Data Integrity in Network Security of Oracle

Data Integrity in Network Security of Oracle

When large piece of data is sent over a network broken into small pieces.
Integrity play role to verifies that all the packets which are transmitted from source to target is reached in same sequence and are not altered in between.
This is done with checkum that is send along packets.

Configure with SQLNET File

sqlnet.ora file has following entries:

--On the server:
SQLNET.CRYPTO_CHECKSUM_SERVER = [accepted | rejected | requested | required]
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER = (valid_crypto_checksum_algorithm [,valid_crypto_checksum_algorithm])

--On the client:
SQLNET.CRYPTO_CHECKSUM_CLIENT = [accepted | rejected | requested | required]
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = (valid_crypto_checksum_algorithm [,valid_crypto_checksum_algorithm])

Parameters:
ACCEPTED : Both allow integration or non-integration data.(Default)
REJECTED : Both allow non-integration data only.
REQUESTED : Both accepted integration but if not possible then also accept non-integration also.
REQUIRED : Both accepted integration data only.

Example of Configure

-- On the Server
SQLNET.CRYPTO_CHECKSUM_SERVER = REQUIRED
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER= (SHA256, SHA384, SHA512, SHA1, MD5)

-- On the Client
SQLNET.CRYPTO_CHECKSUM_SERVER = REQUIRED
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER= (SHA256, SHA384, SHA512, SHA1, MD5)

Configure with NET MANAGER
At Server:
1. Open the NETMGR —> Expand the “Local” buttons and Select “PROFILE” –> At Right Side Window, Select “Network Security” from drop down box
2. Go to “Integrity” Tab –> Select “SERVER” –> Choose option as REQUIRED –> Choose the Available method type MD5

Integrity

At Client:
1. Open the NETMGR —> Expand the “Local” buttons and Select “PROFILE” –> At Right Side Window, Select “Network Security” from drop down box
2. Go to “Integrity” Tab –> Select “CLIENT” –> Choose option as REQUIRED –> Choose the Available method type MD5

Integrity Client