Oracle Network Products Getting Started for Windows Platforms | Library |
Product |
Contents |
Index |
Oracle Network Products
The table below lists each supported Oracle Network Product, its release number, and the Windows platform on which it can be installed. Each Oracle Network Product is described in detail later in this chapter.
Oracle Protocol Adapters
The table below lists the supported protocol adapter vendor that is compatible with each Oracle Protocol Adapter.
|
TCP/IP Protocol Adapter
The TCP/IP Protocol Adapter enables client/server conversation over a network using TCP/IP and SQL*Net. This combination of Oracle products enables an Oracle application on a client to communicate with remote Oracle databases through TCP/IP (if the Oracle database is running on a host system that supports network communication using TCP/IP).
|
SPX Protocol Adapter
The SPX Protocol Adapter enables client/server conversation over a network using SPX/IPX and SQL*Net. This combination of Oracle products enables an Oracle application on a client to communicate with remote Oracle databases through SPX/IPX (if the Oracle database is running on a host system that supports network communication using SPX/IPX).
|
DECnet Protocol Adapter
The DECnet Protocol Adapter enables client/server conversation over a network using DECnet and SQL*Net. DECnet is Digital Equipment Corporations' networking and proprietary communication protocol.
The Named Pipes Protocol Adapter is a high-level interface providing interprocess communications between clients and servers (distributed applications). One process (the server side of the application) creates the pipe, and the other process (the client side) opens it by name. What one side writes, the other can read, and vice versa. Named Pipes is specifically designed for PC LAN environments.
The Oracle NetBIOS Protocol Adapter for Windows lets an Oracle application on a Windows client machine communicate with remote Oracle7 databases using NetBIOS.
Communication is over an IBM LAN Support Program or Microsoft Network Basic Extended User Interface (NetBEUI).
NetBEUI is part of the transport layer protocol, not the NetBIOS programming interface. In the Windows NT implementation, the programming interface (NetBIOS) is separate from the transport protocol (NetBEUI) to increase flexibility in the layered architecture.
NetBEUI is fast, with a low overhead (number of extra bytes) per frame of data transmitted. The protocol, however, cannot be routed. Thus, NetBEUI is most appropriate in single subnet (continuous network) networks.
NetBEUI provides compatibility with existing LAN Manager, LAN Server, and MS-Net installations. NetBEUI is provided with Windows NT to maintain connectivity to existing LAN Manager and MS-Net based networks.
Program-to-program communication protocols provide services for programs on one computer to initiate processes on another computer, thus establishing a dialogue. Peer-to-peer communication is independent of the following:
An SNA network with the LU6.2 and Physical Unit Type 2.1 (PU2.1) protocols provides APPC. The LU6.2 protocol defines a conversation between two application programs; LU6.2 is a product-independent LU-type.
The LU6.2 Protocol Adapter lets an Oracle application on a PC communicate with an Oracle7 database. This communication is over an SNA network with the Oracle7 database on a host system that supports APPC.
In addition to these server platforms, LU6.2 is available on operating systems that are client-only platforms.
|
Client Status Monitor and SQLNET.ORA Editor
The Client Status Monitor provides client connection troubleshooting information about a client workstation and access to the SQLNET.ORA editor. The SQLNET.ORA editor is a tool that enables you to edit parameters in your client's SQLNET.ORA file, including trace parameters.
|
Oracle Names
Oracle Names is a transparent naming service product that spans across a heterogeneous network with different protocols to resolve names. It stores network names and addresses so that network components can contact one another easily without regard to their physical locations or specific configurations on the network. Access to the names and addresses is through Oracle Names Servers on the network. Oracle Names version 2.0 includes a Dynamic Discovery Option (DDO), which enables servers to register themselves with well-known Name Servers. When this option is used, minimal configuration files are required.
|
The Advanced Networking Option (ANO) is comprised of the following components:
|
The following concepts are explained in the following sections:
In symmetric-key encryption, the sender of a message uses a secret key to encrypt the message, and the receiver uses the same secret key to decrypt the message. If Alice and Bob want to communicate, they must each know what the secret key is (and the key must be exchanged in a way that the secrecy of the key is preserved). If Bob and Steve want to communicate, they must also have a separate key (so that, for example, Alice cannot read their messages).
