Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Case - Study For EBS Security

    Încărcat de

    Ashok Thiyagarajan
    43 vizualizări3 pagini
    downloaded security important docs

    Titlu original

    Case_Study for EBS Security

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    DOCX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    downloaded security important docs

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    43 vizualizări3 pagini

    Case - Study For EBS Security

    Încărcat de

    Ashok Thiyagarajan
    downloaded security important docs

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    New Feature: Enhance Security with Non-Reversible Hash Password

    NORMAL ENCRYPTION:
    Normal Encryption password can be decrypted by following cyberattacks.
    Dictionary and Brute Force Attacks

    Dictionary
    Attack

    Brute Force
    Attack

    Trying apple:
    failed
    Trying blueberry:
    failed
    Trying s3cr3t :
    success!
    Trying aaaa : failed
    Trying aaab : failed
    Trying acdc :
    success

    HASH-MODE ENCRYPTION:
    The best way to protect passwords is to employ salted password hashing.
    Hash algorithms are one way functions. They turn any amount of data into a
    fixed-length "fingerprint" that cannot be reversed.
    EXAMPLE:
    hash("hello") =
    2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824

    New Feature: Enhance Security with Non-Reversible Hash Password

    USING AFPASSWD TO MIGRATE TO A PASSWORD HASHING SCHEME


    HASHING IN EBS:
    You can optionally use AFPASSWD to migrate Oracle E-Business Suite
    user passwords to a password hashing scheme.
    The migration converts the passwords for local Oracle E-Business Suite
    users (that is, users stored in the FND_USER table) from their current
    encryption to a non-reversible password hashing scheme, thus making the
    passwords non-recoverable.
    The option to migrate to the SHA hash mode is deprecated in Release ATG
    12.1.3+, 12.2.3+ and higher. You should now migrate only to SHA-256,
    SHA-384, or SHA-512.
    To migrate Oracle E-Business Suite user passwords to a password hashing scheme,
    specify the AFPASSWD command with the following options.

    AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -m <HASH_MODE>


    {FULL|BACKGROUND|PARTIAL}
    The AFPASSWD migration option does not affect existing password schemes
    for the following types of users:

    New Feature: Enhance Security with Non-Reversible Hash Password

    Oracle E-Business Suite database users


    Users whose passwords are managed externally in a third-party LDAP
    directory, such as Microsoft Active Directory
    Users whose passwords are managed externally in Oracle Internet Directory
    Use this command to convert all local Oracle Application User encrypted
    passwords to a non-reversible, non-recoverable hash scheme:
    SYNTAX:
    FNDCPASS <logon> 0 Y <system/password> <mode> <algorithm>
    EXAMPLE:
    FNDCPASS apps/apps 0 Y system/manager USERMIGRATE SHA

    S-ar putea să vă placă și