Encryption
	End User Authentication
	Single Sign-on
	Secure Sockets Layer
	DCE Integration
	Security and Directory Integration

Encryption

Oracle Advanced Security secures networks by encrypting data that flows across Net8. Encrypting data provides privacy of data during transmission; that is, (no one can read the information during transmission over a network. Oracle Advanced Security checksumming detects modifications of packets, replays of packets and missing packets. Checksumming provides data integrity - verification that data have not been tampered with during transmission. Description

RSA RC4 Public Key encryption 40, 56 and 128-bit key length encryption Data Encryption Standard (DES) algorithm support Message Digest 5 (MD5) checksumming algorithm support

End User Authentication

Authentication is used to prove the identity of the user. Passwords are the most common means of authentication. Oracle Advanced Security supports enhanced authentication by integrating tokens and biometrics to prove users' identities. The RADIUS implementation in Oracle Advanced Security allows RADIUS-compliant devices to authenticate Oracle users. Oracle Advanced Security also supports Java-based authentication to Oracle8i.

Token Authentication
Tokens or token cards are hardware devices which provide enhanced authentication. Token authentication is based on users logging in with something they know (such as a Personal Identification Number, PIN) and something they have (such as a token card).

An example of a token that authenticates Oracle users is the Security Dynamics SecurID token card. The card produces a random number at regular intervals, and the user enters the number shown on the card as a dynamic password.

Single sign-on is technology which allows a user to enter a unique username and password once, which are both subsequently used to automatically authenticate the user to a number of different web-based client applications without the user having to re-enter a username and password again. The user's roles and privileges are propagated from one application to another in the correct manner; that is, the user is appropriately privileged in the application being accessed.

Oracle Advanced Security provides single sign-on capability and thereby, the following benefits:

Oracle Advanced Security supports the Secure Socket Layer (SSL) protocol. SSL support in Oracle Advanced Security secures Net8 and the underlying networks. It provides encryption of network traffic and authentication of clients and servers using Public Key-based technology. With SSL, Oracle servers can authenticate clients via industry-standard X.509 (version 3) certificates.

Oracle Advanced Security integrates an Oracle environment into the security, directory, and transport services provided by the Open Software Foundation's Distributed Computing Environment (DCE). Oracle Advanced Security supports application portability between traditional Net8 configurations and DCE allowing development of new DCE applications, or migration of existing applications to and from DCE. Oracle Advanced Security also supports Gradient PC/DCE services on desktop platforms.

Oracle Advanced Security supports three levels of integration with DCE.

A directory service is a software process that listens for requests from clients (Web browsers, e-mail clients, management software, etc.) and processes the request by querying the directory information base, or sends the request to another directory service (referrals), and ultimately returns the results to the requestor. The concept of supporting a directory service into a computing environment is known as directory integration.

Oracle Advanced Security supports directory integration in Oracle8i. Oracle Internet Directory is the product that integrates with Oracle8i and Oracle Advanced Security to provide numerous benefits in the administration of user and privilege management in large computing environments. Such benefis include: