Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle Encryption

Re: Oracle Encryption

From: Rick Wessman <rwessman_at_us.oracle.com>
Date: 20 Nov 1998 16:55:36 -0800
Message-ID: <soc7lwprhiv.fsf@rwessman.us.oracle.com>


Dale Cook <dcook_at_scientech.com> writes:
> aperez_at_ccs.neu.edu wrote:
> >We have an Oracle 7.3.4
> > server running on a unix server and am going to have a front end in excel on
> > WIN 95 machines. I need to make sure that transactions back and forth are
> > encrypted. I somewhat understand how it works, but am still confused. I'm
> > using SQLNet to communicate. I've heard that SQLNet itself encrypts the data.
> > Is this true and/or do i have to activate it or feed it encryption keys? Do I
>
> It is true, as long as you have purchased the Advanced Networking Option for both
> client and server. Once installed, you turn it on using the sqlnet.ora file on
> both client and server. I've dinked with it using V8/Net8, so I'm not sure what
> differences there are. The Net8 client has a client called Net8 Assistant that,
> if installed on a machine that will run it, builds sqlnet.ora files according to
> your selections.

There are no appreciable differences in ANO between 7.3.4 and 8.0. However, the configuration GUI is different.

Aside from providing a random string for a seed in sqlnet.ora, no manual intervention is necessary. The keys are generated automatically.

>
> > need ANO for this part? I also know that Kerberos is going to be put into use
> > sometime later. I understand that ANO needs to be installed in order to use
> > Kerberos, but I also keep on seeing references to RSA and DES. Are these some
> > equivalents to Kerberos? I'm not sure what they are.
>
> Kerberos is an authentication mechanism as well as encryption. RSA and DES are
> for encryption/integrity of data, but by themselves do not address authentication.
> RSA is often referred to as "public/private key" encryption, aka asymmetric keys,
> while DES is "shared secret key" encryption, aka symmetric key (same key used to
> encrypt/decrypt).

In ANO, Kerberos does not do encryption. As to RSA encryption, RSA provides both types of encryption. ANO uses RC4, which does symmetric-key encryption.

>
> Oracle provides an "authetication adapter" for Kerberos (and other authentication
> methods as well), but you need to have the Kerberos stuff already installed, near
> as I can tell.

This is correct.
--

                                Hope this helps,
                                Rick
                                Rick Wessman
                                Oracle Corporation
                                rwessman_at_us.oracle.com
Received on Fri Nov 20 1998 - 18:55:36 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US