

4
Milestone Chart
2
3
1
4
Milestone 1
Milestone 2
Milestone 3
Milestone 4
Define Essential Services
System Understanding
Survivability Analysis
Define Intrusion Scenarios
  • D 4.1 Identify Strategies for Survivability
  • Resistance
  • Recognition
  • Recovery
  • D 4.2 Develop Criteria for choice of strategy to
    the architecture
  • D 4.3 Make Recommendations
  • D4.4 Identify Next Steps
  • D4.5 Customer Review
  • D 2.1 Developing Usage scenarios
  • D2.2 Identifying Essential Services and Assets
  • D2.3 Identifying essential service/ assets usage
    scenarios
  • D2.4 Identifying Essential Components
  • Identify required architecture parts
  • Tracing Scenarios
  • D2.5 Customer Review
  • D 1.1 Project Team Created, Team Charter
  • D 1.2 Communication Plan
  • D1.3 Understanding Existing System
  • Network Topology
  • Hardware and Software Components
  • User Functions and Workflows
  • Critical Services and Assets
  • Administrative Control Domains
  • Vendor Dependencies
  • Connectivity with other Systems
  • Security Components and Policies
  • Attack and Intrusion Experience
  • D 1.4 Project Plan Created
  • D 3.1 Create Attacker Profiles
  • Identify resources, time, tools, risk,access and
    objectives of the attackers
  • D3.2 Develop Intrusion Scenarios
  • Determine usage scenarios
  • Identify compromisable components
  • D3.3 Customer review

Satyajeet Grover
for any queries
5
Project Plan
6
Team Charter
7
Communication Plan
8
System Understanding
9
System Architecture
10
System Topology
Wind, ES450 2 CPUs, 1GB RAM
Testing
Ethernet
Mistral, Sun E4500 8 CPUs, 8GB RAM
Production
Chinook, SUN E3500 8CPUs, 8GB RAM
Outside Firewall
Firewall
Disaster Recovery
11
System Transactions
  • Transaction volume
  • Database grows at 2GB/month
  • Traffic
  • Self-services users around 4,000 people
  • Every day users around 100 people
  • System developer
  • 1 project leader
  • 2.5 DBAs

12
All Stakeholders
  • Module users
  • Super user who own a module and is responsible
    for it
  • Purchasing module
  • Accounts payable module
  • Accounts receivable module
  • Grants module
  • General ledger
  • Labor distribution module
  • Power users
  • Business administrator, Government fund manager
  • System developers
  • Project manager, DBAs
  • Individual users

13
System Requirements
  • Support all major campus desktop platforms
  • Achieve excellent performance on all platforms
  • Implement a thin client
  • Minimize software installation, distribution and
    maintenance
  • Leverage existing infrastructure
  • Mitigate any/all security risks

14
Security/Survivability Strategies
  • Signed Java Applet
  • RSA RC4 40-bit standard from of encryption
  • Secure Socket Layer
  • Kerberos-based authentication
  • IP filtering
  • Firewall
  • Disaster Recovery

15
Disaster Recovery
  • Backup
  • - The production system shut down at 4am for
    1-1.5 hours
  • - Flush over to the Recovery system every 10-15
    minutes
  • - The disaster recovery system also keeps 1 day
    and 5
  • minute transactions
  • Survivability risks
  • If the production system is down, it takes 2
    hours to fill over
  • Minor system upgrade takes 6 months
  • Ever attacked?
  • Nobody intruded or found intruded.
  • The system was down twice due to the hardware
    failure. The longest was half a day.

16
Security Policies
  • Badge to access the system machines
  • Andrew ID to log into the first system
  • Application Password to launch the applications
  • IP address filtering
  • Module owners have different access right based
    on the properties of their modules
  • DBAs have limited access right to the production
    system

17
Next Steps
  • Identify Intruder Profiles
  • Identify Intrusion Scenarios
About PowerShow.com