Table of Contents
Advertisement
Enterprise User Security Deployment Considerations
Security of Password-Authenticated Enterprise User Database Login Information
In all secure password-based authentication methods, a server authenticates a client
with a password verifier, typically a hashed version of the password that must be
rigorously protected. Password-based authentication to an Oracle database is no
different. There is a password verifier, and it must be protected as well. This is true
if the verifier is stored locally in the database or centrally in the directory. Note that
a password verifier cannot be used to derive its original password.
An enterprise user's database password can be stored in a central directory service
for access by multiple databases. It can be viewed and shared by all trusted
databases to which the user has access. Although the password verifier stored in the
directory is not the
or unauthorized access. It is therefore extremely important to define
password-related ACLs in the directory that are as restrictive as possible, while still
enabling necessary access and usability. (Note that Oracle Database supports all
verifier types that are supported by Oracle Internet Directory.)
Oracle tools help set up ACLs in the directory to protect these password verifiers
during identity management realm creation. The approach that Oracle recommends
is intended to balance security and usability considerations. If you require
maximum security and can set up wallets for all users, you should require only SSL
connections from users to databases. This SSL-only approach circumvents the entire
directory password protection issue.
The following sections provide more information about trusted databases and
protecting database password verifiers in the directory.
What is Meant by Trusted Databases
SSL provides strong authentication so databases are ensured of each others identity.
With password-authenticated Enterprise User Security where database password
verifiers are stored centrally in a directory and shared among multiple databases,
each database that allows password-authenticated enterprise users to log in must be
a trusted database. Each database has access to the shared password verifiers so it is
important that each database can be trusted to observe the following security
precautions:
11-26 Oracle Database Advanced Security Administrator's Guide
cleartext
Each database must be trusted to protect itself from tampering with the server
code so a malicious user cannot misuse the database identity to gain access to
password verifiers in the directory.
Each database must be trusted to protect its PKI and other credentials from theft
so a malicious user cannot use them to gain access to the password verifiers
stored in the directory.
password, it is still necessary to protect it from casual
Advertisement
Chapters
Table of Contents
Troubleshooting
