Oracle Advanced Security
Oracle Advanced Security is a security option for the Oracle Database 10g Release 2. Introduced in Oracle8i, Oracle Advanced Security combines network encryption, database encryption and strong authentication together to help customers address privacy and compliance requirements.
- Transparent Data Encryption
- Network encryption and data integrity
- Strong authentication
Transparent Data Encryption
Transparent Data Encryption provides an easy and effective protection of stored data by transparently encrypting data (using 3DES168 or AES with up to 256 bits) at the column level.
Network encryption
When information travels to and from the Database, Oracle Advanced Security Option provides a high level of security by offering support for the following encryption standards:
- RC4 (40, 56, 128, and 256 bits)
- DES (40 and 56 bits)
- 3DES (2 and 3 keys)
- AES (128, 192, and 256 bits)
Data integrity
Oracle Advanced Security also protects the integrity of information, making sure the message hasn't been modified since it
left the source by adding an encrypted digest to the message, using the following algorithms:
Oracle Advanced Security 8.1.6. has been evaluated under FIPS 140-1 at the Level 2 security level. To achieve the same level of security for your configuration, follow these instructions.
Strong authentication
Passwords alone are often not secure enough, and are known for their high TCO. Combined with the weak security they provide, they should not be used on their own. Two-factor (or "strong") authentication is based on something the user has (a smart card, token, etc.) and something she knows (a PIN or passcode). Oracle Advanced Security supports the following industry-standard authentication methods:
- Kerberos
- RADIUS (Remote Authentication Dial-In User Service)
- Secure Sockets Layer (with digital certificates)
- PKI
|
Bookmark
