Oracle Identity And Access Management

Size: px
Start display at page:

Download "Oracle Identity And Access Management"

Transcription

1 <Insert Picture Here> Oracle Identity And Access Management Ed King Senior Director, Product Management

2 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remain at the sole discretion of Oracle.

3 Agenda Introduction Problem statements Value propositions Products and partnerships Industry validations Product strategy and roadmap Service oriented security Customer case studies

4 Oracle s IdM Business <Insert Picture Here>

5 Oracle Database Security 30 Years of Innovation Oracle Audit Vault Oracle Database Vault DB Security Evaluation #19 Transparent Data Encryption EM Configuration Scanning Fine Grained Auditing (9i) Secure application roles Client Identifier / Identity propagation Oracle Label Security (2000) Proxy authentication Enterprise User Security Global roles Virtual Private Database (8i) Database Encryption API Strong authentication (PKI, Kerberos, RADIUS) Native Network Encryption (Oracle7) Database Auditing 1977Government customer 2007

6 Oracle Identity Management Commitment to Leadership & Innovation Innovate Lead Build Identity Governance Framework Id. Assurance Partner Alliance Oracle Access Management Suite Acquisition of BEA OES Acquisition of Bharosa OAAM Acquisition of Bridgestream ORM Market Leader in Forrester s IAM Wave Oracle IdM Eco-system Oracle esso Leader in Gartner s UP & WAM Magic Quadrant Oracle Identity and Access Management Suite Identity Audit and Compliance offering Acquisition of OctetString OVD Acquisition of Thor OIM Acquisition of Oblix OAM, OIF & OWSM Acquisition of Phaos Federation and WS technologies Oracle Internet Directory 2008

7 Oracle IdM Key Success Factors Acquire best-of-breed products and talents Phaos, Oblix, Thor, OctetString, Bharosa, Bridgestream Each company had strong technical and management talents Retain and invest Still have > 90% retention rate of acquired employees Acquired employees hold key mgmt. and technical positions Team size grew organically by > 100% post 2005 acquisitions Customer focus Focus on low TCO architecture Focus on customer success Focus on long-term customer partnership

8 IdM Is Strategic To Oracle IdM is key security infrastructure for Fusion IdM is a key component of the GRC strategy Oracle has invested in 6 acquisitions in IdM since 2005 Oracle has invested heavily in organic growth > 350 developers > 35 product managers > 80 QA > 90 support

9 Identity Management Innovation Integrated identity and role management 1st suite vendor to acquire and integrate business policies into an enterprise class identity management solution Integrated access management and anti-fraud solution 1st suite vendor to offer comprehensive software solution that thwarts the entire range of web-threats Identity virtualization for applications 1st suite vendor to provide a solution to unify identity data without consolidating and re-use identity data without copying Comprehensive application audit framework 1st to integrate audit with provisioning for policy review Identity Governance Framework Comprehensive CARML/AAPML-based application development Hot-pluggable by design

10 Key Oracle Differentiators Complete suite of best-of-breed products Proven for large scale deployments Best long-term investment

11 Problem Statements <Insert Picture Here>

12 5 Questions to ask your Chief Information Security Officer

13 Q: How do you control access to your sensitive applications? a Usernames and passwords b Contextual authentication authorization c Hardware token

14 Q: What determines your employee s access? a Give Alice whatever Wally has b Base on her business roles c Whatever her manager says

15 Q: Who is the most privileged user in your enterprise? a Security administrator b CFO c The 3-peat summer intern who is now working for your competitor

16 Q: How secure is your identity data? a It is in 18 different secured stores b We protect the admin passwords c Privacy? We don t hold credit card numbers

17 Q: How much are manual compliance controls costing your organization? a Nothing, no new headcount b Don t ask c Don t know

18 Today s IT Challenges More Compliant Business Increasing regulatory demands Increasing privacy concerns Business viability concerns More Agile Business More accessibility for employees, customers and partners Higher level of B2B integrations Faster reaction to changing requirements More Secured Business Organized crime Identity theft Intellectual property theft Constant global threats

19 State Of Security In Enterprise Incomplete Multiple point solutions from many vendors Disparate technologies that don t work together Complex Repeated point-to-point integrations Mostly manual operations Non-compliant Difficult to enforce consistent set of policies Difficult to measure compliance with those policies Business un-friendly Solutions not user-centric but technology-centric Processes not end-user friendly

20 Enterprise Applications Today Admins Customers & Partners Business Users Mix of custom, legacy & packaged applications Silo ed and disjointed security Numerous identity stores and policy administration points Too many users with privileged access Highly evolving and regulated business environment

21 Next Generation Security Challenges Auditors & Regulators Identity Thieves Rogue Employees Privileged Users

22 Next Generation Security Solutions Compliant Provisioning Fraud Prevention Auditors & Regulators Identity Thieves Entitlement Management Data-Center Security Rogue Employees Privileged Users

23 Sustainable Compliance Attestation of user access is a manual process User access does not match their jobs Segregation of duties policies not enforced

24 Identity Theft & External Fraud Enterprise brand often used in phishing attacks Stolen identity and credit cards used to pay for on-line purchases Consumers hesitate to embrace on-line self service due to fear of identity theft

25 Data Privacy & Internal Fraud No fine grained control of data visibility and transaction level access Inappropriate or fraudulent use of enterpris IT assets and information services Difficult to prove compliance with data privacy and consumer rights regulations

26 Data Center Security Administration of users in hundreds of DB is not scalable DBA can see all data, violating data privacy mandates Integration of identity infrastructure takes 12 months or longer after an acquisition

27 IT s Role in Building Corporate Trust The Need for IT Governance Strategy Majority of 400 directors surveyed recognize that the right IT strategy is very important for 69% 66% 57% Compliance Customer Satisfaction Managing Risk Security The Ponemon Institute finds that 70% When a company announces a security breach, its stock price can drop by of all reported security breaches were due to insiders 2% Control Gartner warns that More than 80 per cent of IT groups may be incapable of satisfying many of the laws and regulations, such as HIPAA and 21 CFR Part 11, that require changerelated audit trails and accountability over material configuration items. Source: Corporate Board Member/ Deloitte Consulting, March 2007 Source: Ponemon Institute, 2005 Source: Gartner, 2005

28 It s A Risky Business Société Générale 10 billion in trading losses due to unauthorized trades Trader executed unauthorized trades with 75 billion of exposure and attempted to cover up his losses using fake accounts and s. When the bank discovered the fraud it had to unwind the position in 3 days, resulting in 10 billion in losses and triggering a world wide market sell-off. Source: Fortune, May 2008 TJ Maxx $17 Million remediation cost for 45 million stolen credit card numbers Breach of TJ Maxx s IT systems led to the lost of 45 million credit and debit card numbers over a period of 18 months. Estimated total revenue impact from negative press coverage was $4.5 billion. Source: Information Week, May 2007 Citi Group 3.9 million customer data lost Mass theft of debit card PINS results in several hundred fraudulent cash withdrawals in Canada, Russia, and the U.K. This follows the loss of unencrypted tapes containing information on 3.9M customers. Source: InformationWeek, March 2006 Mellon Bank $18.1 million in fine for failure to prevent fraudulent data destruction For a violation of the Fair Debt Collection Practices Act, in which employees destroyed 80,000 unprocessed Federal tax returns and tax return checks in an attempt to conceal failure to meet IRS processing deadlines, Mellon paid a fine of $18.1 million and closed its tax processing center. Source: Unbossed.com, April 27, 2005

