Security Services
In addition to providing secure authentication of users, SEAM provides two security services:
-
Integrity. Just as authentication ensures that clients on a network are who they claim to be, integrity ensures that the data they send is valid and has not been tampered with during transit. This is done through cryptographic checksumming of the data. Integrity also includes user authentication.
-
Privacy. Privacy takes security a step further. It not only includes verifying the integrity of transmitted data, but it encrypts the data before transmission, protecting it from eavesdroppers. It authenticates users, as well.
Note -Because of U.S. export restrictions, the privacy service might not be available to all SEAM users.
Currently, of the various Kerberized applications which are part of SEAM, only the ftp command allows users to change security service at runtime ("on the fly"). Developers can design their RPC-based applications to choose a security service by using the RPCSEC_GSS programming interface.
- © 2010, Oracle Corporation and/or its affiliates