Skip Headers
Oracle® Application Server Security Guide
10g Release 2 (10.1.2)
B13999-03
  Go To Documentation Library
Home
Go To Product List
Solution Area
Go To Table Of Contents
Contents

Previous
Previous
 

Index

A  B  C  D  E  F  H  I  J  K  L  M  N  O  P  R  S  T  V  W  X 

A

accelerating SSL, 2.2.3
AJP
use with SSL encryption, 2.3
Apache HTTP server, 1.5.2
application deployers
references, Preface
architecture
Oracle Application Server security, 2
asymmetric encryption, 1.3
audit log, 6.5.5
authentication, 6.1.8
definition, Glossary
in OracleAS JAAS Provider, 2.3
using OracleAS Single Sign-On, 4.2.3
authentication options, 6.3.2
authorization, 6.1.8
in OracleAS JAAS Provider, 2.3
availability
definition, Glossary

B

basic security services, 1.4.1
BC4J. See Oracle ADF
best practices
certificates, 6.1.5
cookies, 6.1.3
firewall, 6.1.7
HTTPS, 6.1.1
JAAS, 6.2
Oracle Internet Directory, 6.5
OracleAS Single Sign-On, 6.4
security, 6.1
systems setup, 6.1.4
BHAPI, 2.2.3
browser security implications, 1.2.1
bulk encryption key
defined, 1.3
bulkload.sh, 6.5.1

C

certificate authority, 1.3, 1.3
definition, Glossary
certificate chain, 1.3
certificates, 1.3
best practices, 6.1.5
definition, Glossary
overview, 1.3
root, 1.3
self-signed, 1.3
cipher suite
definition, Glossary
ciphertext
definition, Glossary
confidentiality mode, 6.5.3
configuring
DMZ architectures, 3.2.2
connections
switched, 6.1.9
cookies
best practices, 6.1.3
security, 1.2.1
creating a custom Welcome page, B.3.1
cryptography
definition, Glossary

D

decryption
definition, Glossary
Delegated Administration Service (DAS), 1.8.1
delegation
privilege, 5
delegation. See privilege delegation
Departmental Topology, 1.7
deployment topologies, 3
DES
definition, Glossary
Development Life Cycle Support Topology, 1.7
Diffie-Hellman key negotiation
definition, Glossary
directory information tree
definition, Glossary
Directory Integration and Provisioning, 4.2.9.1
directory integration platform, 6.5.8.1
distinguished name
definition, Glossary
DIT
definition, Glossary
DMZ, 3.2.1, 6.1.10
configuring architectures, 3.2.2
definition, 3.2, Glossary
infrastructure zone, 3.2.1
J2EE Business Logic zone, 3.2.1
requirements, 3.2.1

E

encryption, 6.1.1, 6.1.8
Enterprise Data Center Topology, 3.3
J2EE Applications, 1.7
Portal, Wireless, and Business Intelligence Applications, 1.7

F

failover
definition, Glossary
fault containment, 6.1.2
fault tolerance
definition, Glossary
FIPS 140-2 Level 2 certification, A
configuring components that are FIPS compliant, A.1
post-installation checks, A.2
setting the SQLNET.SSLFIPS_140 parameter, A.1.1
setting the SSLCipherSuite directive, A.1.2
valid cipher suites, A.1.2
verifying FIPS mode, A.3
firewalls, 1.2.2, 3.1, 3.1
and mod_plsql, 3.2.1
best practice, 6.1.7
security implications, 1.2.2
Forms, Reports, and Discoverer Developer Topology, 1.7

H

hot standby
definition, Glossary
HTTP, 1.5.2.1
HTTPS, 1.5.2.1
best practices, 6.1.1
HTTPS-to-HTTP appliances, 3.2.3

I

identity management
integrating third-party solutions, 4.1.2
third-party solutions, 4.2.9
infrastructure DMZ zone, 3.2.1
installation topologies, 1.7
instance passwords
changing, 4.2.2.1
Integration Architect and Process Modeler Topology, 1.7

J

J2EE applications
and security architecture, 3.3.1
J2EE Business Logic DMZ zone, 3.2.1
JAAS, 1.5.3
best practices, 6.2
Java Developer Topology, 1.7

K

key exchange, 1.3
key pair
definition, Glossary
keys, 1.3
bulk encryption, 1.3
definition, Glossary
exchanging, 1.3
overview, 1.3
PKI, 1.3
private, 1.3
public, 1.3
keystores, 1.3

L

LDAP
definition, Glossary
LDIF
definition, Glossary
load balancers, 3.1, 3.1
hardware, 3.2.3
security implications, 1.2.3
localhost
definition, Glossary

M

man-in-the-middle
definition, Glossary
MD5
definition, Glossary
message digest
definition, Glossary
message flow
OracleAS Single Sign-On, 2.2.1
method authentication, 6.1.3
Microsoft Active Directory, 4.1.2
mod_plsql
and firewalls, 3.2.1
and security architecture, 3.3.2
mods, defined, 1.5.2.1

