The Authentication tab allows you to prioritize authentication methods.
Kerberos:
Provides support for secure, single sign-on capabilities in a distributed environment with secret key cryptography. Passwords are stored in a central repository, making password theft from the network impossible. Kerberos also provides database link authentication and enhanced PC security.
RADIUS:
Supports any authentication method that complies with the RADIUS standard, including token cards and smartcards. A RADIUS server passes information between the Oracle server and the designated authentication server(s). From the user’s perspective, the entire authentication process takes place seamlessly and transparently.
CYBERSAFE:
A Kerberos-based authentication server that provides secure authentication based on key management and shared secrets. The Challenger has password checking and authentication with token security cards.
Identix:
Enrolls each user by scanning their fingerprints and storing them in a central Biometric Authentication Server. The stored print is compared to the print read by the Identix TouchNet fingerprint scanner at sign-on time. This technology eliminates password stealing or "borrowing”. Because biometric authentication is based on the user’s fingerprint, traditional problems of forgotten passwords and lost tokens are eliminated.
NTS:
Allows operating system authentication to be performed between a client and an Oracle server on Windows NT. The Windows NT Native authentication method enables database user authentication through Windows NT. This enables client machines to make secure connections to an Oracle8 database on a Windows NT server. A secure connection is when a Windows NT client user name is retrieved on a Windows NT server through the Windows NT Native authentication method. The Windows NT server then permits the user name to perform the database actions on the server.
See Also: Windows NT documentation.
SecurID
Requires two additional pieces of information besides the user name and password to access a database—a secret Personal Identification Number (PIN) and a unique, one-time number generated by an electronic token card issued to the user. Since a user must have the physical device in their possession while logging on, token authentication helps verify a user’s identity.
< button:
Click to move an authentication method from the Available Services list to the Selected Services list.
> button:
Click to move an authentication method from the Selected Methods to the Available Methods list.
Promote button:
Click to move an authentication method up in the Selected Methods list. Net8 tries to use the first method. If it cannot use the first method, it uses the second method, and so on.
Demote button:
Click to move an authentication method down in the Selected Methods list.
Note: If you have configured the TCP/IP with SSL protocol, the Secure Sockets Layer (SSL) will be configured by default. Any authentication method you choose in this tab will override authentication features of SSL. See the SSL tab to configure additional SSL options. If you are using the TCP/IP with SSL protocol, do not use any of the other authentication methods.
See Also: Oracle Advanced Security Administrator’s Guide