Index
A B C D E F G H I J K L M N O P R S T U W X
A
- accounting, RADIUS, 6.3.5
- activating checksumming and encryption, 4.4.1
- adapters, 1.3
ALTER SYSTEM SET
command
-
- closing encryption wallets, 3.1.4
- opening encryption wallets, 3.1.4, 3.2.3, 3.8.1.3
- opening HSM wallets, 3.7.6
- setting master encryption key, 3.1.4, 3.2.2.1, 3.7.4, 3.8.1.2
- anonymous, 8.6.2.3
- asynchronous authentication mode in RADIUS, 6.2.2
- authentication, 1.3
-
- configuring multiple methods, 10.3
- methods, 1.2.2.2
- modes in RADIUS, 6.2
B
- benefits of Oracle Advanced Security, 1.2
BFILE
, 3.1.2.1
- browser certificates, using with Oracle Wallet Manager, 9.5.1.3.1
C
- certificate, 8.2.2.2
-
- browser, using with Oracle Wallet Manager, 9.5.1.3.1
- certificate authority, 8.2.2.1
- certificate revocation lists, 8.2.2.3
-
- manipulating with orapki tool, 8.8.4
- uploading to LDAP directory, 8.8.4
- where to store them, 8.8.2
- certificate revocation status checking
-
- disabling on server, 8.8.3
- certificate validation error message
-
- CRL could not be found, 8.8.5.1
- CRL date verification failed with RSA status, 8.8.5.1
- CRL signature verification failed with RSA status, 8.8.5.1
- Fetch CRL from CRL DP
-
- No CRLs found, 8.8.5.1
- OID hostname or port number not set, 8.8.5.1
- challenge-response authentication in RADIUS, 6.2.2
- change data capture, synchronous, 3.1.2.1
- cipher block chaining mode, 1.2.1.1.3
- cipher suites
-
- Secure Sockets Layer (SSL), B.3.2.1
- client authentication in SSL, 8.6.2.5
- configuration files
-
- Kerberos, B.1
- configuring
-
- Entrust-enabled Secure Sockets Layer (SSL)
-
- on the client, G.4.3
- Kerberos authentication service parameters, 7.1.7.1
- Oracle server with Kerberos, 7.1.2
- RADIUS authentication, 6.3.2
- SSL, 8.6
-
- on the client, 8.6.3
- on the server, 8.6.2
- thin JDBC support, 5
- connecting
-
- with username and password, 10.1
- CRL, 8.2.2.3
- CRLAdmins directory administrative group, F.6.7.1
- CRLs
-
- disabling on server, 8.8.3
- where to store them, 8.8.2
- cryptographic hardware devices, 8.2.2.5
D
- Data Encryption Standard (DES), 4.1.3
-
- DES encryption algorithm, 1.2.1.1.2
- DES40 encryption algorithm, 4.1.4.1
- Triple-DES encryption algorithm, 1.2.1.1.3, 4.1.4
- data integrity, 1.2.1.2, 1.2.1.2
- database links
-
- RADIUS not supported, 6.1
- DES. See Data Encryption Standard (DES)
- Diffie-Hellman, 8.6.2.3
- Diffie-Hellman key negotiation algorithm, 4.3
E
- encryption, 1.4
- encryption and checksumming
-
- activating, 4.4.1
- client profile encryption, A.2.2
- negotiating, 4.4.2
- parameter settings, 4.4.4
- server encryption level setting, A.2.1
ENCRYPTION_WALLET_LOCATION
parameter, 3.2.1.1, 3.3.1.1, 3.5.1, 3.7.1, 3.8.1.1
- Entrust Authority
-
- creating database users, G.4.6
- Entrust Authority for Oracle, G.2.1
- Entrust Authority Software
-
- authentication, G.3, G.4
- certificate revocation, G.1.3
- components, G.2, G.2.1.1
- configuring
-
- client, G.4.4
- server, G.4.5
- Entelligence, G.2.1.3
- etbinder command, G.4.5.1
- issues and restrictions, G.5
- key management, G.1.2
- profiles, G.4.1
-
- administrator-created, G.4.1
- user-created, G.4.1.2
