View
1.492
Download
0
Category
Preview:
DESCRIPTION
Christian Patrascu
Citation preview
<Insert Picture Here>
Identity Management – 11g Review and Future Directions
Christian Patrascu, Principal Product Manager
Oracle Fusion Middleware
<Insert Picture Here>
Agenda
• Identity and Access Management with Oracle 11G
• Future Directions
<Insert Picture Here>
Agenda
• Identity and Access Management with Oracle 11G
• Future Directions
20102005
Oracle’s IdM Business Momentum
• License Revenue
• No. of Products
• No. of Customers
• Developers & PM
• SI Partners
• Analyst Evaluation
3
< 250
< 60
< 5
Niche Player
> 1,300% growth
18
> 6,000
> 500
> 100
Suite Leader
5
Key 11g Design Themes
Hot Pluggable
Suite Wide
Integration &
Standardization
Service-Oriented Security
Partners / Suppliers orlocal authorities
Web Service Security
Directory Service
External Users(Economy, Citizens)
Internal Users
Access Control
Id. Synchronization
Data
Oracle End to End Security with 11G
Fraud D. & Strong Auth.
Provisioning & Role Mgt.
Entitlement Management
Partners / Suppliers orlocal authorities
FederationAudit, Compliance & SOD
Information Rights Management
Information Rights Management
Partners / Suppliers orlocal authorities
Partners / Suppliers orlocal authorities
Web Service Security
Directory Service
External Users(Economy, Citizens)
Internal Users
Access Control
Data
……
Oracle End to End Security with 11G
Fraud D. & Strong Auth.
Provisioning & Role Mgt.
Oracle Web Service Manager
Oracle Access Manager
Oracle DB Vault & Audit
Oracle Adv. Security
Enterprise User Security
Oracle DB Firewall
Oracle Enterprise Single Sign On
Oracle Identity Analytics
Oracle AdaptiveAccess Manager
Oracle Identity Manager
Oracle DirectoryServer EE
Oracle Internet Directory
Oracle VirtualDirectory
Information RightsManager
Audit, Compliance & SOD
Id. Synchronization
Federation
Entitlement ManagementOracle
Enitlements Server
Oracle Identity Federation
Oracle Identity Management 11GComprehensive and Best-of-Breed
Oracle Platform Security Services
Access Management *Identity Administration Directory Services
Access Manager
Adaptive Access Manager
Enterprise Single Sign-On
Entitlements Server
Identity Federation
Information Rights Management
Web Services Manager
Identity Manager Directory Server EE
Internet Directory
Virtual Directory
Identity Analytics
Management Pack For Identity Management
Operational Manageability
Identity & Access Governance
*Access Management includes Oracle OpenSSO STS and Oracle OpenSSO Fedlet
Security Governor
Oracle Identity Management 11GComprehensive and Best-of-Breed
Oracle Platform Security Services
Access Management *Identity Administration Directory Services
Access Manager
Adaptive Access Manager
Enterprise Single Sign-On
Entitlements Server
Identity Federation
Information Rights Management
Web Services Manager
Identity Manager Directory Server EE
Internet Directory
Virtual Directory
Identity Analytics
Management Pack For Identity Management
Operational Manageability
Identity & Access Governance
*Access Management includes Oracle OpenSSO STS and Oracle OpenSSO Fedlet
Security Governor
Oracle Identity Analytics Compliance and Identity Governance
• Rich Identity Warehouse
– Optimized for Analysis &
Reporting
• Advanced Role Mining
and Engineering
• Attestation using Cert360
– Offers complete view of
users, roles and
entitlements
• Extensive Set of
Actionable Dashboards &
Risk Analytics
Ide
nti
tyW
are
ho
us
e
Dashboard & Reports
Enterprise Applications
Identity Manager
Risk Analytics
IT Audit Policy
Access Certification
Identity Data Sources
Access Manager
Oracle Identity Analytics
Identity Warehouse
OIA 11G – Attestation Demo
Attestation1. Login to OIA 11G
2. View the Compliance Console
3. Go to Attestation Page
4. Set the context for what to review
5. Certify the users Roles & Entitlements
6. Revoke one Entitlement
0:15
OIA 11G – SOD Demo
1. Login to OIA 11G
2. Create a new Rule (Employee Type =
Contractor and Role Name = Supplier Role)
3. Add Rule to a Policy
4. Run the Policy manually with All Users
5. Results: One violation Detected
6. Login as Compliance Officer
7. Looking at Open Violations from his Dashboard
8. We “accept the risk” and set an expiration date
Segregation
2:35
<Insert Picture Here>
Agenda
• Identity and Access Management with Oracle 11G
• Future Directions
14
This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described in this document remains at the sole discretion of Oracle. This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. This document and information contained herein may not be disclosed, copied, reproduced or distributed to anyone outside Oracle without prior written consent of Oracle. This document is not part of your license agreement nor can it be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates.
