Index
A
B
C
D
E
F
H
I
J
K
L
M
O
P
R
S
T
U
V
W
X
A
- accelerating SSL, 2-6
- AJP
- use with SSL encryption, 2-8
- Apache HTTP server, 1-8
- application deployers
- references, i-xvi
- architecture
- Oracle Application Server security, 2-1 to 2-9
- authentication
- definition, Glossary-1
- in OracleAS JAAS Provider, 2-7
- using OracleAS Single Sign-On, 3-5
- authorization
- in OracleAS JAAS Provider, 2-7
- auto login
- and Oracle Wallet Manager, A-19
- availability
- definition, Glossary-1
B
- BC4J
- security, 1-18
- BHAPI, 2-6
- browser security implications, 1-2
C
- certificate authority
- definition, Glossary-2
- certificates
- definition, Glossary-1
- trusted, A-25
- X.509, A-4
- cipher suite
- definition, Glossary-2
- ciphertext
- definition, Glossary-2
- configuring
- DMZ architectures, 4-6
- cryptography
- definition, Glossary-2
D
- decryption
- definition, Glossary-2
- Delegated Administration Service (DAS), 1-14
- delegation
- how it works, 5-2
- privilege, 5-1 to 5-7
- Departmental Topology, 1-12
- deployment topologies, 4-1 to 4-16
- DES
- definition, Glossary-2
- Development Life Cycle Support Topology, 1-13
- Diffie-Hellman key negotiation
- definition, Glossary-3
- directory information tree
- definition, Glossary-3
- Directory Integration and Provisioning, 3-8
- distinguished name
- definition, Glossary-3
- DIT
- definition, Glossary-3
- DMZ, 4-3
- configuring architectures, 4-6
- definition, 4-3, Glossary-2
- infrastructure zone, 4-5
- J2EE Business Logic zone, 4-5
- requirements, 4-5 to 4-6
E
- Enterprise Data Center Topology, 4-9 to 4-10
- J2EE Applications, 1-13
- Portal, Wireless, and Business Intelligence Applications, 1-13
F
- failover
- definition, Glossary-4
- fault tolerance
- definition, Glossary-4
- firewalls, 4-2
- and mod_plsql, 4-6
- security implications, 1-3
- Forms, Reports, and Discoverer Developer Topology, 1-12
H
- hot standby
- definition, Glossary-4
- HTTP, 1-9
- HTTPS, 1-9
- HTTPS-to-HTTP appliances, 4-7
I
- identity management
- integrating third-party solutions, 3-2
- third-party solutions, 3-8
- infrastructure DMZ zone, 4-5
- installation topologies, 1-11
- instance passwords
- changing, 3-4
- Integration Architect and Process Modeler Topology, 1-12
J
- J2EE applications
- and security architecture, 4-9
- J2EE Business Logic DMZ zone, 4-5
- JAAS, 1-10
- Java Developer Topology, 1-11
K
- key
- definition, Glossary-4
- key pair
- definition, Glossary-4
L
- LDAP, A-7
- definition, Glossary-5
- LDIF
- definition, Glossary-4
- load balancers, 4-2
- hardware, 4-7
- security implications, 1-4
- localhost
- definition, Glossary-5
- LoginModule API
- in OracleAS JAAS Provider, 2-7
M
- man-in-the-middle
- definition, Glossary-5
- MD5
- definition, Glossary-5
- message digest
- definition, Glossary-5
- message flow
- OracleAS Single Sign-On, 2-5
- mod_plsql
- and firewalls, 4-6
- and security architecture, 4-9
- mods, defined, 1-9
O
- OC4J, 1-10
- OID. See Oracle Internet Directory.
- OIM. See Oracle Identity Management.
- one-way hash function
- definition, Glossary-5
- Oracle Advanced Security, 2-2
- Oracle Application Server Certificate Authority Topology, 1-13
- Oracle Application Server Integration
- security, 1-17
- Oracle Application Server Java Authentication and Authorization Service.See OracleAS JAAS Provider.