- Self-Administration Server, G.2.1.2
- versions supported, G.2
- Entrust, Inc., G
- Entrust-enabled SSL
-
- troubleshooting, G.6
- Entrust/PKI Software, 1.2.2.2.4
- error messages
-
- ORA-12650, 4.4.1, 4.4.2.1, 4.4.2.2, A.2.1.5, A.2.1.6, A.2.1.7, A.2.1.8
- ORA-28890, G.6
- etbinder command, G.4.5.1
- external large objects (
BFILE
), 3.1.2.1
F
- Federal Information Processing Standard
-
- configuration, Preface
- Federal Information Processing Standard (FIPS), 1.2.1.3, D
-
- sqlnet.ora parameters, D.1
- FIPS 140-2 Level 2 certification, E
- FIPS Parameter
-
- Configuring, E.1
- FIPS. See Federal Information Processing Standard (FIPS)
G
- grid computing
-
- benefits, 1.1.1
- defined, 1.1.1
- GT GlossaryTitle, Glossary
H
- handshake
-
- SSL, 8.1.3
- hardware security modules
-
- See HSMs
- HSMs (hardware security modules), 3.6
-
- PKCS#11 library, 3.7.2
sqlnet.ora
file, 3.7.1
- user_Id:password string, 3.7.4
I
- import/export utilities, original, 3.1.2.1, 3.1.2.1
- index range scans, 3.4
- initialization parameter file
-
- parameters for clients and servers using Kerberos, B.1
- parameters for clients and servers using RADIUS, B.2
- parameters for clients and servers using SSL, B.3
- Internet Explorer certificates
-
- using with Oracle Wallet Manager, 9.5.1.3
J
- Java Byte Code Obfuscation, 5.1.4
- Java Database Connectivity (JDBC)
-
- configuration parameters, 5.2
- Oracle extensions, 5.1.1
- Oracle O3LOGON, 5.1.2
- thin driver features, 5.1.2
- Java Database connectivity (JDBC)
-
- implementation of Oracle Advanced Security, 5.1
- JDBC. See Java Database Connectivity
K
- Kerberos, 1.2.2.2.1, 1.2.2.2.1
-
- authentication adapter utilities, 7.2
- configuring authentication, 7.1, 7.1.7.1
- kinstance, 7.1.2
- kservice, 7.1.2
- realm, 7.1.2
- sqlnet.ora file sample, A.1
- system requirements, 1.5, 1.5
- kinstance (Kerberos), 7.1.2
- kservice (Kerberos), 7.1.2
L
- LAN environments
-
- vulnerabilities of, 1.1.3.1
- large objects
-
BFILE
, 3.1.2.1
BLOB
, 3.1.2.1
CLOB
, 3.1.2.1
- external, 3.1.2.1
LOB
, 3.1.2.1
- ldap.ora
-
- which directory SSL port to use for no authentication, 8.8.4.3
- listener
-
- endpoint
-
- SSL configuration, 8.6.2.7
M
- managing roles with RADIUS server, 6.3.9
- materialized view logs, 3.1.2.1
- MD5 message digest algorithm, 4.2.1
- Microsoft Internet Explorer certificates
-
- using with Oracle Wallet Manager, 9.5.1.3
N
- nCipher hardware security module
-
- using Oracle Net tracing to troubleshoot, 8.9.4
- Netscape certificates
-
- using with Oracle Wallet Manager, 9.5.1.3
- Netscape Communications Corporation, 8.1
- network protocol boundaries, 1.4
O
- obfuscation, 5.1.4
- okdstry
-
- Kerberos adapter utility, 7.2
- okinit
-
- Kerberos adapter utility, 7.2
- oklist
-
- Kerberos adapter utility, 7.2
- ORA-12650 error message, A.2.1.6
- ORA-28330, 3.9
- ORA-28331, 3.9
- ORA-28332, 3.9
- ORA-28333, 3.9
- ORA-28334, 3.9
- ORA-28335, 3.9
- ORA-28336, 3.9
- ORA-28337, 3.9
- ORA-28338, 3.9
- ORA-28339, 3.9
- ORA-28340, 3.9
- ORA-28341, 3.9
- ORA-28342, 3.9
- ORA-28343, 3.9
- ORA-28344, 3.9
- ORA-28345, 3.9
- ORA-28346, 3.9
- ORA-28347, 3.9
- ORA-28348, 3.9
- ORA-28349, 3.9
- ORA-28350, 3.9
- ORA-28351, 3.9
- ORA-28353, 3.9
