User's Manual
How To Configure Data Encryption and Integrity
3-8 Oracle Database Advanced Security Administrator's Guide
In this scenario, this side of the connection specifies that the security service must be
enabled. The connection fails if the other side specifies REJECTED or if there is no
compatible algorithm on the other side.
Table 3–1 shows whether the security service is enabled, based on a combination of
client and server configuration parameters.If either theserver or client hasspecified
REQUIRED, the lack of a common algorithm causes the connection to fail. Otherwise,
if the service is enabled, lack of a common service algorithm results in the service
being disabled.
Setting the Encryption Seed (Optional)
Several seeds are used to generate a random number on the client and on the server.
One of the seeds that can be used is a user-defined encryption seed. This is set with
Table 3–1 Encryption and Data Integrity Negotiations
Client Setting Server Setting Encryption and Data Negotiation
REJECTED REJECTED OFF
ACCEPTED REJECTED OFF
REQUESTED REJECTED OFF
REQUIRED REJECTED Connection fails
REJECTED ACCEPTED OFF
ACCEPTED ACCEPTED
OFF
1
1
This value defaults to OFF. Cryptography and data integrity are not enabled until the user changes this parameter by using
Oracle Net Manager or by modifying the sqlnet.ora file.
REQUESTED ACCEPTED ON
REQUIRED ACCEPTED ON
REJECTED REQUESTED OFF
ACCEPTED REQUESTED ON
REQUESTED REQUESTED ON
REQUIRED REQUESTED ON
REJECTED REQUIRED Connection fails
ACCEPTED REQUIRED ON
REQUESTED REQUIRED ON
REQUIRED REQUIRED ON