SSL and TLS in an Oracle Environment
7-4
Oracle Database Advanced Security Administrator's Guide
How SSL Works in an Oracle Environment: The SSL Handshake
When a network connection over SSL is initiated, the client and server perform an
SSL handshake that includes the following steps:
■
The client and server establish which
cipher suite
s
to use. This includes which
encryption algorithms are used for data transfers.
■
The server sends its certificate to the client, and the client verifies that the
server's certificate was signed by a trusted CA. This step verifies the identity of
the server.
■
Similarly, if client authentication is required, the client sends its own certificate
to the server, and the server verifies that the client's certificate was signed by a
trusted CA.
■
The client and server exchange key information using public key cryptography.
Based on this information, each generates a
session key
. All subsequent
communications between the client and the server is encrypted and decrypted
by using this set of session keys and the negotiated cipher suite.
The authentication process consists of the following steps:
1.
On a client, the user initiates an Oracle Net connection to the server by using
SSL.
2.
SSL performs the handshake between the client and the server.
3.
If the handshake is successful, the server verifies that the user has the
appropriate
authorization
to access the database.
Summary of Contents for Database Advanced Security 10g Release 1
Page 17: ...xvii ...
Page 20: ...xx ...
Page 24: ...xxiv ...
Page 42: ...xlii ...
Page 44: ......
Page 102: ......
Page 124: ......
Page 246: ...Managing Certificates 8 28 Oracle Database Advanced Security Administrator s Guide ...
Page 284: ......
Page 384: ......
Page 414: ...Physical Security D 6 Oracle Database Advanced Security Administrator s Guide ...
Page 518: ...Index 10 ...