Data Encryption

Simply stated, data encryption equates to data privacy. A malicious user can use a network sniffer to eavesdrop on network traffic. Without encryption, she can collect the network data in a readable form as it is transmitted. If the data is encrypted using the RSA or DES cryptographic algorithms, it can still be collected, but it will be unreadable. Data encryption must be enabled, or requested, by both the client and the server for it to be used when a new connection is created.

Enabling Encryption on a Server

To enable data encryption on the server, you need to set the SQLNET.ENCRYPTION_SERVER and SQLNET.ENCRYPTION_TYPES_SERVER parameters in your server’s sqlnet.ora file. The syntax for setting these parameters is:

SQLNET.ENCRYPTION_SERVER = [REJECTED | ACCEPTED | REQUESTED | REQUIRED]
SQLNET.ENCRYPTION_TYPES_SERVER = (type[,type...])

type ::= [DES40 | RC4_40 | DES | RC4_56 | RC4_128]

which breaks down as:

SQLNET.ENCRYPTION_SERVER

Specifies the server’s preference for whether encryption is used when new connections are made. The following are valid values:

REJECTED

The server does not support encryption. Connections from clients requesting encryption will be refused.

ACCEPTED

The server will accept a request from the client to support encryption.

REQUESTED

The server will request encryption from the client.

REQUIRED

The server requires encryption. If the client cannot support encryption, then the connection will be refused.

SQLNET.ENCRYPTION_TYPES_SERVER

Specifies the ...

Get Java Programming with Oracle JDBC now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.