E-Business Suite Security with Transport Layer Security (TLS) - Printable Version +- Oracle Forum - The Knowledge Center for Oracle Professionals - Looking Beyond the Possibilities (http://www.oraerp.com) +-- Forum: News and Career (http://www.oraerp.com/forum-41.html) +--- Forum: Other - Non-product related Oracle Discussions (http://www.oraerp.com/forum-20.html) +---- Forum: News (http://www.oraerp.com/forum-27.html) +---- Thread: E-Business Suite Security with Transport Layer Security (TLS) (/thread-71311.html) |
E-Business Suite Security with Transport Layer Security (TLS) - admin - 01-06-2015 Oracle ATG Group has announced through Steven Chan Blog by Elke Phelps (Oracle Development) on Jan 05, 2015It seems fitting to start 2015 with a security-related blog post about Secure Socket Layer (SSL) and Transport Layer Security (TLS). TLS is the successor to SSL. TLS, like SSL, is a protocol that encrypts traffic between applications and servers. TLS is based on SSL 3.0. TLS 1.0 is sometimes referred to as SSL 3.1. Going forward you will hear us talk more about TLS and less about SSL.TLS is considered to be more secure than SSL. All systems that use SSL 3.0 may be vulnerable to a design vulnerability in SSL’s handling of block cipher mode padding. The Padding Oracle on Downgraded Legacy Encryption (POODLE) attack is one possible attack vector for web browsers and web servers.Oracle E-Business Suite customers can migrate to TLS and mitigate the effects of POODLE attacks by following:
|