Security Considerations
5-10
Oracle Application Server Adapter for IMS/TM User’s Guide
Security Considerations
Oracle Connect works within the confines of the platform security system. For
example, on an OS/390 computer with RACF installed, and with the workspace server
mode set to multi-tasking, a
RACROUTE VERIFY
is performed for each task in the
address space, according to the client connection.
In addition, Oracle Connect provides the following security:
■
A binary XML encryption mechanism, which is activated as follows:
1.
The client’s first message to the server includes a pre-defined shared key,
includeing the key name and value in the connection string. The server gets
the key value for the key name passed from the client from the native object
store (NOS).
2.
The server generates a random 128-bit RC4 session key which is returned
encrypted to the client, using the shared key. If no predefined shared key is
provided, then a predefined, hardcoded key is used (this key is hardcoded on
the client and on the server).
3.
Passwords are always encrypted when passed over the wire, using an RC4,
128-bit session key, regardless of whether the entire session is encrypted or
not.
4.
If a predefined shared key was provided, then the entire session is encrypted.
Otherwise, only the password exchange is encrypted (using the hardcoded
key).
■
Credentials: Passwords and usernames exchanged over the network are encrypted
using a pre-defined, hardcoded, 128-bit RC4 session key.
■
Design Time: Security within Oracle Studio to grant access to Oracle Studio itself
and to grant access to computers, user profiles and workspaces.
■
Run time: Security used to access IMS/TM, including controlling the daemon for
the access.
Setting Design Time Security
Setting design time security is described in the following sections:
■
Securing access to Oracle Studio is described in
■
Securing rights to configure a computer in Oracle Studio is described in
"Specifying Users with Administrative Rights"
■
Securing access to user profiles is accomplished by right-clicking the relevant user
profile in Oracle Studio and selecting Change Master Password. In the dialog box
that is displayed, specify a password that must be provided in the future to edit
the specific user profile.
■
Securing access to workspaces is accomplished by right-clicking the relevant
workspace in Oracle Studio and selecting Set Authorization. In the dialog box that
is displayed, specify a valid user and password that must be provided in the
future to edit the specific workspace.
Setting Run-time Security
During run time, security considerations are implemented as follows:
Summary of Contents for B31003-01
Page 6: ...vi ...
Page 32: ...Resolving Specific Errors 3 18 Oracle Application Server Adapter for IMS TM User s Guide ...
Page 48: ...Transaction Support 5 12 Oracle Application Server Adapter for IMS TM User s Guide ...
Page 76: ...Configuring Oracle Connect 6 28 Oracle Application Server Adapter for IMS TM User s Guide ...
Page 83: ......
Page 106: ......
Page 112: ...Index 4 ...