- Oracle Applications wallet location, A-18
- Oracle Business Components for Java
- security, 1-18
- Oracle Certificate Authority, 1-14, A-27
- Oracle Delegated Administration Services, 3-6
- Oracle Directory Integration Service, 1-14
- Oracle HTTP Server, 1-8, 1-9, 1-16
- overview of security, 2-4
- security, 1-8
- security enhancements, 1-16
- security services, 1-9
- Oracle Identity Management, 1-11, 3-1 to 3-9
- infrastructure, 1-11
- new security features, 1-14
- password policies, 3-3
- Oracle Internet Directory
- changing instance passwords, 3-4
- new features, 1-14
- Oracle Internet Directory (OID), 1-14
- Oracle Net
- definition, Glossary-6
- Oracle Wallet Manager, A-1 to A-28
- auto login, A-19
- compatibility, A-3
- LDAP directory support, A-7
- managing certificates, A-20
- managing user certificates, A-20
- microsoft windows registry wallet storage, A-3
- multiple certificate support, A-4
- options, A-3
- Oracle Certificate Authority Certificates, A-27
- passwords, A-2
- strong wallet encryption, A-2
- Oracle wallets
- password protection, A-2
- Oracle Workflow, 1-18
- security, 1-18
- OracleAS
- introduction, 1-2
- middle-tier components, 1-8 to 1-10
- security architecture, 2-2
- security overview, 1-1 to 1-18
- OracleAS Business Components for Java . See BC4J
- OracleAS Certificate Authority
- new features, 1-16
- OracleAS Discoverer
- security architecture, 4-12
- OracleAS Forms Services
- security architecture, 4-12
- OracleAS Integration, 1-17
- OracleAS JAAS Provider
- LoginModule API, 2-7
- security implications, 2-7
- OracleAS Metadata Repository, 1-11, 2-2
- OracleAS Portal, 1-10, 3-1
- dependency on Oracle Identity Management, 3-1
- security implications, 2-8
- security requirements, 4-10
- OracleAS Reports Services
- security architecture, 4-12
- OracleAS Single Sign-On, 1-14
- message flow, 2-5
- new features, 1-15
- security architecture, 4-15
- use in authentication, 3-5
- OracleAS Web Cache, 1-8
- security architecture, 4-16
- security implications, 2-8
- OracleAS Wireless
- security requirements, 4-10
- OracleHOME_NAMEWebCache service, A-11
- OracleHOME_NAMEWebCacheAdmin service, A-11
P
- password policies, 3-3
- PEM
- definition, Glossary-6
- PGP
- definition, Glossary-6
- PKCS, A-4
- PKCS 12
- definition, Glossary-6
- PKI, A-2
- and OracleAS Certificate Authority, 3-8
- cryptography standards (PKCS) support, A-4
- definition, Glossary-6
- managing with Oracle Wallet Manager, A-1 to A-28
- plaintext
- definition, Glossary-6
- Portal and Wireless Developer Topology, 1-12
- private key
- definition, Glossary-6
- privilege delegation, 5-1 to 5-7
- and RBAC, 3-6
- component runtime, 5-7
- diagram, 5-3
- security goals, 5-6
- privilege model
- security goals, 1-17, 5-6
- user roles, 5-6
- Provisioning Integration, 3-7
- Provisioning Integration Service, 1-14
- public key
- definition, Glossary-7
- public key infrastructure. See PKI
- public-key cryptography
- definition, Glossary-7
- public/private key pair
- definition, Glossary-7
R
- RBAC, 3-6
- privilege delegation, 3-6
- RDN
- definition, Glossary-7
- redundant
- definition, Glossary-7
- reliability
- definition, Glossary-7
- role-based access control. See RBAC
- RSA
- definition, Glossary-7
S
- scalability
- definition, Glossary-8
- Secure Hash Algorithm
- definition, Glossary-8
- security
- overview in OracleAS, 1-1 to 1-18
- security architecture, 2-1 to 2-9
- J2EE applications, 4-9
- mod_plsql, 4-9
- OracleAS Discoverer, 4-12
- OracleAS Forms Services, 4-12
- OracleAS Reports Services, 4-12
- OracleAS Single Sign-On, 4-15
- OracleAS Web Cache, 4-16
- security requirements
- OracleAS Portal, 4-10
- OracleAS Wireless, 4-10
- security services
- basic, 1-5
- single key-pair wallet, Glossary-9
- single sign-on
- definition, Glossary-9
- SSH
- definition, Glossary-8
- SSL
- and AJP, 2-8
- SSL acceleration, 2-6
- SSL wallet location, A-10, A-18
- SSO wallets, A-19
- symmetric-key cryptography, Glossary-9
T
- topologies
- deployment, 4-1 to 4-16
- trusted certificates, A-25
- definition, Glossary-9
U
- user certificates
- managing, A-20
V
- virtual private network. See VPN
- VPNs
- security implications, 1-4
W
- wallet resource locator
- definition, Glossary-9
- wallets
- auto login, A-19
- changing a password, A-19
- closing, A-12
- considerations for Windows, A-10
- creating, A-9
- definition, Glossary-9
- deleting, A-18
- downloading from LDAP directory, A-16
- exporting, A-14
- exporting to tools that do not support PKCS#12, A-14
- importing, A-13
- managing, A-8
- managing certificates, A-20
- managing trusted certificates, A-25
- opening, A-12
- Oracle Applications wallet location, A-18
- password guidelines, A-9
- saving, A-17
- saving changes, A-17
- saving in system default, A-18
- saving to a new location, A-17
- single key-pair, Glossary-9
- SSL wallet location, A-10, A-18
- SSO wallets, A-19
- uploading to LDAP directory, A-15
X
- X.509
- definition, Glossary-9
- X.509 Version 3 certificates
- with Oracle HTTP Server, 1-9