Index
A B C D E F H I J K L M N O P R S T V W X
A
- accelerating SSL, 2.2.3
- AJP
- use with SSL encryption, 2.3
- Apache HTTP server, 1.5.2
- application deployers
- references, Preface
- architecture
- Oracle Application Server security, 2
- asymmetric encryption, 1.3
- audit log, 6.5.5
- authentication, 6.1.8
- definition, Glossary
- in OracleAS JAAS Provider, 2.3
- using OracleAS Single Sign-On, 4.2.3
- authentication options, 6.3.2
- authorization, 6.1.8
- in OracleAS JAAS Provider, 2.3
- availability
- definition, Glossary
B
- basic security services, 1.4.1
- BC4J. See Oracle ADF
- best practices
- certificates, 6.1.5
- cookies, 6.1.3
- firewall, 6.1.7
- HTTPS, 6.1.1
- JAAS, 6.2
- Oracle Internet Directory, 6.5
- OracleAS Single Sign-On, 6.4
- security, 6.1
- systems setup, 6.1.4
- BHAPI, 2.2.3
- browser security implications, 1.2.1
- bulk encryption key
- defined, 1.3
- bulkload.sh, 6.5.1
C
- certificate authority, 1.3, 1.3
- definition, Glossary
- certificate chain, 1.3
- certificates, 1.3
- best practices, 6.1.5
- definition, Glossary
- overview, 1.3
- root, 1.3
- self-signed, 1.3
- cipher suite
- definition, Glossary
- ciphertext
- definition, Glossary
- confidentiality mode, 6.5.3
- configuring
- DMZ architectures, 3.2.2
- connections
- switched, 6.1.9
- cookies
- best practices, 6.1.3
- security, 1.2.1
- creating a custom Welcome page, B.3.1
- cryptography
- definition, Glossary
D
- decryption
- definition, Glossary
- Delegated Administration Service (DAS), 1.8.1
- delegation
- privilege, 5
- delegation. See privilege delegation
- Departmental Topology, 1.7
- deployment topologies, 3
- DES
- definition, Glossary
- Development Life Cycle Support Topology, 1.7
- Diffie-Hellman key negotiation
- definition, Glossary
- directory information tree
- definition, Glossary
- Directory Integration and Provisioning, 4.2.9.1
- directory integration platform, 6.5.8.1
- distinguished name
- definition, Glossary
- DIT
- definition, Glossary
- DMZ, 3.2.1, 6.1.10
- configuring architectures, 3.2.2
- definition, 3.2, Glossary
- infrastructure zone, 3.2.1
- J2EE Business Logic zone, 3.2.1
- requirements, 3.2.1
E
- encryption, 6.1.1, 6.1.8
- Enterprise Data Center Topology, 3.3
- J2EE Applications, 1.7
- Portal, Wireless, and Business Intelligence Applications, 1.7
F
- failover
- definition, Glossary
- fault containment, 6.1.2
- fault tolerance
- definition, Glossary
- FIPS 140-2 Level 2 certification, A
- configuring components that are FIPS compliant, A.1
- post-installation checks, A.2
- setting the
SQLNET.SSLFIPS_140
parameter, A.1.1
- setting the
SSLCipherSuite
directive, A.1.2
- valid cipher suites, A.1.2
- verifying FIPS mode, A.3
- firewalls, 1.2.2, 3.1, 3.1
- and mod_plsql, 3.2.1
- best practice, 6.1.7
- security implications, 1.2.2
- Forms, Reports, and Discoverer Developer Topology, 1.7
H
- hot standby
- definition, Glossary
- HTTP, 1.5.2.1
- HTTPS, 1.5.2.1
- best practices, 6.1.1
- HTTPS-to-HTTP appliances, 3.2.3
I
- identity management
- integrating third-party solutions, 4.1.2
- third-party solutions, 4.2.9
- infrastructure DMZ zone, 3.2.1
- installation topologies, 1.7
- instance passwords
