Database Reference
In-Depth Information
must be designed to prevent this kind of leakage. It's our last resort, but function-
ality must be in place.
•
Full triple-A support
: Authentication, Authorization, and Accounting (triple-A
support) should be based on the WS-Security specifications, combining a dozen
WS-*
standards, including digital signature (
DSS
;
https://www.oasis-open.org/
committees/tc_home.php?wg_abbrev=dss
)
,
encryption
,
portable trust
,
secure
conversation
, and so on. In contrast to the XML engines are the security-related
libraries for signature and encryption practicing the policy that can be expressed
as the security algorithms being widely open with the key(s) strictly undisclosed
(of course, except the public key). This is one of the ways that we can ensure that
our security algorithms are secure enough.
All of these security requirements, and many more on top of that, are covered by the
Oracle API Gateway. This concludes the overview of Oracle's Reference Architecture (
ht-
r3-1-176715.pdf
)
layers and related tools. Now we will proceed with each tool individu-
ally, starting from the Fusion foundation.
Search WWH ::
Custom Search