«  
  »

Oracle Database 11g: Security Student Guide

作者: Maclean Liu , post on October 22nd, 2010 , English Version
【本站文章除注明转载外,均为本站原创编译】
转载请注明:文章转载自: Oracle Clinic – Maclean Liu的个人技术博客 [http://www.oracledatabase12g.com/]
本文标题: Oracle Database 11g: Security Student Guide
本文永久地址: http://www.oracledatabase12g.com/archives/oracle-database-11g-security-student-guide.html

Objectives

After completing this lesson, you should be able to:

  • Configure strong authentication for privileged users
  • Create a virtual private catalog for RMAN

Secure Password Support

  • More Secure Password Support. Passwords
  • Are case sensitive
  • Contain more characters
  • Use more secure hash algorithm
  • Use salt in the hash algorithm
  • Usernames are still Oracle identifiers (up to 30 characters,case insensitive)

You must use more secure passwords to meet the demands of compliance to various security and
privacy regulations. Passwords that very short and passwords that are formed from a limited set
of characters are susceptible to brute force attacks. Longer passwords with more different
characters allowed make the password much more difficult to guess or find. In Oracle Database
11g, the password is is handled differently than in previous versions;

  • Passwords are case sensitive. Upper and lower case characters are now different characters when used in a password.
  • Passwords may contain multibyte characters without quoting. Only the ‘$’,’_’, and ‘#’ special characters are allowed in the password without quoting the password.
  • Passwords are always passed through a hash algorithm, then stored as a user credential.When the user presents a password, it is hashed then compared to the stored credential. In Oracle Database 11g the hash algorithm is SHA-1 of the public algorithm used in previous versions of the database. SHA-1 is a stronger algorithm using a 160 bit key.
  • Passwords always use salt. A hash function always produces the same output, given the same input. Salt is a unique (random) value that is added to the input, to insure the output credential in unique.

D52365
View more documents from liumaclean.

© 2010, www.oracledatabase12g.com. 版权所有.文章允许转载,但必须以链接方式注明源地址,否则追究法律责任.

相关文章 | Related posts:

  1. Oracle Database 11g: New Features Overview eStudy Student Guide
  2. Oracle Database 11g: Scheduler Student Guide
  3. Oracle Database 11g: Diagnosability Student Guide
  4. Oracle Database 11g: Program Development Student Guide
  5. Oracle Database 11g: BI and Data Warehousing Student Guide
  6. Oracle Database 11g: Java Development Student Guide
  7. Oracle Database 11g: High Availability Student Guide
  8. Know about Oracle Network Security
  9. Dumps,Crashes and Corruptions Student Guide
  10. Oracle BI Enterprise Edition 11g Installation,Upgrade,Security
Oracle, Oracle 11g新特性   ,  
«  
  »

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«  
  »