- ORA-28354, 3.9
- ORA-28356, 3.9
- ORA-28357, 3.9
- ORA-28358, 3.9
- ORA-28359, 3.9
- ORA-28361, 3.9
- ORA-28362, 3.9
- ORA-28363, 3.9
- ORA-28364, 3.9
- ORA-28365, 3.9
- ORA-28366, 3.9
- ORA-28367, 3.9
- ORA-28368, 3.9
- ORA-28369, 3.9
- ORA-28370, 3.9
- ORA-28371, 3.9
- ORA-28372, 3.9
- ORA-28373, 3.9
- ORA-28374, 3.9
- ORA-28375, 3.9
- ORA-28376, 3.9
- ORA-28377, 3.9
- ORA-28378, 3.9
- ORA-28885 error, 9.1.6
- ORA-40300 error message, 8.9.4.1
- ORA-40301 error message, 8.9.4.1
- ORA-40302 error message, 8.9.4.1
- Oracle Advanced Security
-
- checksum sample for sqlnet.ora file, A.1
- configuration parameters, 5.2
- disabling authentication, 10.2
- encryption sample for sqlnet.ora file, A.1
- Java implementation, 5.1, 5.1.3
- SSL features, 8.1.2
- Oracle Applications wallet location, 9.4.11
- Oracle Connection Manager, 1.4
- Oracle Internet Directory
-
- Diffie-Hellman SSL port, 8.8.4.3
- Oracle parameters
-
- authentication, 10.4
- Oracle Password Protocol, 5.1.3
- Oracle Wallet Manager
-
- importing PKCS #7 certificate chains, 9.5.1.2
- orapki
-
- adding a root certificate to a wallet with, F.3.2
- adding a trusted certificate to a wallet with, F.3.2
- adding user certificates to a wallet with, F.3.2
- creating a signed certificate for testing, F.2
- creating a wallet with, F.3.1
- creating an auto login wallet with, F.3.1
- exporting a certificate from a wallet with, F.3.3
- exporting a certificate request from a wallet with, F.3.3
- viewing a test certificate with, F.2
- viewing a wallet with, F.3.1
- orapki tool, 8.8.4
- original import/export utilities, 3.1.2.1, 3.1.2.1
- OS_AUTHENT_PREFIX parameter, 10.4.3
- OSS.SOURCE.MY_WALLET parameter, 8.6.2.2, 8.6.3.3
P
- paragraph tags
-
- GT GlossaryTitle, Glossary
- parameters
-
- authentication
-
- Kerberos, B.1
- RADIUS, B.2
- Secure Sockets Layer (SSL), B.3
- configuration for JDBC, 5.2
- encryption and checksumming, 4.4.4
- PKCS #11 devices, 8.2.2.5
- PKCS #11 error messages
-
- ORA-40300, 8.9.4.1
- ORA-40301, 8.9.4.1
- ORA-40302, 8.9.4.1
- PKCS #7 certificate chain, 9.5.1.2
-
- difference from X.509 certificate, 9.5.1.2
- Public Key Infrastructure (PKI)
-
- certificate, 8.2.2.2
- certificate authority, 8.2.2.1
- certificate revocation lists, 8.2.2.3
- PKCS #11 hardware devices, 8.2.2.5
- wallet, 8.2.2.4
- public key infrastructure (PKI), 1.2.2.2.3, 1.2.2.2.4
R
- RADIUS, 1.2.2.2.2, 1.2.2.2.2
-
- accounting, 6.3.5
- asynchronous authentication mode, 6.2.2
- authentication modes, 6.2
- authentication parameters, B.2
- challenge-response
-
- authentication, 6.2.2
- user interface, C.1, C.2
- configuring, 6.3.2
- database links not supported, 6.1
- location of secret key, 6.3.2.3
- smartcards and, 1.2.2.2.2, 6.2.2, 6.3.2.3, C.1
- sqlnet.ora file sample, A.1
- synchronous authentication mode, 6.2.1
- system requirements, 1.5
- RC4 encryption algorithm, 1.2.1.1.1, 4.1.5
- realm (Kerberos), 7.1.2
- restrictions, 1.6
- revocation, G.1.3
- roles
-
- managing with RADIUS server, 6.3.9
- RSA Security, Inc. (RSA), 1.2.1.1.1
S
- salt (TDE)
-
- adding, 3.2.7
- removing, 3.2.7
- See also TDE (transparent data encryption)
- secret key
-
- location in RADIUS, 6.3.2.3
