Oracle9i Database Daily Feature - Password-Authenticated Enterprise Users

PRODUCTS

Database
Middleware
Developer Tools
Enterprise Management
Applications Technology
Products A-Z

TECHNOLOGIES

BI & Data Warehousing
Embedded
Java
Linux
.NET
PHP
Security
Windows Server System
Technologies A-Z

ARCHITECTURE

Enterprise 2.0
Extreme Transaction Processing
Grid
Service-Oriented Architecture
Virtualization

COMMUNITY

Join OTN
Oracle ACEs
Oracle Wiki
Blogs
Podcasts
Events
Newsletters
Oracle Magazine
Oracle Books
Certification
User Groups
Partner White Papers

Printer View

E-mail this page

Bookmark

Password-Authenticated Enterprise Users

Some of the challenges faced by Enterprises today continue to be about managing user information in a timely and secure manner. User administration and management has become more expensive and complex with increased e-business deployment and increased employee turnover. Each user may have multiple accounts and passwords to access different applications. Lack of centralization of users and their authorizations could pose a potential security risk because old and unused accounts and privileges could result in unauthorized access.

Enterprise User Security is a feature provided by Oracle Advanced Security Option available with the Enterprise Edition of Oracle9i database. Enterprise User Securitysolves the security and user administration by centralizing the user and authorization information in Oracle Internet Directory ( a LDAPv3 compliant Directory Server).These users who are stored and managed centrally in Oracle Internet Directory (OID) are Enterprise Users.

Oracle Advanced Security 9.0.1 complements certificate-based authentication with password-based authentication for enterprise users, including the following principal
features:

Password-based Logins for Enterprise Users:
Enterprise users can use a single enterprise username and password to connect to multiple databases.

Client-Side SSL and Wallets Not Required:
The implementation of password-based authentication for enterprise users eliminates the requirement to install SSL and credential management tools on the client.Since there is no requirement for SSL or Oracle wallets on the client, all prior Oracle clients can function as enterprise users—administered by Oracle Enterprise SecurityManager. In addition, Oracle Enterprise Login Assistant lets users change passwords and utilize single sign-on whether they use Release 9i clients, Release 8i clients, or Release 8.0 or earlier versions.

User Credentials Stored in LDAP-Compliant Directory
Enterprise user credentials and authorizations are stored in a centralized LDAP-compliant directory. Enterprise users require only one username and password (stored in the central LDAP-compliant directory) to access multiple databases. Authorizations to database objects are granted through Enterpise Roles defined in the directory.

Note: The installation and use of both SSL and Oracle wallets continue to be a requirement on the server side—to establish a secure channel between the database and the LDAP-compliant directory. Enterprises that need PKI to be deployed should use certificate authenticated enterprise users.

More Info

Oracle Advanced Security Release 9i

Oracle9i Database Daily Features