What’s in the OSS?

The OSS is comprised of several components that use underlying protocols to enable its wide assortment of security features. The features the OSS provides are:

  • User authentication

  • Certificates of authority

  • Digital signatures

  • Public and private key pairs

We have already discussed, in a general way, the meaning and function of each of these security approaches. This section examines the OSS structure and what protocols are used to support the features.

The OSS Architecture

The OSS is made up of the following components:

  • The OSS Repository

  • The OSS Manager

  • The OSS Authentication Adapter

The person who interacts with and manages the tool is referred to as the security administrator. As we’ve discussed earlier in the book, the security administrator at a site might be a DBA or someone whose basic job is as a security manager or system administrator. In other words, the security administrator does not have to be a DBA to work with the OSS toolset. Each piece of the OSS — the repository, the Manager, the Authentication Adapter, and the security administrator himself or herself — combines to comprise a certificate authority. The OSS toolset can be used with both Oracle7 — from version 7.3.2 forward — and Oracle8.

The OSS Repository

As with some other Oracle products, such as the Oracle Enterprise Manager (OEM) and the Oracle Recovery Manger (RMAN), the Oracle Security Server requires an area of a database in which information can be stored about encrypted private keys as ...

Get Oracle Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.