29 Guaranteed Bad Press In Public Sector Breach Notification Is Mandated By Law 38 states now have some form of breach notification law, like California Senate Bill 1386 Law mandates public disclosure if security breach is found in any public institution Direct mail to all effected people, or Notify major statewide media Cost of generating letters can range from $2-$12/person

30 Liability For PCI DSS Non-Compliance PCI Data Security Standard Is Now Law States are adopting PCI DSS into state laws Estimated cost is $1 million per breach instance Law mandates non-compliant banks to cover cost of notification and remediation in case of breach Law mandates non-compliant business to reimburse card issuing bank for cost of notification and remediation in case of breach

31 Value Propositions <Insert Picture Here>

32 Identity Management Values Trusted and reliable security Efficient regulatory compliance Lower administrative and development costs Enable online business networks Better end-user experience

33 How Can Identity Management Help? Establish Enterprise Identity & Roles X?! Consolidate or virtualize multiple, complex identity environments to a single enterprise identity source Automate linkage of employee records with user accounts Establish enterprise roles for automation, compliance and business continuity Eliminate rogue and orphaned accounts

34 How Can Identity Management Help? Enforce Strong And Granular Security Policies Enforce strong password policies via synchronization or single sign-on (SSO) Implement strong authentication and risk based authorization for critical apps and web services Enforce minimal access rights based on roles, attributes, and requests Leverage federation technologies for cross-domain SSO

35 How Can Identity Management Help? Automate Security Related Processes Reduce administration cost and improve service level with delegated administration & self-service Implement scalable and dynamic approval workflows leveraging dynamic enterprise role and organization data Automate detection of fraudulent activities based on policies Role and attribute driven provisioning of applications with exact access levels

36 How Can Identity Management Help? Define Audit And Control Framework Implement automated attestation for entitlements, roles, policies, workflows. Implement exception driven process automation Implement segregation of duties around roles and entitlements Implement automations and controls for management of privileged users

37 How Can Identity Management Help? Deploy A Scalable Integration Architecture Define an enterprise-wide integration standard Leverage all integrations through a single interface / application Heavily leverage open standards to protect IT investments Maximize out-of-the-box integrations across technology stacks: applications, middleware, database and operating systems

38 How Can Identity Management Help? Security And Control For Enterprise Applications Procure-To-Pay Process Financials Issue Payment Automate user management, manage entitlements, enforce segregation of duties Link HR employee data to user accounts Issue PO ERP Accept Shipment SCM Integrate application to enterprise directories and portals Enforce appropriate and granular level of access control based on application and data being accessed

39 How Can Identity Management Help? Manageability and Security For Databases Externalize and centralize authentication and authorization of database users with optional strong authentication DBA Centrally manage database users and database roles DBA Implement strong control over DBA access DBA Automate security management of shared accounts

40 How Can Identity Management Help? Compliance & Fraud Mgmt. For Financial Services Manage Who has access to What, When, How and Why for SOX, FFIEC, GLBA and PCI compliance Automate termination and job transfer processes for tight security Detect and remediate fraudulent activities against both outside and inside threats Enforce segregation of duties and Chinese Wall regulatory mandates

41 How Can Identity Management Help? Scalable Security And Administration For Retail Manage scalable lifecycle management for a highly dynamic and seasonal workforce Improve access security for shared terminals such as POS and warehouse terminals Enforce segregation of duties across heterogeneous systems such as receiving and payment Enable federated access for supply chain partners

42 How Can Identity Management Help? Scalable Infrastructure For Telecommunication Deploy telco-grade identity store and unify user profiles from networks and applications in real-time Enable scalable identity administration and account provisioning for very large user base and dynamic call center operations Deploy self-service and self registration to reduce customer administration cost Enable federated access, SSO, mutual authentication and fraud prevention for customer and dealer portals

43 How Can Identity Management Help? Guarantee Patient Privacy For Healthcare Deploy secured storage and control processes to guard patient s data privacy Deploy audit and control mechanisms to ensure cost effective compliance to HIPAA Implement access control to ensure the security of shared workstations for single sign-on and sign-off Enable self-service and automated application provisioning for mobile healthcare workers

44 How Can Identity Management Help? Flexible, Risk Based Security for Life Sciences Enable secure internal and external collaboration for the development and marketing of life science products Improve risk management by ensuring the proper level of authentication is required based on the criticality of the applications. Enable self-service and automated application provisioning for clinical investigators Enable secured handling and storage of clinical trial patient data

45 How Can Identity Management Help? Scalable Security And Administration For Higher Ed. Deploy self-registration and self-service to reduce help desk cost and improve service level Manage the rich role information for a highly dynamic user base with multiple affiliations Implement on-boarding and off-boarding automation to deal with activity level driven by academic calendar Deploy secured identity repository to ensure user privacy and HIPAA compliance

46 How Can Identity Management Help? Enable Service Delivery For Local Government Provide secured access for residents to government services via strong auth n, risk based auth z & safeguarding of identity data Enable cost efficient compliance for HIPAA, PCI, etc. Streamline management of large & distributed user base via self-service & delegated admin. Simplify identity & security integration across dispersed agencies, districts and departments

47 Products & Partnerships <Insert Picture Here>

48 2 variations of the suite solution and product slides Oracle s Identity Management Suite Identity Admin. Role Manager Identity Manager Access Management Identity Management 2.0 Adaptive Access Manager Entitlements Server Web Services Manager Core Platform Access Manager Identity Federation Enterprise Single Sign-On Directory Services Virtual Directory Internet Directory Authentication Service for OS Audit & Compliance Identity Management Suite Manageability Enterprise Manager IdM Pack

49 2 variations of the suite solution and product slides Oracle s Comprehensive IdM Solutions Identity Admin. Role management Role mining Relationship management Identity lifecycle Organization lifecycle Provisioning & Reconciliation Password management Access Management Identity Management 2.0 Strong authentication Risk based authorization Fine grained entitlements Web Services security Core Platform Authentication Authorization Single sign-on Federation Directory Services Identity virtualization LDAP storage LDAP synchronization OS authentication Audit & Compliance Audit Reporting Analytics Fraud Attestation Segregation of duties Manageability Service level Performance Configuration Automation

50 2 variations of the suite solution and product slides Oracle s Identity Management Suite Identity Admin. Identity Manager Role Manager Access Management Access Manager Adaptive Access Manager Enterprise Single Sign-On Identity Federation Entitlements Server Web Services Manager Authentication Service for OS Directory Services Internet Directory Virtual Directory Audit & Compliance Identity Management Suite Manageability Enterprise Manager IdM Pack

51 2 variations of the suite solution and product slides Oracle s Comprehensive IdM Solutions Identity Admin. Identity lifecycle Role management & mining Organization management Provisioning Reconciliation Password management Access Management Strong authentication Risk based authorization Single sign-on Federation Fine grained entitlements Web Services security Operating systems security Directory Services Storage Virtualization Synchronization Audit & Compliance Manageability Audit Reporting Analytics Fraud Attestation Segregation of duties Service level Configuration Performance Automation

52 Access Control & Single Sign-On Single sign-on w/ Federation HRMS Contractor AD Oracle Internet LDAP Directory Oracle esso Suite Directory synchronization Personalization For internal and external users Oracle Identity Federation Oracle Access Manager Customer Internal User

53 Self-Service HRMS LDAP Self-service and self-registration Delegated administration Password reset For internal and external users Contractor AD Oracle Identity Manager Approver Customer Internal User

