How Oracle Handles Identity management

Source: Internet
Author: User
Tags log reset web services oracle database
Oracle for most security software pilot programs, it is difficult to explicitly calculate the return on investment. It's like going back to calculating the benefits of some of the things that have not happened. However, the Identity Management pilot program differs. The cost savings resulting from reduced management time and increased employee productivity are clearly visible and measurable because of reduced time spent on password-reset. These cost savings can be measured and estimated, even if the damage does not occur. The latest version of Oracle Identity Management, released in June 2005, is the first version she released after the acquisition of Oblix in March.

Directory Services

Directory services are the basis for all identity management efforts. Although Oracle Identity management products support most of the most important directories, Oracle also provides its own directory services. Oracle's directory service is called the Oracle Internet Directory (OID), and because it stores its data in an Oracle database, it affects scalability, reliability, parallel processing, and high availability of the platform (through real Application Cluster) and security features. The list of users grows to millions of without having to worry about the data store not scaling up effectively.

Oracle now also has improved virtual directory performance with Oracle virtual directories, a solution recently obtained from octetstring. This virtual directory performance provides an LDAP identity Data view without having to consider its physical location, thus speeding up the identity management configuration.

Identity and Access attributes

Oracle Coreid access and identity have been used in seven versions. Its existing consumer base is more than 250 companies, some of which manage millions of of the user's identity. In addition to providing a single sign-on performance that contains detailed information for most access control products, it includes:

Dynamic group Management. Oracle Identity management can dynamically increase users based on user properties, rather than adding users individually by group, which does not do well in scaling up. When a user changes roles within an organization, the group members are automatically updated, and the effect is to add or remove permissions at the minimum set level of action.

User self-service registration, profile update and password reset. Users can add themselves to the system service and start an approval process using a built-in workflow system. Requests are automatically routed to decision makers, and after approval, users are granted access without the need for direct system administrator time. For a reset password, the user can authenticate with a shared secret password and the system will reset the password.

Delegated management. Various departments of the organization can be allowed to manage their own user base through Oracle delegated administration.

Centralize auditing and logging. Failed logon attempts are tracked on a system-wide scale, and a series of pre-built reports can be used to monitor consistency.

Automatic supply

Once the user identity and their access rights are centrally managed, this control can be extended to the database, application software, and other identity storage through the Oracle Xellerate identity provisioning. This part of Oracle management uses an extensible system of adapters and unique adapter factory technologies to deliver access to specific applications and systems, including support for major business applications, components, and legacy systems. These adapters protect the organization's investments in current applications and infrastructure, operate in different kinds of data centers and systems owned by most companies, and further balance existing identity management pilot initiatives. Oracle xellerate Identity Provisioning is a xellerate product based on the recently acquired Thor Technologies. Its scalability has been proven through configuration in a number of very wide provisioning installations.

With Oracle Identity management, users and groups can be centrally managed. For example, Windows domain logon, Oracle financial applications, SAP manufacturing applications, and Lotus Notes e-mails can be managed by a separate IT group. Cost savings are achieved by making a single change in a centralized location, rather than requiring the administrators of all these systems to make changes. The Oracle xellerate identity provisioning automatically synchronizes identity data between various systems.

Joint identities

Although Oracle Coreid access and identity-provided single sign-on performance provides access to common resources within the enterprise without having to log on repeatedly, Oracle Coreid Federation allows the same enterprise to provide seamless and secure access to the users of its partners without having to log on repeatedly. Reliance on industry-recognized standards, such as Saml,liberty and WS-Trust, "trusted" users ' certificates with each other across a range of partners or institutions, which allowed improved access to mutual application software. This allows each organization to operate independently and cooperatively for commercial purposes. The unique feature of Oracle Coreid Federation is the ability to manage multiple partners and choose from all industry-standard federated identity Solutions entirely from a separate software product that a company can easily distribute to its partners.

Web Service Management

Identity management first stems from the need to centralize security between disparate applications, so developers are no longer writing every application. This enables the security of all applications to be managed and applied in a unified manner. In a similar approach, the need for Web services management has been a concern: the security policies and management of a single Web service are well centralized, so it can be uniformly influenced and universally applied across all web services. Oracle WEB Services Manager Simply completes these, adds policy-driven best practices to existing or new WEB service, and provides security and management performance when configuring a service-oriented architecture. Oracle Web Services Manager enables organizations to centrally define policies that control Web service operations, such as access policies, record policies, and load balancing, and then hide these policies in a Web service without modifying those services.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.