- Secure Sockets Layer (SSL), 1.2.2.2.3
-
- architecture, 8.3.1
- authentication parameters, B.3
- authentication process in an Oracle environment, 8.1.3
- cipher suites, B.3.2.1
- client authentication parameter, B.3.4
- client configuration, 8.6.3
- combining with other authentication methods, 8.3, 8.3
- configuring, 8.6
- configuring Entrust-enabled SSL on the client, G.4.3
- enabling, 8.6
- enabling Entrust-enabled SSL, G.4
- handshake, 8.1.3
- industry standard protocol, 8.1
- requiring client authentication, 8.6.2.5
- server configuration, 8.6.2
- sqlnet.ora file sample, A.1
- system requirements, 1.5
- version parameter, B.3.3
- wallet location, parameter, B.3.5
- SecurID, 6.2.1
-
- token cards, 6.2.1
- security
-
- Internet, 1.1.2
- Intranet, 1.1.2
- threats, 1.1.3
-
- data tampering, 1.1.3.2
- dictionary attacks, 1.1.3.4
- eavesdropping, 1.1.3.1
- falsifying identities, 1.1.3.3
- password-related, 1.1.3.4
- Security Sockets Layer (SSL)
-
- use of term includes TLS, 8.1.1
- single sign-on (SSO), 1.2.2.2.4, G.1.1
- smartcards, 1.2.2.2.2
-
- and RADIUS, 1.2.2.2.2, 6.2.2, 6.3.2.3, C.1
- SQLNET.AUTHENTICATION_KERBEROS5_SERVICE parameter, 7.1.7.1
- SQLNET.AUTHENTICATION_SERVICES parameter, 6.3.2.1, 7.1.7.1, 8.6.2.6, 8.6.2.6, 8.6.3.6, 8.6.3.6, 10.2, 10.3
- SQLNET.CRYPTO_CHECKSUM_CLIENT parameter, 4.4.4.2
- SQLNET.CRYPTO_CHECKSUM_SERVER parameter, 4.4.4.2
- SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT parameter, 4.4.4.2, A.2.1.8
- SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER parameter, 4.4.4.2, A.2.1.7
- SQLNET.CRYPTO_SEED parameter, A.2.2
- SQLNET.ENCRYPTION_CLIENT parameter, 4.4.4.1, A.2.1.2
- SQLNET.ENCRYPTION_SERVER parameter, 4.4.4.1, A.2.1.1
- SQLNET.ENCRYPTION_TYPES_CLIENT parameter, 4.4.4.1, A.2.1.6
- SQLNET.ENCRYPTION_TYPES_SERVER parameter, 4.4.4.1, A.2.1.5
- SQLNET.FIPS_140 parameter, D.1.6
- SQLNET.KERBEROS5_CC_NAME parameter, 7.1.7.3
- SQLNET.KERBEROS5_CLOCKSKEW parameter, 7.1.7.3
- SQLNET.KERBEROS5_CONF parameter, 7.1.7.3
- SQLNET.KERBEROS5_CONF_MIT parameter, 7.1.7.3
- SQLNET.KERBEROS5_KEYTAB parameter, 7.1.7.3
- SQLNET.KERBEROS5_REALMS parameter, 7.1.7.3
- sqlnet.ora file
-
- Common sample, A.1
- FIPS 140-1 parameters, D.1
- Kerberos sample, A.1
- Oracle Advanced Security checksum sample, A.1
- Oracle Advanced Security encryption sample, A.1
- OSS.SOURCE.MY_WALLET parameter, 8.6.2.2, 8.6.3.3
- parameters for clients and servers using Kerberos, B.1
- parameters for clients and servers using RADIUS, B.2
- parameters for clients and servers using SSL, B.3
- RADIUS sample, A.1
- sample, A.1
- SQLNET.AUTHENTICATION_KERBEROS5_SERVICE parameter, 7.1.7.1
- SQLNET.AUTHENTICATION_SERVICES parameter, 7.1.7.1, 8.6.2.6, 8.6.2.6, 8.6.3.6, 8.6.3.6, 10.2, 10.3
- SQLNET.CRYPTO_CHECKSUM_CLIENT parameter, 4.4.4.2
- SQLNET.CRYPTO_CHECKSUM_SERVER parameter, 4.4.4.2
- SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT parameter, 4.4.4.2, A.2.1.8
- SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER parameter, 4.4.4.2, A.2.1.7
- SQLNET.CRYPTO_SEED parameter, A.2.2
- SQLNET.ENCRYPTION_CLIENT parameter, A.2.1.2
- SQLNET.ENCRYPTION_SERVER parameter, 4.4.4.1, A.2.1.1
- SQLNET.ENCRYPTION_TYPES_CLIENT parameter, 4.4.4.1, A.2.1.6