54 Provisioning Device DB Mainframe Approver Customer Internal User

55 Compliant Role Based Provisioning Mainframe DB Attester Role Management

56 Identity Theft Protection Mutual authentication Knowledge based authentication Key-logger-proof devices New Purchase Oracle Adaptive Access Manager Secure Mutual Authentication Account Management Fraud analytics Transaction monitoring Device & location tracking Behavior profiling Device & Geo-location Forensics

57 Fine Grained Data & Transaction Control Business Partner Customer A Oracle Role User Manager Roles Country A Customer Support Customer B Oracle Customer Entitlement Data Server Country B Customer Support Employee / Account Manager Fine grained contextual control Leverage roles, relationship, attributes, 3 rd party, session, transaction & historical data

58 Scalable, Secured & Agile Infrastructure LDAP AD Oracle Virtual Directory LDAP Enterprise User Security Centralized Management of DBAs Integration with Active Directory SoD for Privileged DBA Access DB Vault DBAs HR Finance DBA App A Finance App B CRM CRM DBA

59 Oracle s Comprehensive IdM Solutions End Users Administrator Info. Sec, Auditor Strong Authentication Risk Based Authorization Federation Self-Service Identity Admin Account Admin Organization Admin Role Management Delegated Admin Reporting & Analytics Attestation Segregation of Duties Fraud Detection Oracle Identity Management & Security Platform Provisioning Reconciliation Password Mgmt. WS Security LDAP Virtualization LDAP Storage LDAP Synchronization DB User Security Java Platform Security Authentication For Operating Systems Business Apps, HR Directories, DB App Server, OS

60 Identity Admin. Lifecycle Management Provisioning, Role Management, Self-Service HRMS Delegated Administration Identity Audit Password Sync. Applications Identity Reconciliation Account Provisioning CRM Identity & Role Lifecycle Management Account Reconciliation Infrastructure LDAP Self-Service Self-Registration DB

61 Access Management Run-Time Authentication, Authorization, SSO, Federation User Authentication Session Management Web Service Policy Management Fraud Monitoring Risk Profiling Access Audit Web SSO esso Authorization Federation & Trust Web Applications Legacy Applications Partner Applications & Web Services

62 Directory Services Infrastructure Identity Virtualization And Consolidation HRMS Virtual Schema 1 Applications CRM Internal LDAP External LDAP Schema Aggregation Schema Transformation Schema Mapping Data Synchronization Virtual Schema N Aggregated Schema Applications Meta Directory

63 Oracle Access Manager Policy Enforcement Points (PEP) Delegated Admin End User Authentication & Authorization Request Authentication & Authorization Decisions WebGates AccessGates Applications User Data Policy Data Identity & Group Lifecycle Management Configuration Data Policy Manager Policy Decision Engine OAM Identity Server LDAP Store OAM Access Server

64 Oracle Web Services Manager Policy Enforcement Points (PEP) Client-Side Agents Option Gateway Option Server-Side Agents Option (Last-Mile Security) Clients J2SE, J2EE,.NET Web Services Endpoints (J2EE,.NET) Policy Management Monitoring OWSM Server And Admin Console

65 Oracle Identity Federation Applications Service partners IDM infrastructures Identity Stores Policy Stores Cert Stores Certificate configuration Oracle Identity Federation Identity Provider discovery SAML 1.1 SAML 2.0 WS-Fed Trade partners AuthN & SSO Account mapping Integration APIs Portals Affiliates

66 Oracle Entitlements Server OES PDP policy App OES PAP Audit policy OES PDP Leverage existing identity stores and enterprise data for entitlements decisions LDAP policy App Centralized policy management, distribution Localized policy decisions and enforcement Protect any system or business component across heterogeneous platforms OES PDP App Audit Audit Enterprise Data

67 Oracle Adaptive Access Manager User Context 3 RD Party Apps/Data Location Device Context ARM Context Historical Data ASA Context Context Context Current vs historical User Device Location Transaction 3 rd Party Cross comparisons

68

69 Oracle Enterprise Security Identity And Access Management User Management Directory Management Access Management Platform Security Identity Audit Application Security Governance Risk Compliance Policy & Process Management Data Security Multi-level Access Control Information Rights Encryption DBA Security Monitoring & Alert Enterprise Control Compliance Analysis & Reporting Operating System Security Authentication Service User Management Audit Automation

70 Complete Application Security Account provisioning Segregation of duties Entitlement attestation Access Management Strong authentication Risk based authorization Federation & WS security Process Control - Configuration Master data security Code security Change management DBA access Data classification Info. rights management Application Native Security Data Security Process Control - Transaction Internal controls violation High-risk transactions Fraudulent transactions Encryption at rest & in transit Secured backup

71 Oracle Security Products For Apps Access Manager Adaptive Access Manager Identity Federation Application Access Controls Governor Access Management Identity Manager Role Manager Web Services Manager Process Control - Configuration Configuration Controls Governor Preventive Controls Governor Database Vault & Audit Vault Label Security Enterprise User Security Application Native Security Data Security Process Control - Transaction Transaction Controls Governor Transparent Data Encryption Secured Backup Information Rights Mgmt.

72 Identity Management For Oracle Apps OAM OAAM OIF OES In Progress In Progress In Progress In Progress esso OIM ORM OID OVD OWSM Out-of-The-Box Connectors Certified Interoperability

73 IdM And Data Security Enterprise User Security (EUS) OVD enables EUS to run on Active Directory, SunOne, and OID OIM further enables centralized DB user admin via EUS ORM IT role management extends EUS role managment Database Vault OIM provisions standard DB user + DB Vault privileges DB Vault is used to protect DBA access to sensitive IdM data Transparent Data Encryption (TDE) TDE encrypts data transparently for OID, OIM and ORM

74 Complete Enterprise Control GRC Process Management Policy Repository Evidence Management Control Testing Risk & Compliance Reporting GRC Application Controls Controls Monitoring & Enforcement Best Practice Controls & Policies Privilege Level SOD Contextual SOD Authorization Identity Management User On-Boarding Lifecycle Mgmt. Account Provisioning & Remediation Access & Role Attestation Authentication, Authorization, SSO Business Applications Apps, Systems & Data Repositories

75 Closed-Loop SOD Access Provisioning User, Org Lifecycle Event SOD Policy Simulation Access Request & Approval Preventive Validation & Enforcement + Provisioning Workflow Access Remediation Exceptions Report Design & Deploy Compensating Controls Provisioned User Access Detective SOD Analysis Identity Management GRC Application Controls

76 Closed-Loop SOD Role Based Access Role & Rule Mining Role Design Feedback Role Design & Mapping Role Assignment & Admin Provisioning Workflow Preventive Validation & Enforcement Role Remediation + SOD Policy Simulation Exceptions Report Design & Deploy Compensating Controls Provisioned Role & User Access Detective SOD Analysis Identity Management GRC Application Controls

77 Partners: ISV Ecosystem Strong Authentication Network Access Industries Compliance Physical Access Identity Assurance

78 Partners: System Integrators Global Full Service Partners Regional And Boutique Partners

79 Industry Validation <Insert Picture Here>

80 Leader in Magic Quadrants Oracle assumes the No. 1 position - Earl Perkins, Perry Carpenter, Aug (Research G ) User Provisioning, H Web Access Management, H Magic Quadrant Disclaimer: The Magic Quadrant is copyrighted by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

81 Most Comprehensive IdM Suite Updated with latest acquisitions Identity And Access Management Marketplace, Gartner Symposium/ITxpo, Ant Allen, ESC19_1049, 11/07, AE

82 Strongest Vendor According To Oracle is currently the IdM vendor to beat - VantagePoint 2007: Identity and Privacy Trends in Enterprise IT Oracle continues to increase in mindshare while broadening its IdM portfolio. - VantagePoint 2008: Identity and Privacy Trends in Enterprise IT

