1 / 25

Oracle Identity and Access Management Suite

Oracle Identity and Access Management Suite. Rafael Torres Sr. Solutions Architect rafael.torres@oracle.com. Identity Management Business Value.

Audrey
Télécharger la présentation

Oracle Identity and Access Management Suite

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Oracle Identity and Access Management Suite Rafael Torres Sr. Solutions Architect rafael.torres@oracle.com

  2. Identity ManagementBusiness Value “Identity management projects are much more than technology implementations — they drive real business value by reducing direct costs, improving operational efficiency and enabling regulatory compliance.”

  3. Business Challenges • Trusted and Reliable Security • Efficient Adherence to Compliance • Lower Administrative and Development Costs • Enable Online Business Networks • Better End-User Experience

  4. Regulatory Compliance • Privacy & Security Regulations • Safe Harbor laws (EU & others) • Gramm Leach Bliley Act (GLB-Act) • US Patriot Act • HIPAA • US Homeland Security Policy Directive (HSPD-12) • Financial & Market Regulations • SOX (Sarbanes-Oxley or SarbOx) • Japanese SOX (expected in 2008) • Basel II • UK Companies Act

  5. Oracle Differentiators • Most Comprehensive, Best-In-Class Suite • Hot-pluggable and Open • Application Centric Identity Management

  6. Oracle Identity ManagementBest-of-breed, Complete & Differentiated Portfolio • P = Partnership Faster ROI  Higher Quality  Lower Risk

  7. Hot-pluggable, Heterogeneous Support Portals Application/Web Servers Groupware Applications Directories Operating Systems ACF-2 & TSS RACF

  8. Application-Centric Identity Management • Comprehensive, loosely coupled, out-of-the-box integrations with business applications • An integral component of a wider application development and deployment framework • Architected for future SOA application environment • Identity management as a re-usable service for all applications

  9. Oracle Identity and Access Management Suite Overview

  10. Key Areas of Identity Management • Access Control • Single Sign-On • Identity Federation • Web Access Control • Web Services Security* • Identity Administration • User, Role Management • User Provisioning • Identity Infrastructure • Virtual Directory • Directory *Oracle Web Services Manager licensed separately from the Identity and Access Management Suite

  11. Enterprise Identity Management External Internal SOA Applications Delegated Admin Customers Partners IT Staff Employees SOA Applications Identity Management Service Access Management • Authentication & SSO • Authorization & RBAC • Identity Federation • Identity Administration • Delegated Administration • Self-Registration & Self-Service • User & Group Management Auditing and Reporting Monitoring and Management Policy and Workflow • Directory Services • LDAP Directory • Meta-Directory • Virtual Directory Identity Provisioning • Agent-based • Agentless • Password Synchronization Applications Systems & Repositories ERP CRM OS (Unix) HR Mainframe NOS/Directories

  12. HRMS User created or removed in HR system Workflow;Assign or revoke roles, privileges Application Driven Identity SystemProvision accounts and access rights Business Applications Oracle Identity Manager • Features • Automated user provisioning and de-provisioning • Rich, flexible connector framework • User-friendly request & policy wizards • Sophisticated workflow & reconciliation engines • Unique compliance automation & reporting • Benefits • Reduced administration cost • Improved end user experience • Critical for regulatory compliance • Improved security • Differentiators • Enables compliance via comprehensive audit history and periodic attestation framework • Powers largest global provisioning implementation by number of targets • Adapter Factory significantly lowers the TCO of customers’ solutions over time

  13. Oracle Identity Federation • Features • Identity and trust sharing across business partners, both as Service Provider (Hub) or Identity Provider (Spoke) • Lightweight, multi-protocol gateway – SAML, Liberty, WS-Federation • Integrates with leading Identity Management platforms • Benefits • Reduced cost of interaction between business partners • Reduce administration cost • Deliver improved end user experience • Differentiators • Self-contained, easy to deploy solution • Flexible deployment configurations • Rich, 100% web-based configuration interfaces for improved administrator and end user experience • Proven scalability - large production deployments

  14. Oracle Internet Directory • Features • Full feature LDAP server with a RDBMS data-store • Industry leading scalability and HA capabilities • Strong Oracle Platform integration • VSLDAP certified and EAL4 compliant • Benefits • Reduced operational cost with Oracle Grid support • Seamless integration with Oracle Applications and Products • Differentiators • RDBMS backend provides proven scalability & performance • Rich, built in auditing of all events and operations • Flexible data replication and redundancy features • Ships with built-in directory integration functionality

  15. WEB GATEWAY WEB SERVICES WEB GATEWAY LDAP VDE DIRECTORY ENGINE JOIN VIEW Custom Local Store NT DB LDAP Oracle Virtual Directory • Features • Virtualization, Proxy, Join & Routing capabilities • Modern Java & Web Services technology • Superior extensibility • Scalable multi-site administration • Direct data access • Benefits • Perform Real-time directory integration • Accelerate application deployment • Lower development costs • Differentiators • Lightweight & flexible architecture • Supports true virtualization without local cache, enabling stringent policy or privacy requirements • Modular architecture supports the addition of connectors to a wide array of identity stores

