1 / 24

David Saslav Principal Product Manager Database and Application Server Technologies

David Saslav Principal Product Manager Database and Application Server Technologies Oracle Corporation. Oracle and Thor: Identity Management in the Heterogeneous Enterprise. The Business Problem. Managing users is complex Users need to be provisioned for numerous applications

roscoe
Download Presentation

David Saslav Principal Product Manager Database and Application Server Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. David SaslavPrincipal Product Manager Database and Application Server Technologies Oracle Corporation

  2. Oracle and Thor: Identity Management in the Heterogeneous Enterprise

  3. The Business Problem • Managing users is complex • Users need to be provisioned for numerous applications • Many types of users: employees, customers, partners, suppliers… • … and hackers • Weak security due to proliferation of accounts, passwords and privileges • Risks from critical business applications and data being online • Legal mandates on protection of sensitive data

  4. IT Challenges • Administrative challenges • Expensive and complex • Usability Problems • For both users and administrators • Security vulnerabilities • Fragmented security • Limited oversight

  5. Identity Management Benefits • Simplifies Administration and Saves Money • Centralized user management is faster, easier to automate and less error-prone • Improves Security • Better security by preventing fragmented security administration • Enhances End User Experience • Single password and Single Sign-on eliminate wasted time by users • Personalizable end user experience

  6. Users Users Security Reference Architecture For Distributed Systems Application Audit Protected Resources Authorization Authentication Privacy Application Security Services Identity & Policy Store Policy Decision Services Identity / Policy Assertion Services Identity Management Infrastructure Administration & Provisioning Administration & Provisioning

  7. Oracle 10g Security Solution • Oracle Identity Management (OIM) Infrastructure for the enterprise • Overall Platform Security enabled by OIM • Individual Platform Components Have High Security Assurance

  8. Oracle E-Business Suite Oracle Collaboration Suite OracleAS Portal & Wireless Application Component Security Responsibilities Roles …. Secure Mail Interpersonal Rights … Roles Privilege Groups … Oracle 10g Platform Security Bindings OracleAS 10g OracleAS 10g OracleAS 10g Oracle DB 10g Oracle 10g Oracle 10g JAAS, WS Security Java2 Permissions, ... JAAS, WS Security Java2 Permissions.. JAAS, WS Security Java2 Permissions.. Enterprise users, VPD, Encryption Label Security Enterprise users VPD, Encryption Label Security, … Enterprise users, VPD, Encryption Label Security External Security Services Access Management Directory Integration & Provisioning OracleAS Single Sign-on OracleAS Certificate Authority Delegated Administration Services Enterprise Security Infrastructure Oracle Internet Directory Oracle Identity Management Oracle Security Architecture Directory Services Provisioning Systems

  9. Xellerate Enterprise Provisioning: Connecting Oracle to the Heterogeneous Enterprise

  10. IdentityManagement Access Rights Provisioning Operational Efficiency Enhanced Security Business Processes Importance of User Access Provisioning Pivotal technology for the enterprise • Focus on the CIO Agenda immediate, quantifiable ROI • Rationalize infrastructure • Streamline operations • Reduce administrative costs • Strengthen security • Enhance user experience • Enables implementation of strategic & tactical initiatives • Enabler of the extended enterprise

  11. I I B B M M I B M Users IT Resources Enterprise Systems Mainframe Client/Server Web The Provisioning Challenge

  12. Day One 35% 65% Day Two (Deep Provisioning) Effort spent within each Lifecycle stage Stages of Provisioning Lifecycle Business function performed within each stage Day One: Grant and revoke access to small set of commonly used applications Day Two: Expand to support evolving business needs and user provisioning requirements -Transactional integrity -High availability -Wide geographic support

  13. Xellerate Features Focus on the requirements of the dynamic enterprise • Ease of Use • Initial installation and configuration • Feature rich JAVA environment definition console • Straightforward Integration with target systems • No coding required • Self documenting • Customer selects agent location - remote or local • Deep Provisioning • Enterprise-class Architecture • Transactional integrity • Delegated Administration • User self-service and delegated IT • Administrative task queues • Adaptable Architecture • Lowest Overall TCO

  14. Day 2 Provisioning Features • Adaptable Architecture • Separates what is done from how it is done • Evolves with business needs • Provisioning task scheduler • Business Process Management (BPM) support • Utilization of existing business rules • Creation of new provisioning specific business rules • Remote or in place rule execution • Business Process modeling

  15. Day 2 Provisioning Features, cont’d. • Extensive Exception Management Capabilities • Customizable messages (error and provision process) • Intelligent error handling • Deep Provisioning • Mission Critical Capabilities • Provisioning Transaction Support • Rollback recovery • Logging • Full reporting and auditing

  16. Xellerate Architecture

  17. Connecting Oracle to the Heterogeneous Enterprise

  18. Oracle Identity Management Benefits • Enables deployment of all Oracle products out of the box • Application Server, Database, Collaboration Suite, E-Business Suite • An enterprise infrastructure that leverages Oracle’s “unbreakable” technology • Reliability, scalability, security, performance • A single point of integration for customer’s existing identity management solutions • Transparent 3rd party integration for OIM-enabled products • Accommodates a wide variety of partner solutions and customer deployments • Open, standards-based infrastructure enables integration with third-party solutions such as Xellerate from Thor Technologies

  19. “The new Xellerate integration will enable our joint customers to provision the entire enterprise from the Oracle10g platform.” - Bill Maimone, Vice President, Oracle Server Technologies

  20. Q & Q U E S T I O N S A N S W E R S A

  21. Next Steps…. • Recommended sessions • NEXT! 3:15 PM, Moscone Room 123 Implementing Identity Management at Lawrence Livermore National Labs • Recommended demos and/or hands-on labs • Thor Xellerate in Security Pod (Exhibition Hall) • Oracle Identity Management in Oracle Campground • See Your Business in Our Software • Visit the DEMOgrounds for a customized architectural review, see a customized demo with Solutions Factory, or receive a personalized proposal. Visit the DEMOgrounds for more information. • Relevant web sites to visit for more information • http://www.thortech.com/

  22. Reminder: Please complete the OracleWorld online session survey at any messaging kiosk. Thank you.

More Related