So far, we have been discussing how to make connections to an Oracle database from applications, applets, servlets, and internal objects . All these connections have had something in common: they were all unsecured connections. With unsecured connections, someone intent on malicious activity can intercept the information being passed between your client and server and even modify it while in transit. Practically speaking, if you’re using your application on a corporate intranet, this should not be much of a concern. However, if you’re using JDBC to connect to a database over the Internet, the Oracle Advanced Security (ASO) option can protect your data’s privacy and integrity.

Oracle Advanced Security is a set of advanced security options, some of which are packaged with Oracle Enterprise Edition, and some of which are purchased from a third party. They allow you to create a secured connection to a database or use a more secure authentication scheme. Oracle Advanced Security provides five security enhancements to JDBC connections:

When using the OCI driver, all five of these enhancements are enabled by configuration settings in the Oracle Client software. However, with the Thin driver, none of the authentication ...