| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Solaris 11.1 Administration: Security Services Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Solaris 11.1 Administration: Security Services Oracle Solaris 11.1 Information Library |
1. Security Services (Overview)
Authentication With Encryption
Part II System, File, and Device Security
2. Managing Machine Security (Overview)
3. Controlling Access to Systems (Tasks)
4. Virus Scanning Service (Tasks)
5. Controlling Access to Devices (Tasks)
6. Verifying File Integrity by Using BART (Tasks)
7. Controlling Access to Files (Tasks)
Part III Roles, Rights Profiles, and Privileges
8. Using Roles and Privileges (Overview)
9. Using Role-Based Access Control (Tasks)
10. Security Attributes in Oracle Solaris (Reference)
Part IV Cryptographic Services
11. Cryptographic Framework (Overview)
12. Cryptographic Framework (Tasks)
Part V Authentication Services and Secure Communication
14. Using Pluggable Authentication Modules
17. Using Simple Authentication and Security Layer
18. Network Services Authentication (Tasks)
19. Introduction to the Kerberos Service
20. Planning for the Kerberos Service
21. Configuring the Kerberos Service (Tasks)
22. Kerberos Error Messages and Troubleshooting
23. Administering Kerberos Principals and Policies (Tasks)
24. Using Kerberos Applications (Tasks)
25. The Kerberos Service (Reference)
Authentication is a mechanism that identifies a user or service based on predefined criteria. Authentication services range from simple name-password pairs to more elaborate challenge-response systems, such as token cards and biometrics. Strong authentication mechanisms rely on a user supplying information that only that person knows, and a personal item that can be verified. A user name is an example of information that the person knows. A smart card or a fingerprint, for example, can be verified. The Oracle Solaris features for authentication include the following:
Secure RPC – An authentication mechanism that uses the Diffie-Hellman protocol to protect NFS mounts and a naming service, such as NIS. See Overview of Secure RPC.
Pluggable Authentication Module (PAM) – A framework that enables various authentication technologies to be plugged into a system entry service without recompiling the service. Some of the system entry services include login and ftp. See Chapter 14, Using Pluggable Authentication Modules.
Simple Authentication and Security Layer (SASL) – A framework that provides authentication and security services to network protocols. See Chapter 17, Using Simple Authentication and Security Layer.
Secure Shell – A secure remote login and transfer protocol that encrypts communications over an insecure network. See Chapter 15, Using Secure Shell.
Kerberos service – A client-server architecture that provides encryption with authentication over a secured network. See Part VI, Kerberos Service.
|