83 Provisioning Market Report 2009 Oracle is currently leading the provisioning market IBM and Sun have both lost market share to Oracle - Provisioning Market 2009 report

84 Market Leader According To Oracle has established itself as Leader. - The Forrester Wave: Identity And Access Management, Q Oracle reached the top of our evaluation through a combination of the breadth, depth, interoperability, and packaging of its IAM features alongside the strategy and current state of market execution on its application-centric identity vision. - The Forrester Wave: Identity And Access Management, Q1 2008

85 IdM Hype Cycle 2008

86 GRC + Security Product Space Strength of GRC Solution Strength of IdM Solution

87 Best of Breed Proof Points Independent Product Evaluations & Awards..very powerful flexible account provisioning OVD: 2007 Global Excellence in Directory Services Award..strong platform for defining and enforcing policies in WSJ Quickly, easily, securely..connect via Single sign-on Brings Management Simplicity to Web Services eweek [OWSM] Simple to the core easy to use

88 Product Strategy & Roadmap <Insert Picture Here>

89 Oracle s Identity Management Strategy Develop Identity Services Framework Deploy Operate FMW Technologies Complete solution Integrated suite of best-of-breed components Each component individually deployable Application centric Integrated with business applications Integrated to application life cycle Hot-pluggable Standards-based Works across leading platforms

90 Heterogeneous Support Of all the large platform vendors, Oracle, Novell, CA and BMC seem the most committed to providing significant support for heterogeneous environments. - Ray Wagner, Gartner, October 2006 Portals Application / Web Servers Applications Groupware Directories Operating Systems ACF-2 & TSS RACF & IOS/400

91 Standards Support Contribute and lead SSTC (SAML Working Group) - Co-Chair Liberty Alliance - President, Board Member WSS, WS-SX (Web Services Security), JCP - Author SPML - Author XACML Voting member Implement Accelerate product development Simplify product integration & minimize TCO Innovate Enable Identity Governance Framework: CARML, AAPML Standards for end-to-end security

92 Looking Ahead Oracle will broaden security product portfolio Security is not just another line of business for Oracle Security is strategic to Oracle s entire product portfolio Emerging areas: entitlement management, fraud, privacy, governance, risk management etc. From security silos to built-in security Built into enterprise applications, middleware, DB, OS Identity Services Framework Project Fusion Single security model across Enterprise Applications Suite Enforced uniformly at all parts of technology infrastructure Across entire life-cycle from development to maintenance

93 Identity Services Framework Fusion Apps, Other Fusion Products 3rd Party Apps Custom Apps Legacy Applications (Not Identity Service Ready) Business Functions Business Functions Business Functions Business Functions User Management Authentication Authorization Federation Service Interfaces WS-*, SPML, SAML, XACML, IGF Identity Services Legacy Interfaces Connectors, Agents Authentication Provisioning Identity Provider Audit Authorization Administration Role Provider Federation & Trust Enterprise Identity Management Infrastructure Policy & Orchestration Virtualization & User Store

94 Service Oriented Security Topic <Insert Picture Here>

95 Application Security (Used to Be) Silo ed Authentication Application A Application B Application C Silo ed Authorization Silo ed Identity Repository Silo ed Administration

96 Challenges Non-uniform policies at different granularities Non-uniform user experience Credential proliferation High administration cost

97 Today s Identity Management Strong-Auth Single Sign-On Federation Provisioning Application A Application B Application C Audit & Compliance Risk Analytics

98 Identity Management 1.0 Challenges Integration cost is high Additional infrastructure components to maintain Cannot completely make up for poor application security Authorization model is still mixed

99 A Paradigm Change is Happening Externalized authorization policies Abstraction of deployment details from applications Integration of security with IDEs Roles, context, trust Hot-pluggable functions Service Oriented Security

100 Support For Application Life Cycle Development Design Packaging Management & Administration Deployment Runtime Integration

101 Start Building A Service Platform Oracle Access Manager Oracle Adaptive Access Manager Authentication Service Oracle Role Manager Oracle Entitlements Server Authorization Service Oracle Identity Manager Oracle Virtual Directory Identity, Profile Service

102 <Insert Picture Here> Customers Case Studies Note: The most common case studies have been reformatted to be more presentation friendly. Not all use cases will be reformatted this way. If you prefer the original format or need more use cases, please see the main use case PPT file.

103 Oracle IdM s Customer Focus Customer Advisory Board Collaboration with strategic customers on product roadmap and technology directions Security Executive Forum C-level executive helps to validate Oracle s strategy and drive future investments Past attendees: Bank of America, British Telecom, Franklin Templeton, JP Morgan Chase, Network Appliance, Royal Bank of Scotland, The Hartford, T-Mobile, Toyota, Wachovia,. Best post-sale support in the industry Product management sponsorship to ensure every deployment and every upgrade is a success Strong track record of customer upgrade success

104 Customer Advisory Board Share, Communicate, Partner

105 Identity Management Customers Financial Services Transportation & Services Manufacturing & Technology Telecommunication Public Sector Retail Oracle Confidential

106 Oracle Confidential Unparalleled Strength In Fin. Services

107 Oracle Confidential Customers Using Oracle IdM With SAP

108 Award Winning Scalable Solutions OAM, OVD, OID 34 million users managed on aarp.com OIM, ORM 1,200 applications under management OIM, ORM 17,000 managed roles OAM, OIM 4.5 million users provisioned from kpn.com

109 IdM Platform Customers OAM, OIM 80,000 internal users 1.8 million partners, suppliers and customers OAM, OIM Provisioning SAP, E-Business Suite and Siebel OAM, OIM, OID 9 million retail customers using self-registration & self-service

110 Compliant Provisioning Customers OIM, ORM Enterprise wide business role management OIM, ORM, OAM Access provisioning and attestation OIM, OAACG Fine grained provisioning of E-Business Suite

111 Fraud Prevention Customers OAAM Fraud analysis of on-line, ATM, and in-branch transaction data OAAM Integrated identity proofing services for credit card sign-up kiosks in department stores OAAM Prevent identity theft from resume database

112 Fine Grained Authorization Customers OES Standardized access control across risk management systems OES Fine grained access control for B2B fincancial services portal OES Fine grained access control for pharmaceutical service provider portal

113 Data Center Security Security Customers OVD, OID, OAM Integrated legacy back-end systems to new social networking portal OVD, OID, OAM, OIM Created centralized identity hub across AD, ADAM, EBS HR and other applications OVD, EUS Leveraged OVD to centralize DB user administration and authentication to existing AD

114 Case Study Lehman Bro. / Barclays GLB & SOX Compliance Business Challenges No official record of who has access to what to meet compliance requirements No reliable access DB and process for terminating access when employee leaves firm Oracle Solution Implemented OIM as enterprise identity management platform Enabled self-service account management for employees and managers Deployed enterprise-wide integration methodology and on-boarding, job change, and termination processes Return On Investment > 1,000 applications under centralized management Comprehensive who has access to what database for compliance and process automation Prompt termination of access for all departing employees Reduced wait for new resources

115 Case Study Accenture SAP Management & Self Service Business Challenges High % of help desk resources handling password reset Hardware tokens management was manual and expensive process SAP access management was not locked down and attestation of SAP access was based on and Excel Oracle Solution Implemented OIM as enterprise identity management platform Deployed self-service for password management and token lifecycle management Automated provisioning process for SAP, including reconciliation of employee records from SAP HR Return On Investment > $750,000 annual savings in help desk cost Eliminated need for a standalone RSA token management solution 10 fewer SAP administrators at an annual saving of $500,000 High quality IT compliance data for core SOX applications: SAP

