DCE is one of the protocols that support single sign-on (SSO); once a user authenticates with
DCE, they can securely access any Oracle database configured with DCE without specifying a
username or password.
Kerberos
Kerberos is another trusted third-party authentication system that, like DCE, provides SSO
capabilities. Oracle fully supports Kerberos version 5 with Oracle Advanced Security under
the Enterprise Edition of Oracle Database 10g and 11g.
As with other middleware authentication solutions, the basic premise is that passwords should
never be sent across the network; all authentication is brokered by the Kerberos server. In Kerberos
terminology, a password is a ???shared secret.???
Public Key Infrastructure
Public Key Infrastructure (PKI) comprises a number of components. It is implemented using the SSL
protocol and is based on the concept of secret private keys and related public keys to facilitate
secure communications between the client and server.
To provide identification and authentication services, PKI uses certificates and certificate
authorities (CAs). In a nutshell, a certificate is an entity??™s public key validated by a trusted third
party (a certificate authority), and it contains information such as the certificate user??™s name, an
expiration date, the public key, and so forth.
RADIUS
Remote Authentication Dial-In User Service (RADIUS) is a lightweight protocol used for
authentication as well as authorization and accounting services.
Pages:
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482