Securing Thin Jdbc - Oracle Database B10772-01 Administrator's Manual

About the Java Implementation
Microsystems defined the JDBC standard and Oracle Corporation implements and
extends the standard with its own JDBC drivers.
Oracle JDBC drivers are used to create JDBC applications to communicate with
Oracle databases. Oracle implements two types of JDBC drivers: Thick JDBC
drivers built on top of the C-based Oracle Net client, as well as a Thin (Pure Java)
JDBC driver to support downloadable applets. Oracle extensions to JDBC include
the following features:

Securing Thin JDBC

Because the Thin JDBC driver is designed to be used with downloadable applets
used over the Internet, Oracle designed a 100% Java implementation of Oracle
Advanced Security encryption and integrity algorithms for use with thin clients.
Oracle Advanced Security provides the following features for Thin JDBC:
The Oracle JDBC Thin driver implements the Oracle O3LOGON protocol for
authentication. It does not support Oracle Advanced Security SSL implementation,
nor does it support third party authentication features such as RADIUS, Kerberos,
and SecurID. However, the Oracle JDBC OCI (thick) driver support is the same as
thick client support, where all Oracle Advanced Security features are implemented.
4-2 Oracle Database Advanced Security Administrator's Guide
Data access and manipulation
LOB access and manipulation
Oracle object type mapping
Object reference access and manipulation
Array access and manipulation
Application performance enhancement
Data encryption
Data integrity checking
Secure connections from Thin JDBC clients to the Oracle RDBMS
Ability for developers to build applets that transmit data over a secure
communication channel
Secure connections from middle tier servers with Java Server Pages (JSP) to the
Oracle RDBMS
Secure connections from Oracle Database 10g to older versions of Oracle
databases with Oracle Advanced Security installed