- changing, 4.2.2.1
- Integration Architect and Process Modeler Topology, 1.7
J
- J2EE applications
- and security architecture, 3.3.1
- J2EE Business Logic DMZ zone, 3.2.1
- JAAS, 1.5.3
- best practices, 6.2
- Java Developer Topology, 1.7
K
- key exchange, 1.3
- key pair
- definition, Glossary
- keys, 1.3
- bulk encryption, 1.3
- definition, Glossary
- exchanging, 1.3
- overview, 1.3
- PKI, 1.3
- private, 1.3
- public, 1.3
- keystores, 1.3
L
- LDAP
- definition, Glossary
- LDIF
- definition, Glossary
- load balancers, 3.1, 3.1
- hardware, 3.2.3
- security implications, 1.2.3
- localhost
- definition, Glossary
M
- man-in-the-middle
- definition, Glossary
- MD5
- definition, Glossary
- message digest
- definition, Glossary
- message flow
- OracleAS Single Sign-On, 2.2.1
- method authentication, 6.1.3
- Microsoft Active Directory, 4.1.2
- mod_plsql
- and firewalls, 3.2.1
- and security architecture, 3.3.2
- mods, defined, 1.5.2.1
N
- negotiating
- SSL sessions, 1.3
O
- OC4J, 1.5.3
- OID. See Oracle Internet Directory.
- OIM. See Oracle Identity Management.
- one-way hash function
- definition, Glossary
- Oracle ADF
- security, 1.8.2.4, 1.8.2.4
- Oracle Advanced Security, 2.1
- Oracle Application Server Certificate Authority Topology, 1.7
- Oracle Application Server Java Authentication and Authorization Service. See OracleAS JAAS Provider.
- Oracle Business Components for Java. See Oracle ADF.
- Oracle Certificate Authority, 1.8.1
- Oracle Delegated Administration Services, 4.2.5, 4.2.5
- Oracle Directory Synchronization Service, 1.8.1
- Oracle HTTP Server, 1.5.2, 1.5.2.1, 1.8.2.1
- overview of security, 2.2
- security, 1.5.2
- security enhancements, 1.8.2.1
- security services, 1.5.2.1
- Oracle Identity Management, 1.6, 4
- features and benefits, 4.2
- infrastructure, 1.6
- password policies, 4.2.2
- security features, 1.8.1.1
- Oracle Identity Management security features, 1.8.1
- Oracle Internet Directory
- best practices, 6.5
- changing instance passwords, 4.2.2.1
- features, 1.8.1.1.1
- Oracle Internet Directory (OID), 1.8.1
- Oracle Net
- definition, Glossary
- Oracle Workflow, 1.8.2.3
- security, 1.8.2.3
- OracleAS
- introduction, 1.1
- middle-tier components, 1.5
- security architecture, 2.1
- security overview, 1
- OracleAS Certificate Authority
- features, 1.8.1.1.3
- OracleAS Discoverer
- security architecture, 3.4
- OracleAS Forms Services
- security architecture, 3.4
- OracleAS JAAS Provider
- security implications, 2.3
- OracleAS Metadata Repository, 2.1
- OracleAS Portal, 1.5.3, 1.5.5, 4.1
- dependency on Oracle Identity Management, 4.1
- security implications, 2.4
- security requirements, 3.3.3
- OracleAS Reports Services
- security architecture, 3.4
- OracleAS Single Sign-On, 1.8.1, 4.2.3.1
- best practices, 6.4
- features, 1.8.1.1.2
- message flow, 2.2.1
- security architecture, 3.5.1
- use in authentication, 4.2.3
- OracleAS Web Cache, 1.5.1, 1.5.1
- security architecture, 3.5.2
- security implications, 2.5
- OracleAS Wireless
- security requirements, 3.3.3
P
- password policies, 4.2.2
- PEM
- definition, Glossary
- PGP
- definition, Glossary
- PKCS 12
- definition, Glossary
- PKI
