The OSS is comprised of several components that use underlying protocols to enable its wide assortment of security features. The features the OSS provides are:
Certificates of authority
Public and private key pairs
We have already discussed, in a general way, the meaning and function of each of these security approaches. This section examines the OSS structure and what protocols are used to support the features.
The OSS is made up of the following components:
The OSS Repository
The OSS Manager
The OSS Authentication Adapter
The person who interacts with and manages the tool is referred to as the security administrator. As we’ve discussed earlier in the book, the security administrator at a site might be a DBA or someone whose basic job is as a security manager or system administrator. In other words, the security administrator does not have to be a DBA to work with the OSS toolset. Each piece of the OSS — the repository, the Manager, the Authentication Adapter, and the security administrator himself or herself — combines to comprise a certificate authority. The OSS toolset can be used with both Oracle7 — from version 7.3.2 forward — and Oracle8.
As with some other Oracle products, such as the Oracle Enterprise Manager (OEM) and the Oracle Recovery Manger (RMAN), the Oracle Security Server requires an area of a database in which information can be stored about encrypted private keys as ...