N

negotiating
SSL sessions, 1.3

O

OC4J, 1.5.3
OID. See Oracle Internet Directory.
OIM. See Oracle Identity Management.
one-way hash function
definition, Glossary
Oracle ADF
security, 1.8.2.4, 1.8.2.4
Oracle Advanced Security, 2.1
Oracle Application Server Certificate Authority Topology, 1.7
Oracle Application Server Java Authentication and Authorization Service. See OracleAS JAAS Provider.
Oracle Business Components for Java. See Oracle ADF.
Oracle Certificate Authority, 1.8.1
Oracle Delegated Administration Services, 4.2.5, 4.2.5
Oracle Directory Synchronization Service, 1.8.1
Oracle HTTP Server, 1.5.2, 1.5.2.1, 1.8.2.1
overview of security, 2.2
security, 1.5.2
security enhancements, 1.8.2.1
security services, 1.5.2.1
Oracle Identity Management, 1.6, 4
features and benefits, 4.2
infrastructure, 1.6
password policies, 4.2.2
security features, 1.8.1.1
Oracle Identity Management security features, 1.8.1
Oracle Internet Directory
best practices, 6.5
changing instance passwords, 4.2.2.1
features, 1.8.1.1.1
Oracle Internet Directory (OID), 1.8.1
Oracle Net
definition, Glossary
Oracle Workflow, 1.8.2.3
security, 1.8.2.3
OracleAS
introduction, 1.1
middle-tier components, 1.5
security architecture, 2.1
security overview, 1
OracleAS Certificate Authority
features, 1.8.1.1.3
OracleAS Discoverer
security architecture, 3.4
OracleAS Forms Services
security architecture, 3.4
OracleAS JAAS Provider
security implications, 2.3
OracleAS Metadata Repository, 2.1
OracleAS Portal, 1.5.3, 1.5.5, 4.1
dependency on Oracle Identity Management, 4.1
security implications, 2.4
security requirements, 3.3.3
OracleAS Reports Services
security architecture, 3.4
OracleAS Single Sign-On, 1.8.1, 4.2.3.1
best practices, 6.4
features, 1.8.1.1.2
message flow, 2.2.1
security architecture, 3.5.1
use in authentication, 4.2.3
OracleAS Web Cache, 1.5.1, 1.5.1
security architecture, 3.5.2
security implications, 2.5
OracleAS Wireless
security requirements, 3.3.3

P

password policies, 4.2.2
PEM
definition, Glossary
PGP
definition, Glossary
PKCS  12
definition, Glossary
PKI
and OracleAS Certificate Authority, 4.2.8
definition, Glossary
public keys defined, 1.3
plaintext
definition, Glossary
Portal and Wireless Developer Topology, 1.7
private key
defined, 1.3
definition, Glossary
private keys, 1.3
privilege delegation, 5
and RBAC, 4.2.6
component runtime, 5.5
diagram, 5.2
how it works, 5.1.1
security goals, 5.3
privilege model
security goals, 1.8.2.2, 5.3
user roles, 5.4
provisioning integration, 4.2.7
Provisioning Integration Service, 1.8.1
public key
definition, Glossary
public key infrastructure. See PKI
public keys, 1.3
defined, 1.3
public-key cryptography
definition, Glossary
public/private key pair
definition, Glossary

R

RBAC, 4.2.5
privilege delegation, 4.2.6
RDN
definition, Glossary
redundant
definition, Glossary
reliability
definition, Glossary
role-based access control. See RBAC
root certificate, 1.3
RSA
definition, Glossary

S

scalability
definition, Glossary
Secure Hash Algorithm
definition, Glossary
secure socket layer, 6.1.11
securing your Welcome page, B.3.2
security
best practices, 6.1
checklist, B
keys and certificates, 1.3
overview in OracleAS, 1
recommended deployment topologies, 3
security architecture, 2
J2EE applications, 3.3.1
mod_plsql, 3.3.2
OracleAS Discoverer, 3.4
OracleAS Forms Services, 3.4
OracleAS Reports Services, 3.4
OracleAS Single Sign-On, 3.5.1
OracleAS Web Cache, 3.5.2
security checklist, B
disabling and removing demos, B.4
enabling component level logging, B.5
securing OracleAS Metadata Repository schemas, B.2
securing the Welcome page, B.3
securing your installation and configuration, B.1
security requirements
OracleAS Portal, 3.3.3
OracleAS Wireless, 3.3.3
security services
basic, 1.4.1, 1.4.1
self-signed certificate, 1.3
server and client authentication mode, 6.5.3
server authentication, 6.5.3
single key-pair wallet, Glossary
single sign-on
definition, Glossary
sqlnet.ora file, A.1.1
SQLNET.SSLFIPS_140 parameter, A.1.1
SSH
definition, Glossary
SSL, 6.5.3
and AJP, 2.3
enabling during and after installation, B.1.3
overview, 1.3
session negotiation, 1.3
SSL acceleration, 2.2.3
SSL encryption, 6.1.11
SSLCipherSuite directive, A.1.2
SSLSessionCacheTimeout, 6.1.12
stateful inspection, 6.1.7
Sun Java Enterprise System, 4.1.2
switched connections, 6.1.9
symmetric encryption, 1.3
symmetric-key cryptography, Glossary
systems setup
best practices, 6.1.4

T

third-party identity management, 4.1.2
TNS_ADMIN environment variable, A.1.1
topologies
deployment, 3
recommended, 3
trusted certificates
definition, Glossary
trustpoints, 1.3

V

virtual private network. See VPN
VPNs
security implications, 1.2.4

W

W3C
cookie security, 1.2.1
wallet resource locator
definition, Glossary
wallets
definition, Glossary
single key-pair, Glossary
web browser
security, 1.2.1
Welcome page
creating a custom Welcome page, B.3.1
securing your Welcome page, B.3.2

X

X.509
definition, Glossary
X.509 Version 3 certificates
with Oracle HTTP Server, 1.5.2.1