Security is a big deal in Oracle, especially in 12c. That's why we have to distinguish between:

• Identification - Done by the client by claiming his/her identity
• Authentication - Done by the client and server by proving his claim, above. The authentication can happen in any of the following cases:
• * By something only the client knows (password) The most often and the most insecure
• * By something only the client posses (finger prints, retina scan) The most secure, but also prone to false positive
• * By something only the client can do (voice recognition).
• * By combination of any of the above
• Authorisation - Done by the server, by allowing actions based on rights and privileges which correspond with the PROVEN role.

1. User & Role Creation
2. User Management
3. OS Authentication
4. Kerberos Authentication