116 Case Study Toyota Financial Services Oracle Apps Management & Enhanced Security Business Challenges Up to one month to provide all required access for new employees and employees changing jobs Lack of consistent control resulted in large number of orphaned and rogue accounts HR data was of poor quality and cannot be used as source of truth Oracle Solution Implemented OIM as enterprise identity management platform, replacing failed CA solution Cleaned up HR data in PeopleSoft using a claim your identity process Automated provisioning to core business and IT applications: PeopleSoft, Siebel, RACF, AD..etc. Return On Investment Clean HR data in PeopleSoft is now source of truth for identity Eliminated > 90% of ghost employee, orphaned and rogue accounts Guaranteed service level for access provisioning Reduced help desk calls from selfservice password management

117 Case Study Royal Bank of Scotland Standardized Access Control For A Global Enterprise Business Challenges Access management for globally distributed, multi-brand, 140,000+ workforce is manual, distributed, and nonstandardized No one reliable source for who has access to what Poor identity and role data to enable automation Oracle Solution Implemented OIM and ORM as enterprise identity management platform Implemented automated provisioning and continuous reconciliation to secure critical infrastructure applications Replaced legacy role management system and added delegated admin and workflow capabilities Return On Investment Lower cost for and improve speed of meeting compliance and internal audit mandates 100% reduction in unauthorized privileges, 90% reduction in exceptions and 90% reduction in roles and groups Standardized and remove duplicate processes and systems

118 Case Study Charles Schwab Cost Effective Compliance For A Distributed Workforce Business Challenges Non scalable manual process to track 6,000+ mobile retail worker s access in 300+ branches Homegrown attestation tool not scalable and too expensive to maintain Need to better control access to heterogeneous environment including PoepleSoft and TopSecret Oracle Solution Implemented OAM, OIM and ORM as enterprise identity management platform Delegated admin of branch hierarchy and location specific roles Fully automated provisioning process for critical SOX applications, using PeopleSoft as trusted identity source Return On Investment Lower admin cost while providing more accurate organization, role and identity data Consistent access control across modern and legacy (mainframe) applications Consolidated access and role data to simplify audit reporting and attestation

119 Case Study Southwest Airlines Seamless B2B Integration & Low TCO Business Challenges When mechanics cannot access Boeing s maintenance portal, airplanes sit idle at $15,000 per hour Boeing was incurring administration and help desk cost for managing SWA mechanic s access to the maintenance portal Oracle Solution Implemented OAM and OIF as enterprise access management and federation platform 1 st airline to implement SAML based federation solution OAM protects intranet and provides self-service password management 6-week deployment Return On Investment Saved administration cost of $30 per employee, per month Improved on-time performance and higher airplane utilization Less administration and help desk cost for partner Boeing

120 Case Study General Motors Lower Operational Costs & Centralized Access Control Business Challenges High administration cost associated with large use base User base includes multiple tiers of suppliers and dealers System access issues caused delay in supply chain collaboration Oracle Solution Implemented OAM and OIF as access control for dealer and supplier portals Enabled 6 levels of delegated administration for supplier portal Enabled attribute level security for delegated administrators Integrated with legacy access management system: IBM Tivoli Return On Investment Saved administration cost by delegating administration to partners Improved supply chain portal accessibility and supply chain performance Centralized policy management ensures consistent security across all partners

121 Case Study National City Fighting Internet Fraud & FFIEC Compliance Business Challenges Raising level and sophistication of internet fraud: phishing, key logging, pharming etc. FFIEC compliance requirement Oracle Solution Implemented OAAM to protect National City s on-line banking site Provided mutual authentication against phishing Provides real-time fraud detection against suspicious behaviors Integrated with legacy access management system: CA Siteminder Return On Investment Increased consumer confidence without sacrificing usability Decreased liability for National City and discouraged fraud attempts Increased ability to deliver new services in a secured manner

122 Case Study JPMorgan Chase Leveraging Entitlements Across the Business Units Business Challenges Frequent M&A activities makes it difficult to standardized access control across inherited systems & personnel moves Must protect confidential information and provide proof of the protection in a scalable manner Security architecture must be transparent, flexible, & efficient Oracle Solution Implemented OES to provides a common platform for authorizations that stretch across multiple business lines and organizations Business users maintain entitlements for application users by region and industry Return On Investment Protecting hundreds of applications simultaneously in a cost effective manner Policy changes are enforced instantaneously without synchronization and migration errors

123 Case Study AARP Fast & Simple Deployment & Integration Business Challenges Member portal evolving from static to social-networking Member data need to be maintained in multiple backend systems Core user information stored in a mainframe DB via a proprietary Web Service Oracle Solution Implemented OVD, OID and OAM to secure AARP.com for over 30 million members OVD exposes mainframe Web Service as LDAP OAM manages self-registration process OID provides authentication service Return On Investment Rapidly and cost effectively deployed new services without wholesale replacement of legacy technologies Achieved data integration into multiple systems without incurring cost of dedicated synchronization service Provide flexible security infrastructure to enable new business/service model

124 Case Study Chic-fil-A Simplify Application Deployment & Identity Integration Business Challenges Applicationccess to fine-grained authorization data Employee data spread in multiple data sources Difficult to deploy any new applications as a result Oracle Solution Implemented OVD to provide LDAP interface to internal permission systems OVD connects to AD, ADAM, ebiz HR, permission DB, and location DB OVD provides authentication and authorization related search capabilities Return On Investment Rapidly and cost effectively deployed new services Reduced number of repositories Reduced the need for new provisioning connectors

125 Hartford case study cannot be presented in public sessions. Either make this slide generic or use the Kable Deutchland case study. Case Study The Hartford Next Generation Business Enablement Technology Business Challenges Need to access industry-specific, web-based applications to process quotes across multiple carriers Need to provide real-time quotes to Independent agents using a variety of homegrown and vendor solutions Need technology that can co-exist with other corporate security environments and support multiple message transport protocols Oracle Solution Secure WS based quote-management environment using OWSM Flexible solution that integrates with existing SOA and 3rd-party hardwarebased security solutions Solution that provides both WS security and management using centralized policy administration Return On Investment Protects investment in existing multivendor and home-grown platforms Improved productivity and reduced risk associated with administration of security policy Security enforcement environment that can be rapidly deployed with no additional coding

126 Case Study - Kabel Deutschland SOA Security Integration Business Challenges Oracle BPEL is used by Kabel Deutshland to implement a flexible architecture to support the services offered by the company. The Oracle BPEL Process Manager deployment required additional security and operations management. Oracle Solution OWSM provides tight integration with Oracle BPEL Process Manager. Access to BPEL processes is protected by Oracle WSM agents, both on the client and server sides Authentication is extended to Individual users and requests can be routed to the right service. Return On Investment Cost reduction by eliminating the need for hard coding security for each web service Allows customer to eliminate VPN from service architecture Security is improved by extending authentication from service level to user level

127 For More Information search.oracle.com Identity management or oracle.com

128

ORACLE FUSION MIDDLEWARE PROFILE

ORACLE FUSION MIDDLEWARE PROFILE ORACLE FUSION MIDDLEWARE PROFILE Corporate Addvantum, is a global service provider of Information Technology consulting and services, to customers in GCC region. Addvantum has technical delivery centers

More information

<Insert Picture Here> Oracle Identity And Access Management

<Insert Picture Here> Oracle Identity And Access Management Oracle Identity And Access Management Gautam Gopal, MSIST, CISSP Senior Security Sales Consultant Oracle Public Sector The following is intended to outline our general product direction.