The main drawback of symmetric-key encryption is that, in a system with many users wanting to communicate, the management and distribution of keys becomes overwhelming.
Public Key Cryptography Public key cryptography solves the key management problem of symmetric-key cryptography. In the public key scheme, each person receives a pair of keys:
For example, Alice sends a message to Bob so that only Bob can read it. She encrypts the message with Bob's public key, which is public knowledge. Bob decrypts the message with his private key to read it. Only Bob owns the private key that is able to decrypt the message, and only Bob can read the message.
Digital Signatures Public key cryptography can be used for authentication (digital signatures) as well as for privacy (encryption). A digital signature is a non-forgeable way of authenticating the sender of a message and supports non-repudiation of messages. Only the purported sender of a message could actually have sent the message. The sender cannot later claim that someone impersonated her or him.
For example, Alice orders equipment, and the purchasing department (where Bob works) requires a digital signature on the purchase order. To sign the purchase order, Alice performs a computation (hash) of the message, encrypts the hash with her private key, and attaches the encrypted hash (digital signature) to the order before sending it. To verify the signature, Bob decrypts the hash with Alice's public key, performs the same computation on the order, and compares the results with Alice's decrypted hash. If the results are the same, then only Alice could have sent the message.
Digital Certificates To establish confidence in the identity associated with a public key, public keys are incorporated into digital certificates. A digital certificate is a binding of a public key to a user by a trusted third party known as a Certificate Authority (CA). The public key and user identity, together with other information such as the certificate expiration date, are digitally signed by the CA. CAs serve as electronic notaries, attesting to the identity of users and the validity of their public keys.
Certificates may be issued in several ways. For instance, Alice may generate her own key pair and send the public key to an appropriate CA with some proof of her identification. The CA verifies the identification and takes other steps to ensure that Alice is really Alice. Next, the CA sends Alice a certificate attesting to the binding between Alice and her public key, along with a hierarchy of certificates verifying the CA's public key. Alice can present this certificate chain whenever necessary to demonstrate the legitimacy of her public key.
Alternatively, the key pair may be generated by an administrator in a way that the person generating the keys does not know Alice's private key. Alice's private key may be given to her on a diskette or embedded within a token. Alice's public key is bound to a certificate by the CA, a copy given to Alice and a copy stored in a public database for ready access.
Certificate Revocation Lists Public keys are sometimes revoked before their expiration date. Such instances include compromised keys or employment termination. A CRL lists such revoked public keys. CAs maintain CRLs and provide information about revoked keys originally certified by the CA. CRLs list only current keys, since expired keys are not valid. A revoked key past the expiration date is removed from the list. Although CRLs are maintained in a distributed manner, networked sites may provide a centralized location for the latest CRLs.
|
Supported Algorithms The following algorithms are supported for encryption and checksumming:
For this release of the following adapters are supported:
|
The NDS Native Naming Adapter uses the NDS naming environment to store service names and addresses of Oracle7 Server for NetWare databases. This environment allows users to connect to Oracle7 databases whose server name is defined as an NDS object name.
To use the NDS Naming Adapter, you must configure your Windows client machine to a Novell NetWare 4.x Workstation.
|
DCE Integration
Distributed Computing Environment (DCE) Integration enables users to transparently use Oracle tools and applications to access Oracle7 servers in a DCE environment. Oracle's DCE Integration product is comprised of two major components: the DCE Communications/Security Adapter and the DCE CDS (Cell Directory Service) Naming Adapter.
|
DCE Communication/Security Adapter
The DCE Communication/Security Adapter provides:
The DCE CDS Naming Adapter offers a distributed, replicated repository service for name, address, and attributes of objects across the network. Because servers register their name and address information in the DCE CDS Naming Adapter, Oracle clients can make location-independent connections to Oracle7 servers. Services can be relocated without any changes to the client configuration. An Oracle utility is provided to load the Oracle service names (with corresponding connect descriptors) into the DCE CDS Naming Adapter. After the names are loaded, Oracle connect descriptors can be viewed from a central location with standard DCE tools.
|
Windows NT Authentication Adapter
The Windows NT Authentication Adapter allows operating system authentication to be performed between a client and an Oracle7 Server on Windows NT.
|
Prev Next |
Copyright © 1996 Oracle Corporation. All Rights Reserved. |
Library |
Product |
Contents |
Index |