Web Services Security Overview
About Web Services security challenges
Discussing key Web Services security concepts
About XML and Web Services security standards
Getting Started with Oracle Enterprise Gateway 11g
Describing the role Oracle Enterprise Gateway plays in a multilayered security deployment for Web Services
Describing the capabilities of Oracle Enterprise Gateway
Describing the Oracle Enterprise Gateway components
Become familiar with the OEG user interface
Configuring an Oracle Enterprise Gateway instance
Registering Web Services in OEG
Describing the capabilities of registered Web Services
Outlining the main steps of registering services in OEG
Applying policies to the registered services
Monitoring, Logging and Tracing
Monitoring traffic by using OEG monitoring tools
Identifying the differences between OEG logging and tracing
Copyright © 2013, Oracle. All rights reserved. Page 2
Configuring log settings
Setting tracing levels
Viewing trace information
Managing OEG Configurations
Describing OEG configuration structure
Managing a deployed configuration
Managing configuration versions
Importing and Exporting configuration data
Fault Handling
Changing default fault information that is passed back by OEG
Registering a fault handler
Using OEG’s trace to see why messages are blocked
Blocking XML Threats
Describing the different types of XML threats
Identifying the filters that block specific threats
Accelerating XML and Managing Traffic
Describing how Caching improves performance
Configuring Caches in OEG
Managing traffic
Configuring SSL
Describing how OEG manages Certificates and Keys
Describing SSL support in the Enterprise Gateway
Setting up SSL
Setting up mutual SSL
Securing XML Messages
Using policy to verify a Digital Signature
Using policy to encrypt data
Transforming message utilizing XSLT to remove sensitive data
Securing Web Services
Using the WS-Security Username Token to authenticate a user
Configuring security policies from WSDL files
Securing SOA Applications with OEG and OWSM
Describing security for SOA
Explaining how OSB virtualize SOA applications
Describing the OWSM architecture
Securing SOA composite applications by using OWSM security policy
Using OEG, OSB, and OWSM to provide end-to-end security for SOA composite applications
Integrating with Identity and Access Management
Describing how OEG works with Oracle Access Manager (OAM) for authentication
Describing how OEG leverages Oracle Entitlements Server (OES) for fine-grained authorization
Securing Services in the Cloud
Describing Cloud security risks
Copyright © 2013, Oracle. All rights reserved. Page 3
Describing how to secure API keys using OEG