More information

Enterprise Identity Management Reference Architecture

Enterprise Identity Management Reference Architecture Enterprise Identity Management Reference Architecture Umut Ceyhan Principal Sales Consultant, IDM SEE Agenda Introduction Virtualization Access Management Provisioning Demo Architecture

More information

Identity Management Overview. Bill Nelson bill.nelson@gca.net Vice President of Professional Services

Identity Management Overview. Bill Nelson bill.nelson@gca.net Vice President of Professional Services Identity Management Overview Bill Nelson bill.nelson@gca.net Vice President of Professional Services 1 Agenda Common Identity-related Requests Business Drivers for Identity Management Account (Identity)

More information

Sun and Oracle: Joining Forces in Identity Management

Sun and Oracle: Joining Forces in Identity Management Sun and Oracle: Joining Forces in Identity Management The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

More information

Security and Identity

Security and Identity Security and Identity Management J. Alberto Yépez Vice President Oracle Corporation Agenda Corporate Background Business Drivers Oracle s Strategy Case Studies Oracle s Differentiation

More information

Rebuilding Corporate Trust: GRC and IT Governance. Dražen Patarić Senior Sales Consultant

Rebuilding Corporate Trust: GRC and IT Governance. Dražen Patarić Senior Sales Consultant Rebuilding Corporate Trust: GRC and IT Governance Dražen Patarić Senior Sales Consultant Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information

More information

An Oracle White Paper January 2010. Access Certification: Addressing & Building on a Critical Security Control

An Oracle White Paper January 2010. Access Certification: Addressing & Building on a Critical Security Control An Oracle White Paper January 2010 Access Certification: Addressing & Building on a Critical Security Control Disclaimer The following is intended to outline our general product direction. It is intended

More information

<Insert Picture Here> Oracle I&AM: Service Oriented Security - a flexible Security Foundation For Next-Generation Applications

<Insert Picture Here> Oracle I&AM: Service Oriented Security - a flexible Security Foundation For Next-Generation Applications Oracle I&AM: Service Oriented Security - a flexible Security Foundation For Next-Generation Applications Christian Patrascu, Principal Product Manager Oracle Fusion Middleware Agenda

More information

Governance, Risk & Compliance for Public Sector

Governance, Risk & Compliance for Public Sector Governance, Risk & Compliance for Public Sector Steve Hagner EMEA GRC Solution Sales From egovernment to Oracle igovernment Increase Efficiency and Transparency Oracle igovernment

More information

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com R2 Oracle Privileged Account Manager 11gR2 Karsten Müller-Corbach karsten.mueller-corbach@oracle.com The following is intended to outline our general product direction. It is intended for information purposes

More information

Oracle Platform Security Services & Authorization Policy Manager. Vinay Shukla July 2010

Oracle Platform Security Services & Authorization Policy Manager. Vinay Shukla July 2010 Oracle Platform Security Services & Authorization Policy Manager Vinay Shukla July 2010 The following is intended to outline our general product direction. It is intended for information purposes only,

More information

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach IDENTITY MANAGEMENT AND WEB SECURITY A Customer s Pragmatic Approach AGENDA What is Identity Management (IDM) or Identity and Access Management (IAM)? Benefits of IDM IDM Best Practices Challenges to Implement

More information

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges 1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda Business challenges

More information

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007 Oracle Identity Management for SAP in Heterogeneous IT Environments An Oracle White Paper January 2007 Oracle Identity Management for SAP in Heterogeneous IT Environments Executive Overview... 3 Introduction...

More information

Oracle Fusion Middleware 11g Release 1 IDM Suite

Oracle Fusion Middleware 11g Release 1 IDM Suite Oracle Fusion Middleware 11g Release 1 IDM Suite Rodger King Senior Principal Support Engineer The following is intended to outline our general product direction. It is intended for information purposes

More information

Oracle Role Manager. An Oracle White Paper Updated June 2009

Oracle Role Manager. An Oracle White Paper Updated June 2009 Oracle Role Manager An Oracle White Paper Updated June 2009 Oracle Role Manager Introduction... 3 Key Benefits... 3 Features... 5 Enterprise Role Lifecycle Management... 5 Organization and Relationship

More information

The Unique Alternative to the Big Four. Identity and Access Management

The Unique Alternative to the Big Four. Identity and Access Management The Unique Alternative to the Big Four Identity and Access Management Agenda Introductions Identity and Access Management (I&AM) Overview Benefits of I&AM I&AM Best Practices I&AM Market Place Closing

More information

Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1

Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1 Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1 Agenda Introduction PAGE 2 Organization Speakers Security Spectrum Information Security Spectrum Oracle Identity Management

More information

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications

More information

<Insert Picture Here> Integrating your On-Premise Applications with Cloud Applications

<Insert Picture Here> Integrating your On-Premise Applications with Cloud Applications Integrating your On-Premise Applications with Cloud Applications Agenda Hybrid IT Infrastructure An Emerging Trend A New Set of Challenges The Five Keys to Overcoming the Challenges

More information

Sun Infrastructure Solution for Network Identity Seamlessly extend secure access to your enterprise fast, with reduced deployment time and cost

Sun Infrastructure Solution for Network Identity Seamlessly extend secure access to your enterprise fast, with reduced deployment time and cost Sun Infrastructure Solution for Network Identity Seamlessly extend secure access to your enterprise fast, with reduced deployment time and cost Timothy Siu SE Manager, JES Nov/10/2003 sun.com/solutions/

More information

Provide access control with innovative solutions from IBM.

Provide access control with innovative solutions from IBM. Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business

More information

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation RSA Via Lifecycle and Governance 101 Getting Started with a Solid Foundation Early Identity and Access Management Early IAM was all about Provisioning IT tools to solve an IT productivity problem Meet

More information

Key New Capabilities Complete, Open, Integrated. Oracle Identity Analytics 11g: Identity Intelligence and Governance

Key New Capabilities Complete, Open, Integrated. Oracle Identity Analytics 11g: Identity Intelligence and Governance Key New Capabilities Complete, Open, Integrated Oracle Analytics 11g: Intelligence and Governance Paola Marino Principal Sales Consultant, Management Agenda Drivers Oracle Analytics

More information

Kenneth Hee Director, Business Development Security & Identity Management. Oracle Identity Management 11g R2 Securing The New Digital Experience

Kenneth Hee Director, Business Development Security & Identity Management. Oracle Identity Management 11g R2 Securing The New Digital Experience Kenneth Hee Director, Business Development Security & Identity Management Oracle Identity Management 11g R2 Securing The New Digital Experience This document is for informational purposes. It is not a

More information

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service An Oracle White Paper Dec 2013 Oracle Access Management Security Token Service Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,

More information

White paper December 2008. Addressing single sign-on inside, outside, and between organizations

White paper December 2008. Addressing single sign-on inside, outside, and between organizations White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli

More information

Oracle Identity Management Securing The New Digital Experience

Oracle Identity Management Securing The New Digital Experience Oracle Identity Management Securing The New Digital Experience Security: User Single Sign-On, Certifying User Access, and Masking Sensitive Data Henry Anzarouth Principal Sales Consultant, Security and

More information

Mitigating Information Security Risks of Cloud Computin

Mitigating Information Security Risks of Cloud Computin Peter Rajnak Business Devlopment Director for Security Solutions Oracle OFM APAC Mitigating Information Security Risks of Cloud Computin Everyone Is Talking About Cloud Cloud Is at

More information

How can Identity and Access Management help me to improve compliance and drive business performance?

