Skip to main content

Database Authentication

Authentication is the process of verifying the identity of a user, device, or other entity in a computer system, often as a prerequisite to granting access to resources in a system.

Oracle provides several means for users to be authenticated before they are allowed to create a database session.

Database Authentication

Identified and authenticated by the database, which is called database authentication. If you choose database authentication for a user, then administration of the user account including authentication of that user is performed entirely by Oracle Database.

External Authentication

Authenticated by the operating system or network service, which is called external authentication.

When you choose external authentication for a user, the user account is maintained by Oracle Database, but password administration and user authentication is performed by an external service. This external service can be the operating system or a network service, such as Oracle Net.

Global Authentication & Authorization

Authenticated globally by Secure Sockets Layer (SSL), called global users, whose database access is through global roles, authorized by an enterprise directory.

Oracle Advanced Security enables you to centralize management of user-related information, including authorizations, in an LDAP-based directory service. Users can be identified in the database as global users, meaning that they are authenticated by SSL and that the management of these users is done outside of the database by the centralized directory service. Global roles are defined in a database and are known only to that database, but authorizations for such roles is done by the directory service.

Proxy Authentication & Authorization

Allowed to connect through a middle-tier server that authenticates the user, assumes that identity, and can enable specific roles for the user. This combination of actions and abilities is called proxy authentication and authorization.

It is possible to design a middle-tier server to proxy clients in a secure fashion.


Oracle provides three forms of proxy authentication:

The middle-tier server authenticates itself with the database server and a client, in this case an  application user or another application, authenticates itself with the middle-tier server. Client identities can be maintained all the way through to the database.

The client, in this case a database user, is not authenticated by the middle-tier server. The clients identity and database password are passed through the middle-tier server to the database server for authentication.

The client, in this case a global user, is authenticated by the middle-tier server, and passes one of the following through the middle tier for retrieving the client's user name.




Labels:

Comments

Post a Comment

Popular posts from this blog

What is Tensor Parallelism and relationship between Buffer and GPU

  Tensor Parallelism in GPU Tensor parallelism is a technique used to distribute the computation of large tensor operations across multiple GPUs or multiple cores within a GPU .   It is an essential method for improving the performance and scalability of deep learning models, particularly when dealing with very large models that cannot fit into the memory of a single GPU. Key Concepts Tensor Operations : Tensors are multidimensional arrays used extensively in deep learning. Common tensor operations include matrix multiplication, convolution, and element-wise operations. Parallelism : Parallelism involves dividing a task into smaller sub-tasks that can be executed simultaneously. This approach leverages the parallel processing capabilities of GPUs to speed up computations. How Tensor Parallelism Works Splitting Tensors : The core idea of tensor parallelism is to split large tensors into smaller chunks that can be processed in parallel. Each chunk is assigned to a different GP...
Post a Comment
Read more

Data Wrangling vs EDA

  Aspect Data Wrangling (Data Preprocessing) Exploratory Data Analysis (EDA) Objective Prepare raw data for modeling by cleaning, transforming, and formatting it appropriately. Explore and understand the data to gain insights, identify patterns, and make decisions on data handling and modeling. Order Typically performed as a preliminary step before EDA. Usually conducted after data wrangling to further investigate data characteristics. Data Handling Focuses on data cleaning, filling missing values, encoding categorical variables, and scaling features. Involves data visualization, statistical analysis, and summary statistics to uncover patterns, relationships, and anomalies. Techniques Techniques include imputation, outlier detection, feature scaling, and one-hot encoding. Techniques include histograms, scatter plots, box plots, correlation matrices, and descriptive statistics. Data Transformation Involves structural changes to the dataset, such as feature engineering, data normaliz...
Post a Comment
Read more

What's replicated, what's not?

Logged operations are replicated. These include, but are not limited to: DDL DML Create/alter table space Create/alter storage group Create/alter buffer pool XML data. Logged LOBs Not logged operations are not replicated. These include, but are not limited to: Database configuration parameters (this allows primary and standby databases to be configured differently). "Not logged initially" tables Not logged LOBs UDF (User Defined Function) libraries. UDF DDL is replicated. But the libraries used by UDF (such as C or Java libraries)  are not replicated, because they are not stored in the database. Users must manually copy the libraries to the standby. Note: You can use database configuration parameter  BLOCKNONLOGGED  to block not logged operations on the primary.
Post a Comment
Read more