Oracle IdM Suite 11G R2Key Themes & Directions
Strategic Focus areas:
Enterprise-class multi-tenancy architecture, to support Cloud
Realize the vision of the Identity Services Framework
Shared identity context across distributed system layers
Tactical Focus areas:
Common Identity Connector Framework (PS1)
Coexistence Scenarios for AM & IdAdmin (PS2)
Cloud – Part 1 (Provlets) (PS2)
OW / SIM / openSSO Feature Parity & Migrations
Complete functional & architectural integration of enhanced
identity stack
Service Oriented SecurityBuilding Applications
Design
Development
Packaging
Deployment
Runtime Integration
Management &
Administration
Oracle eBus
Suite
Business
FunctionsBusiness
FunctionsBusiness
Functions
Oracle JDE
Business
FunctionsBusiness
FunctionsBusiness
Functions
Siebel /Peoplesoft
Business
FunctionsBusiness
FunctionsBusiness
Functions
3rd Party Dev.
Application
Business
FunctionsBusiness
FunctionsBusiness
Functions
SAP
Application
Business
FunctionsBusiness
FunctionsBusiness
Functions
Authentication
Authorization
Legend:
…….
Service Oriented SecurityBuilding Applications
Oracle eBus
Suite
Business
FunctionsBusiness
FunctionsBusiness
Functions
Oracle JDE
Business
FunctionsBusiness
FunctionsBusiness
Functions
Siebel /Peoplesoft
Business
FunctionsBusiness
FunctionsBusiness
Functions
3rd Party Dev.
Application
Business
FunctionsBusiness
FunctionsBusiness
Functions
SAP
Application
Business
FunctionsBusiness
FunctionsBusiness
Functions
Authentication
Authorization
Legend:
Identity Services Framework
…….
…….
Oracle IAM Suite with Identity Services Framework
Identity ProviderProvisioningAuthentication
Virtualization & User Store
WS-*, SPML, SAML, XACML, CARML
Audit
Legacy Integration InterfaceConnectors, Agents
Federation & Trust
Policy & Orchestration
OracleFusion
Applications& Middleware
3rd PartyApplications
Legacy Applications
UserManagement
AuthenticationAuthorization
Federation
Business Functions
Business
Functions
Business
Functions
Cloud ServiceProviders
Business
Functions
Service Oriented Security
AdministrationAuthorization Role Provider
Identity Services
Enterprise Identity Management Infrastructure
Service Interfaces
A Leader in Gartner Magic Quadrants
2009 Magic Quadrant for
Web Access Management
2010 Magic Quadrant for
User Provisioning
As of Sept. 30th 2010 As of Nov. 12th 2009
Summary
20
• Oracle Identity Management 11g
• Delivers a best-of-breed set of products that cater to rapidly
evolving enterprise security and risk requirements
• Offers a complete, open and integrated set of components,
engineered together delivering unparalleled integration and
innovation
• Pioneers an analytical approach to accelerating compliance
and governance , while proactively mitigating risk
For More Information
21
oracle.com/identity
search.oracle.com
or
Identity management
Some of our local implementations -
Romania
22
23
Christian Patrascuchristian.patrascu@oracle.com
Thank You !
Recommended