How can Identity and Access Management help me to improve compliance and drive business performance? SOLUTION BRIEF: IDENTITY AND ACCESS MANAGEMENT (IAM) How can Identity and Access Management help me to improve compliance and drive business performance? CA Identity and Access Management automates the

More information

<Insert Picture Here> Oracle Database Vault

<Insert Picture Here> Oracle Database Vault Oracle Database Vault Kamal Tbeileh Senior Principal Product Manager, Database Security The following is intended to outline our general product direction. It is intended for information

More information

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions Introduction This paper provides an overview of the integrated solution and a summary of implementation options

More information

OracleAS Identity Management Solving Real World Problems

OracleAS Identity Management Solving Real World Problems OracleAS Identity Management Solving Real World Problems Web applications are great... Inexpensive development Rapid deployment Access from anywhere BUT. but they can be an administrative and usability

More information

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy? SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY How Can I Both Enable and Protect My Organization in the New Application Economy? CA Security solutions can help you enable and protect your business

More information

Simplify and Automate IT

Simplify and Automate IT Simplify and Automate IT Expectations have never been higher Reduce IT Costs 30% increase in staff efficiency Reduce support costs by 25% Improve Quality of Service Reduce downtime by 75% 70% faster MTTR

More information

Identity Management and Single Sign-On

Identity Management and Single Sign-On Delivering Oracle Success Identity Management and Single Sign-On Al Lopez RMOUG Training Days February 2012 About DBAK Oracle Solution Provider and License Reseller Core Technology and EBS Applications

More information

<Insert Picture Here> Charles Phillips. President Oracle Corporation

<Insert Picture Here> Charles Phillips. President Oracle Corporation Charles Phillips President Oracle Corporation Oracle Corporation World s largest enterprise software vendor $18 billion revenue, FY07 300,000 global customers 235,000 Oracle Database

More information

Oracle Mobile Security Suite. René Klomp 6 mei 2014

Oracle Mobile Security Suite. René Klomp 6 mei 2014 Oracle Mobile Security Suite René Klomp 6 mei 2014 Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be

More information

Identity Management Basics. OWASP May 9, 2007. The OWASP Foundation. Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com. http://www.owasp.

Identity Management Basics. OWASP May 9, 2007. The OWASP Foundation. Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com. http://www.owasp. Identity Management Basics Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com May 9, 2007 Copyright The Foundation Permission is granted to copy, distribute and/or modify this document under the terms

More information

Take Control of Identities & Data Loss. Vipul Kumra

Take Control of Identities & Data Loss. Vipul Kumra Take Control of Identities & Data Loss Vipul Kumra Security Risks - Results Whom you should fear the most when it comes to securing your environment? 4. 3. 2. 1. Hackers / script kiddies Insiders Ex-employees

More information

Business-Driven, Compliant Identity Management

Business-Driven, Compliant Identity Management Solution in Detail NetWeaver NetWeaver Identity Business-Driven, Compliant Identity Using NetWeaver Identity Managing users in heterogeneous IT landscapes presents many challenges for organizations. System

More information

SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management

SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management improving SAP security with CA Identity and Access Management The CA Identity and Access Management (IAM) suite can help you

More information

Q3FY11 Oracle OPN Specialized Security Pillar Executive Webcast

Q3FY11 Oracle OPN Specialized Security Pillar Executive Webcast Q3FY11 Oracle OPN Specialized Security Pillar Executive Webcast Today s Agenda Welcome Security Inside/Out OPN Specialized Requirements Q3 Web Cast Series Technology Play Books XMonth Next Steps Q & A

More information

IBM Tivoli Identity Manager

IBM Tivoli Identity Manager Automated, role-based user management and provisioning of user services IBM Tivoli Identity Manager Reduce help-desk costs and IT staff workload with Web self-service and password reset/synch interfaces

More information

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT Solution in Detail NetWeaver BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING NetWeaver IDENTITY MANAGEMENT Identity management today presents organizations with a host of challenges. System landscapes

More information

Trust but Verify: Best Practices for Monitoring Privileged Users

Trust but Verify: Best Practices for Monitoring Privileged Users Trust but Verify: Best Practices for Monitoring Privileged Users Olaf Stullich, Product Manager (olaf.stullich@oracle.com) Arun Theebaprakasam, Development Manager Chirag Andani, Vice President, Identity

More information

Oracle Access Manager. An Oracle White Paper

Oracle Access Manager. An Oracle White Paper Oracle Access Manager An Oracle White Paper NOTE: The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any

More information

How To Ensure Financial Compliance

How To Ensure Financial Compliance Evolving from Financial Compliance to Next Generation GRC Gary Prince Principal Solution Specialist - GRC Agenda Business Challenges Oracle s Leadership in Governance, Risk and Compliance Solution Overview

More information

White paper December 2008. IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview

White paper December 2008. IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview White paper December 2008 IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview Page 2 Contents 2 Executive summary 2 The enterprise access challenge 3 Seamless access to applications 4

More information

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, 2004 9:00 AM

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, 2004 9:00 AM Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance RSA Security and Accenture February 26, 2004 9:00 AM Agenda Laura Robinson, Industry Analyst, RSA Security Definition of

More information

Simplify and Automate IT

Simplify and Automate IT Simplify and Automate IT The current state of IT INCIDENT SERVICE LEVEL DATA SERVICE REQUEST ASSET RELEASE CONFIGURATION GOVERNANCE AND COMPLIANCE EVENT AND IMPACT ENTERPRISE SCHEDULING DASHBOARDS CAPACITY

More information

Complete Database Security. Thomas Kyte http://asktom.oracle.com/

Complete Database Security. Thomas Kyte http://asktom.oracle.com/ Complete Database Security Thomas Kyte http://asktom.oracle.com/ Agenda Enterprise Data Security Challenges Database Security Strategy Oracle Database Security Solutions Defense-in-Depth Q&A 2 Copyright

More information

<Insert Picture Here> Camilla Kampmann

<Insert Picture Here> Camilla Kampmann Camilla Kampmann Senior Marketing Director, EE&CIS, Oracle Corporation Strong FY07 Financial Performance New Software License Revenue Maintenance Revenue Service Revenue Total Revenue

More information

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM Toby Emden Vice President Strategy and Practices 2014 CONTENTS Evolution Business Drivers Provisioning

More information

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 The Need for

More information

Approaches to Enterprise Identity Management: Best of Breed vs. Suites

Approaches to Enterprise Identity Management: Best of Breed vs. Suites Approaches to Enterprise Identity Management: Best of Breed vs. Suites 2015 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Executive Summary 1 3 Background 2 3.1 Enterprise Identity

More information

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to

More information

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value. Security management White paper Develop effective user management to demonstrate compliance efforts and achieve business value. September 2008 2 Contents 2 Overview 3 Understand the challenges of user

More information

Securing the Cloud through Comprehensive Identity Management Solution

Securing the Cloud through Comprehensive Identity Management Solution Securing the Cloud through Comprehensive Identity Management Solution Millie Mak Senior IT Specialist What is Cloud Computing? A user experience and a business model Cloud computing is an emerging style

More information

E-Business Suite Oracle SOA Suite Integration Options

E-Business Suite Oracle SOA Suite Integration Options Specialized. Recognized. Preferred. The right partner makes all the difference. E-Business Suite Oracle SOA Suite Integration Options By: Abhay Kumar AST Corporation March 17, 2014 Applications Software

More information

Next Generation Solutions for Indian Railways. Sundar Ram VP, Technology Sales Consulting

