Data Integrity

Data integrity ensures that a data packet from one end of a connection reaches the other end unchanged. This prevents two additional types of malicious attacks: data tampering and replay. Data tampering occurs when part of a data packet’s contents are modified in transit. Replay is the process of transmitting a valid transaction multiple times.

Data integrity is ensured using MD5 cryptographic checksums.^[2] When you use Oracle Advanced Security’s data integrity facilities, a cryptographically secure message digest is created for, and passed with, each data packet sent across the network. This message digest is a checksum value that changes if any of the data in a data packet changes.

Enabling Data Integrity on a Server

To enable data integrity on a server, you need to set the SQLNET.CRYPTO_CHECKSUM_SERVER and SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER parameters in your server’s sqlnet.ora file. The syntax for setting these parameters is:

SQLNET.CRYPTO_CHECKSUM_SERVER=[REJECTED | ACCEPTED | REQUESTED | REQUIRED]
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER=(MD5)

which breaks down as:

SQLNET.CRYPTO_CHECKSUM_SERVER: Specifies the server’s preference for whether data integrity is used when new connections are made. The following are valid values:
REJECTED: The server does not support data integrity. Connections from clients requesting data integrity will be refused.
ACCEPTED: The server will accept a request from the client to support data integrity.
REQUESTED: The server will request data ...

Get Java Programming with Oracle JDBC now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Java Programming with Oracle JDBC by Donald Bales

Data Integrity

Enabling Data Integrity on a Server

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly