Oracle Database B10772-01 Administrator's Manual page 54

Solving Security Challenges with Oracle Advanced Security
3.
4.
5.
6.
Supported Authentication Methods
Oracle Advanced Security supports the following industry-standard authentication
methods:
Kerberos Oracle Advanced Security support for Kerberos provides the benefits of
single sign-on and centralized authentication of Oracle users. Kerberos is a trusted
third-party authentication system that relies on shared secrets. It presumes that the
third party is secure, and provides single sign-on capabilities, centralized password
storage, database link authentication, and enhanced PC security. It does this
through a Kerberos authentication server. See
Authentication"
RADIUS (Remote Authentication Dial-In User Service) RADIUS is a client/server security
protocol that is most widely known for enabling remote authentication and access.
Oracle Advanced Security uses this standard in a client/server network
environment to enable use of any authentication method that supports the RADIUS
1-10 Oracle Database Advanced Security Administrator's Guide
The client passes these credentials to the Oracle server concurrent with a service
request, such as connection to a database.
The server sends the credentials back to the authentication server for
authentication.
If the authentication server accepts the credentials, then it notifies the Oracle
Server, and the user is authenticated.
If the authentication server does not accept the credentials, then authentication
fails, and the service request is denied.
Kerberos
RADIUS (Remote Authentication Dial-In User Service)
DCE (Distributed Computing Environment)
Secure Sockets Layer
Entrust/PKI
for information about configuring and using this adapter.
Oracle authentication for Kerberos provides database link
Note:
authentication (also called proxy authentication). Kerberos is also
an authentication method that is supported with Enterprise User
Security.
(with digital certificates)
Chapter 6, "Configuring Kerberos