Oracle Sec. Dev. Tools
Security tools are a critical component for today's application development projects. Commercial requirements and government regulations dictate that sensitive data be kept confidential and protected from tampering or alteration.
Oracle Security Developer Tools provide you with the cryptographic building blocks necessary for developing robust security applications, ranging from basic tasks like secure messaging to more complex projects such as securely implementing a service-oriented architecture. The tools build upon the core foundations of cryptography, public key infrastructure, web services security, and federated identity management.
This chapter takes a closer look at these underlying security technologies and introduces the components of the Oracle Security Developer Tools. It covers topics:
As data travels across untrusted communication channels, cryptography protects the transmitted messages from being intercepted (a passive attack) or modified (an active attack) by an intruder. To protect the message, an originator uses a cryptographic tool to convert plain, readable messages or plaintext into encrypted cipher text. While the original text is present, its appearance changes into a form that is unintelligible if intercepted. The message recipient likewise uses a cryptographic tool to decrypt the ciphertext into its original readable format.
Cryptography secures communications over a network such as the internet by providing:
• Authentication, which assures the receiver that the information is coming from a trusted source. Authentication is commonly achieved through the use of a Message Authentication Code.
• Confidentiality, which ensures that only the intended receiver can read a message. Confidentiality is commonly attained through encryption.
• Integrity, which ensures that the received message has not been altered from the original. Integrity is commonly ensured by using a cryptographic hash function.
• Non-repudiation, which is a way to prove that a given sender actually sent a particular message. Non-repudiation is typically achieved through the use of digital signatures.
Types of Cryptographic Algorithms
The mathematical operations used to map between plaintext and ciphertext are identified by a cryptographic algorithm (also known as a cipher). Cryptographic algorithms require the text to be mapped, and, at a minimum, require some value which controls the mapping process. This value is called a key.
Essentially, there are three types of cryptographic algorithms which can be categorized by the number of keys used for encryption and decryption, and by their application and usage. The basic types of cryptographic algorithms are:
• Symmetric Cryptographic Algorithms
• Asymmetric Cryptographic Algorithms
• Hash Functions
Each type is optimized for certain applications. Hash functions are suited for ensuring data integrity. Symmetric cryptography is ideally suited for encrypting messages. Asymmetric cryptography is used for the secure exchange of keys, authentication, and non-repudiation. Asymmetric cryptography could also be used to encrypt messages, although this is rarely done. Symmetric cryptography operates about 1000 times faster, and is better suited for encryption than asymmetric cryptography.
Services: - Oracle Sec. Dev. Tools Homework | Oracle Sec. Dev. Tools Homework Help | Oracle Sec. Dev. Tools Homework Help Services | Live Oracle Sec. Dev. Tools Homework Help | Oracle Sec. Dev. Tools Homework Tutors | Online Oracle Sec. Dev. Tools Homework Help | Oracle Sec. Dev. Tools Tutors | Online Oracle Sec. Dev. Tools Tutors | Oracle Sec. Dev. Tools Homework Services | Oracle Sec. Dev. Tools