Pages

Subscribe:

Ads 468x60px

Showing posts with label data security. Show all posts
Showing posts with label data security. Show all posts

Wednesday, 8 February 2012

Oracle Advance Security - What is Kerberos Protocol

What is Kerberos?



Kerberos is named after the three-headed dob Cerberus, who guards the gates of the underworld in Greek mythology.

A network security system developed as part of project Athena at MIT. Kerberos is used to authenticate a user who is asking to use a particular network service.

Kerberos can be used to control the initial connection to a server or can be used to authenticate every single request and message passed between the client and the server. It grants tickets to a client to allow the use of a specific service and is secure even on a non-secure network.

Kerberos takes the following precautions:
  • Passwords are never sent unencrypted over the network. This means that network snoopers cannot easily capture passwords.
  • All Kerberos messages are timestamped so that they cannot be captured and replayed later; Kerberos does not accept old messages.
When you request access to a service-to access a file server, for example – Kerberos gives you a ticket, which is valid for access to the file server but not valid for any other service. When you try to connect to the database server, you send your ticket with the request. Once the database server knows who you are, the server decides whether to grant you access. Tickets also expire, and if your session lasts longer that the predefined time limit, you will have to re-authenticate yourself to Kerberos to get a new ticket.

The Kerberos method uses powerful cryptography so that a customer can confirm its identification to a hosting server (and vice versa) across an inferior system relationship. After a customer and hosting server has used Kerberos to confirm their identification, they can also secure all of their emails to guarantee comfort and information reliability as they go about their enterprise.

Kerberos is strong method of authentication for deploying high level of security of Oracle database. Of course, it is not sufficient to maintain single security on database server. Database DBA always recommends advance security of Oracle database server. Data security is major goal for every company and maintains high security of data is important security achievement for every Oracle specialist who is providing database support either remotely or onsite.