  16. Authentication Authorization Identity Admin Oracle Access Manager • Features • Multi-level, multi-factor authentication • Web and App server level authorization • Workflow driven Self-service & Delegated administration • Services-based architecture eases integration with existing IT infrastructure • Benefits • Policy-based access management • Centralized and consistent security across heterogeneous environments • Reduced administration cost • Increased IT governance and compliance readiness • Differentiators • Administrative scalability via workflow and delegation • Access control leverages up to date identity information • Comprehensive auditing to a common database

  17. Oracle Enterprise Single Sign-on (ESSO) Suite • Oracle ESSO Logon Manager is an event-driven single sign-on solution that eliminates the need for end users to remember and manage their sign-on credentials • Oracle ESSO Password Reset enables end users to reset their Windows password from a locked workstation (note: also available stand-alone) • Oracle ESSO Authentication Manager enables end users to authenticate with forms of strong authentication and grant specific levels of access based on the form of authentication • Oracle ESSO Provisioning Gateway enables OIM to add, edit and delete credentials within an end user’s Oracle ESSO credential store • Oracle ESSO Kiosk Manager provides fast user switching and sign-on/sign-off support for kiosk users

  18. Oracle Identity and Access Management Suite Case Studies

  19. Case Study – Manitoba Telecom Services BUSINESS CHALLENGE ORACLE SOLUTION • Needed to integrate and rapidly deploy new and old services (Internet, mobile, TV, content, local phone, and long distance phone) • Needed to provide head of household ability to manage accounts and privileges for self and other members of household • Wanted to base new services on telecommunication standards-based framework: IP Multi-media Subsystem (IMS) • Wanted comprehensive technology to address in internal users, external households, and both providers and consumers of MTS services • Oracle Identity and Access Management Suite • Oracle Access Manager for Single Sign-On and Delegated Administration to head of household • Oracle Identity Federation for providing system access to providers and consumers of MTS services • Oracle Internet Directory to provide robust directory solution built on top of Oracle database • Oracle Identity Manager (with 11 connectors) to provision employees to internal systems RESULTS • Initial deployment for Internet, TV, and Mobile customers • Planned to include VOIP Users and MTS supported ISP subscribers • Enables MTS to be competitive in a very competitive marketplace for telecom and multi-media content services

  20. Case Study – Scottish Government BUSINESS CHALLENGE ORACLE SOLUTION • Fragmented customer records and no single source of Citizen info across Scottish Govt. • Need to integrate to the UK Government Gateway so that users can access the Citizen Account (single, electronic customer record) • The Scottish Govt., National Infrastructure Project selected Oracle Identity and Access Management Suite beating out Software AG • Suite will integrate UK Govt. Gateway • Working with Sopra, Newell and Budge as the prime contract provider RESULTS • IAM will authenticate Citizens and Govt. employees when they access the system either via the Council Website where they live (one of the 32 Local Authorities), the UK Government Gateway or the Central Portal site where the Citizen Account will be running • Plan to provide a source of truth that will potentially update Govt. records and provide a better service to the 5M Citizens of Scotland where they can change personal details only once across multiple agencies as well as enroll for entitlements

  21. “Passlogix was instrumental in helping the USPS solve its most criticalend user problem – forgotten passwords – and solve it quickly.” Bob Otto CTO Problem: • Number one identified problem by USPS employees: too many passwords • Very large scale environment: 3 million users with over 155,000 knowledge workers • Thousands of known applications, many beyond central IT reach • Very limited IT staff to implement and maintain • CTO wanted a solution that could be fully deployed in less than a year Solution: • Evaluated 7 different SSO vendors selected v-GO SSO • 155,000 users deployed in less than 8 months • Over 7,000 applications enabled • Helpdesk password calls dropped from >1,000 per day to an average of 10 per day • Saved over $4 million per year

  22. Analyst Endorsements Leader in User Provisioning! Gartner, April 2006 “[Oracle] has amassed a very strong management team and IAM technology portfolio … Its IAM road map looks the best of all vendors.”

  23. More Analyst Endorsements • “Oracle’s offering of IAM products now pushes ahead of other IAM competitors such as BMC, Computer Associates International, Hewlett-Packard, IBM, Microsoft, Novell and Sun Microsystems”- Roberta Witty, Gartner (Nov 2005) • “Oracle's acquisition of Thor and OctetString is a good move. These acquisitions coupled with Oracle's unique application top down approach to Identity Management will send ripples through the industry.”- Mike Neuenschwander, Burton Group (Nov 2005) • “Oracle has an advantage and early lead with its top down application strategy that is aligned with customer needs.”- Chris Christiansen, IDC (Nov 2005)

  24. Learn More Learn the Technology • Visit: oracle.com/identity View whitepapers, buyer’s guides, and webinars Try the Software • Visit OTN: otn.oracle.comDownload software, get technical information Ask Our Experts • Call: 1-800-438-0626 Speak with an Identity Management specialist

  25. Q & A

More Related