- SQLNET.ENCRYPTION_TYPES_SERVER parameter, 4.4.4.1, A.2.1.5
- SQLNET.FIPS_140 parameter, D.1.6
- SQLNET.KERBEROS5_CC_NAME parameter, 7.1.7.3
- SQLNET.KERBEROS5_CLOCKSKEW parameter, 7.1.7.3
- SQLNET.KERBEROS5_CONF parameter, 7.1.7.3
- SQLNET.KERBEROS5_CONF_MIT parameter, 7.1.7.3
- SQLNET.KERBEROS5_KEYTAB parameter, 7.1.7.3
- SQLNET.KERBEROS5_REALMS parameter, 7.1.7.3
- SSL sample, A.1
- SSL_CLIENT_AUTHENTICATION parameter, 8.6.2.5
- SSL_CLIENT_AUTHETNICATION parameter, 8.6.3.3
- SSL_VERSION parameter, 8.6.2.4, 8.6.3.5
- Trace File Set Up sample, A.1
sqlnet.ora
file, TDE (transparent data encryption), 3.2.1.1, 3.2.2.1, 3.3.1.1, 3.5.1, 3.7.1, 3.8.1.1, 3.9
- SQLNET.RADIUS_ALTERNATE parameter, 6.3.2.3
- SQLNET.RADIUS_ALTERNATE_PORT parameter, 6.3.2.3
- SQLNET.RADIUS_ALTERNATE_RETRIES parameter, 6.3.2.3
- SQLNET.RADIUS_ALTERNATE_TIMEOUT parameter, 6.3.2.3
- SQLNET.RADIUS_SEND_ACCOUNTING parameter, 6.3.5.1
- SSL. See Secure Sockets Layer (SSL)
- SSL wallet location, 9.4.2.1, 9.4.11
- SSL_CLIENT_AUTHENTICATION parameter, 8.6.2.5, 8.6.3.3
- SSL_VERSION parameter, 8.6.2.4, 8.6.3.5
- SSO. See single sign-on (SSO)
- SSO wallets, 9.4.14
- synchronous authentication mode, RADIUS, 6.2.1
- synchronous change data capture, 3.1.2.1
- system requirements, 1.5
-
- Kerberos, 1.5
- RADIUS, 1.5
- SSL, 1.5
T
- tablespace encryption, 3.4
-
- creating encrypted tablespaces, 3.5.3
- editing the
sqlnet.ora
file, 3.5.1
- opening wallet, 3.5.2
- setting tablespace key, 3.5.1
- tablespace master encryption key, 3.2.1, 3.5.1, 3.5.2, 3.7.4, 3.7.5
- TDE (transparent data encryption)
-
- concepts, 3.1
-
- basic commands, 3.1.4
- figure, 3.1.3
- HSMs (hardware security modules), 3.6
-
- PKCS#11 library, 3.7.2
- user_Id:password string, 3.7.4
- managing, 3.3
-
- backing up and recovering keys, 3.3.2
- managing wallets, 3.3.1
- reference, 3.10
- restrictions, 3.1.2.1
- tablespace encryption, 3.4
-
- creating encrypted tablespaces, 3.5.3
- opening wallet, 3.5.2
- setting tablespace key, 3.5.1
- troubleshooting, 3.9
- tutorial, 3.8
- using, 3.2
-
- creating tables, 3.2.4
- editing the
sqlnet.ora
file, 3.2.1.1, 3.3.1.1, 3.8.1.1
- enabling, 3.2.1
- encrypting columns, 3.2.5
- opening wallet, 3.2.3
- setting master encryption key, 3.2.2
- thin JDBC support, 5
- TLS See Secure Sockets Layer (SSL)
- token cards, 1.2.2.2.2
- trace file
-
- set up sample for sqlnet.ora file, A.1
- transparent data encryption
-
- See TDE
- transportable tablespaces, 3.1.2.1
- Triple-DES encryption algorithm, 1.2.1.1.3
- troubleshooting, 7.4
-
- Entrust-enabled SSL, G.6
U
- utilities, import/export, 3.1.2.1
W
- wallet, 8.2.2.4
- wallets
-
- auto login, 9.4.14
- changing a password, 9.4.13
- closing, 3.1.4, 3.7.6, 9.4.4
- creating, 9.4.2
- deleting, 9.4.12
- managing, 9.4
- managing certificates, 9.5
- managing trusted certificates, 9.5.2
- opening, 3.1.4, 3.2.3, 3.7.6, 3.8.1.3, 3.10.3, 9.4.3
- Oracle Applications wallet location, 9.4.11
- saving, 9.4.9
- setting location, 8.6.2.2
- SSL wallet location, 9.4.2.1, 9.4.11
- SSO wallets, 9.4.14
X
- X.509 certificate
-
- difference from PKCS #7 certificate chain, 9.5.1.2
- X.509 PKI certificate standard, G.1.1