- and OracleAS Certificate Authority, 4.2.8
- definition, Glossary
- public keys defined, 1.3
- plaintext
- definition, Glossary
- Portal and Wireless Developer Topology, 1.7
- private key
- defined, 1.3
- definition, Glossary
- private keys, 1.3
- privilege delegation, 5
- and RBAC, 4.2.6
- component runtime, 5.5
- diagram, 5.2
- how it works, 5.1.1
- security goals, 5.3
- privilege model
- security goals, 1.8.2.2, 5.3
- user roles, 5.4
- provisioning integration, 4.2.7
- Provisioning Integration Service, 1.8.1
- public key
- definition, Glossary
- public key infrastructure. See PKI
- public keys, 1.3
- defined, 1.3
- public-key cryptography
- definition, Glossary
- public/private key pair
- definition, Glossary
R
- RBAC, 4.2.5
- privilege delegation, 4.2.6
- RDN
- definition, Glossary
- redundant
- definition, Glossary
- reliability
- definition, Glossary
- role-based access control. See RBAC
- root certificate, 1.3
- RSA
- definition, Glossary
S
- scalability
- definition, Glossary
- Secure Hash Algorithm
- definition, Glossary
- secure socket layer, 6.1.11
- securing your Welcome page, B.3.2
- security
- best practices, 6.1
- checklist, B
- keys and certificates, 1.3
- overview in OracleAS, 1
- recommended deployment topologies, 3
- security architecture, 2
- J2EE applications, 3.3.1
- mod_plsql, 3.3.2
- OracleAS Discoverer, 3.4
- OracleAS Forms Services, 3.4
- OracleAS Reports Services, 3.4
- OracleAS Single Sign-On, 3.5.1
- OracleAS Web Cache, 3.5.2
- security checklist, B
- disabling and removing demos, B.4
- enabling component level logging, B.5
- securing OracleAS Metadata Repository schemas, B.2
- securing the Welcome page, B.3
- securing your installation and configuration, B.1
- security requirements
- OracleAS Portal, 3.3.3
- OracleAS Wireless, 3.3.3
- security services
- basic, 1.4.1, 1.4.1
- self-signed certificate, 1.3
- server and client authentication mode, 6.5.3
- server authentication, 6.5.3
- single key-pair wallet, Glossary
- single sign-on
- definition, Glossary
sqlnet.ora
file, A.1.1
SQLNET.SSLFIPS_140
parameter, A.1.1
- SSH
- definition, Glossary
- SSL, 6.5.3
- and AJP, 2.3
- enabling during and after installation, B.1.3
- overview, 1.3
- session negotiation, 1.3
- SSL acceleration, 2.2.3
- SSL encryption, 6.1.11
SSLCipherSuite
directive, A.1.2
- SSLSessionCacheTimeout, 6.1.12
- stateful inspection, 6.1.7
- Sun Java Enterprise System, 4.1.2
- switched connections, 6.1.9
- symmetric encryption, 1.3
- symmetric-key cryptography, Glossary
- systems setup
- best practices, 6.1.4
T
- third-party identity management, 4.1.2
TNS_ADMIN
environment variable, A.1.1
- topologies
- deployment, 3
- recommended, 3
- trusted certificates
- definition, Glossary
- trustpoints, 1.3
V
- virtual private network. See VPN
- VPNs
- security implications, 1.2.4
W
- W3C
- cookie security, 1.2.1
- wallet resource locator
- definition, Glossary
- wallets
- definition, Glossary
- single key-pair, Glossary
- web browser
- security, 1.2.1
- Welcome page
- creating a custom Welcome page, B.3.1
- securing your Welcome page, B.3.2
X
- X.509
- definition, Glossary
- X.509 Version 3 certificates
- with Oracle HTTP Server, 1.5.2.1