Next Generation Solutions for Indian Railways. Sundar Ram VP, Technology Sales Consulting Next Generation Solutions for Indian Railways Sundar Ram VP, Technology Sales Consulting Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information

More information

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. Identity-centric Security: The ca Securecenter Portfolio

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. Identity-centric Security: The ca Securecenter Portfolio SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY Identity-centric Security: The ca Securecenter Portfolio How can you leverage the benefits of cloud, mobile, and social media, while protecting

More information

White paper. Four Best Practices for Secure Web Access

White paper. Four Best Practices for Secure Web Access White paper Four Best Practices for Secure Web Access What can be done to protect web access? The Web has created a wealth of new opportunities enabling organizations to reduce costs, increase efficiency

More information

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003 Oracle Identity Management Concepts and Architecture An Oracle White Paper December 2003 Oracle Identity Management Concepts and Architecture Introduction... 3 Identity management... 3 What is Identity

More information

Security It s an ecosystem thing

Security It s an ecosystem thing Security It s an ecosystem thing Joseph Alhadeff Vice President Global Public Policy, Chief Privacy Strategist The Security challenge in the before time. Today s Threat Environment

More information

When millions need access: Identity management in an increasingly connected world

When millions need access: Identity management in an increasingly connected world IBM Software Thought Leadership White Paper January 2011 When millions need access: Identity management in an increasingly connected world Best practice solutions that scale to meet today s huge numbers

More information

Oracle Mobile Security Management

Oracle Mobile Security Management Oracle Mobile Security Management Angelo Maria Bosis Technology Sales Consulting Director Milano, 19 Marzo 2014 Safe Harbor Statement The following is intended to outline our general

More information

Integrating Hitachi ID Suite with WebSSO Systems

Integrating Hitachi ID Suite with WebSSO Systems Integrating Hitachi ID Suite with WebSSO Systems 2015 Hitachi ID Systems, Inc. All rights reserved. Web single sign-on (WebSSO) systems are a widely deployed technology for managing user authentication

More information

Balancing Security Investment Against Today's Threat Environment

Balancing Security Investment Against Today's Threat Environment Balancing Security Investment Against Today's Threat Environment Niel Pandya Data Security, Senior Manager, Oracle ASEAN The following is intended to outline our general product direction.

More information

Business-Driven, Compliant Identity Management

Business-Driven, Compliant Identity Management SAP Solution in Detail SAP NetWeaver SAP Identity Management Business-Driven, Compliant Identity Management Table of Contents 3 Quick Facts 4 Business Challenges: Managing Costs, Process Change, and Compliance

More information

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments. Security management solutions White paper IBM Tivoli and Consul: Facilitating security audit and March 2007 2 Contents 2 Overview 3 Identify today s challenges in security audit and compliance 3 Discover

More information

<Insert Picture Here> Oracle Database Security Overview

<Insert Picture Here> Oracle Database Security Overview Oracle Database Security Overview Tammy Bednar Sr. Principal Product Manager tammy.bednar@oracle.com Data Security Challenges What to secure? Sensitive Data: Confidential, PII, regulatory

More information

Extending Identity and Access Management

Extending Identity and Access Management Extending Identity and Access Management Michael Quirin Sales Engineer Citrix Systems 1 2006 Citrix Systems, Inc. All rights reserved. Company Overview Leader in Access Infrastructure NASDAQ 100 and S&P

More information

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success Manvendra Kumar AST Corporation, IL Scott Brinker College of American Pathologist, IL August

More information

Cloud Security/Access Control and Identity Management. Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011

Cloud Security/Access Control and Identity Management. Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011 Cloud Security/Access Control and Identity Management Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011 Agenda Evolution of IT and IdM Requirements Building and Securing Clouds Oracle Public Cloud

More information

IBM Security & Privacy Services

IBM Security & Privacy Services Enter Click Here The challenge of identity management Today organizations are facing paradoxical demands for greater information access and more stringent information security. You must deliver more data

More information

Streamlining Human Capital Management with Identity and Access Management. An Oracle White Paper December 2008

Streamlining Human Capital Management with Identity and Access Management. An Oracle White Paper December 2008 Streamlining Human Capital Management with Identity and Access Management An Oracle White Paper December 2008 NOTE: The following is intended to outline our general product direction. It is intended for

More information

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning. PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading

More information

<Insert Picture Here> Oracle Web Services Manager (WSM)

<Insert Picture Here> Oracle Web Services Manager (WSM) Oracle Web Services Manager (WSM) Marc Chanliau Director, Product Management Outline Introduction Product Overview Typical Use-Case Scenarios Roadmap Q & A Introduction

More information

PROTECT YOUR WORLD. Identity Management Solutions and Services

PROTECT YOUR WORLD. Identity Management Solutions and Services PROTECT YOUR WORLD Identity Management Solutions and Services Discussion Points Security and Compliance Challenges Identity Management Architecture CSC Identity Management Offerings Lessons Learned and

More information

A7 / SAP Financial Services Forum 2014 / September 9-10, 2014 / London / UK Cloud Strategy for Banking Run Simple with SAP

A7 / SAP Financial Services Forum 2014 / September 9-10, 2014 / London / UK Cloud Strategy for Banking Run Simple with SAP A7 / SAP Financial Services Forum 2014 / September 9-10, 2014 / London / UK Cloud Strategy for Banking Run Simple with SAP Jens-Peter Jensen (SAP SE) Public Use this title slide only with an image Disclaimer

More information

Oracle IDM Integration with E-Business Suite & Middleware Technologies

Oracle IDM Integration with E-Business Suite & Middleware Technologies Oracle IDM Integration with E-Business Suite & Middleware Technologies Session ID#: 14251 Prepared by: Scott Brinker IDM Security Specialist CAP Deepak Sharma Sr. Consultant AST Corporation REMINDER Check

More information

Security Trends and Client Approaches

Security Trends and Client Approaches Security Trends and Client Approaches May 2010 Bob Bocchino, CISA ERM Security and Compliance Business Advisor IBU Technology Sales Support Industries Business Unit, Technology Sales Support 1 Mark Dixon

More information

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

Service management White paper. Manage access control effectively across the enterprise with IBM solutions. Service management White paper Manage access control effectively across the enterprise with IBM solutions. July 2008 2 Contents 2 Overview 2 Understand today s requirements for developing effective access

More information

Oracle Fusion Middleware

Oracle Fusion Middleware Oracle Fusion Middleware Integration Overview for Oracle Identity Management Suite 11g Release 1 (11.1.1) E15477-02 June 2011 Oracle Fusion Middleware Integration Overview for Oracle Identity Management

More information

How Oracle MAF & Oracle Mobile Cloud can Accelerate Mobile App Development

How Oracle MAF & Oracle Mobile Cloud can Accelerate Mobile App Development How Oracle MAF & Oracle Mobile Cloud can Accelerate Mobile App Development A RapidValue Solutions Whitepaper Contents Executive Summary... 03 Oracle Mobile Application Framework (MAF): The Complete Development

More information

SAP Identity Management Overview

SAP Identity Management Overview Identity Management Overview October 2014 Public Agenda Introduction to Identity Management Role Management and Workflows Business-Driven Identity Management Compliant Identity Management Reporting Password

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com VENDOR PROFILE Passlogix and Enterprise Secure Single Sign-On: A Success Story Sally Hudson IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

More information

Preemptive security solutions for healthcare

Preemptive security solutions for healthcare Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare

More information

Attestation of Identity Information. An Oracle White Paper May 2006

Attestation of Identity Information. An Oracle White Paper May 2006 Attestation of Identity Information An Oracle White Paper May 2006 Attestation of Identity Information INTRODUCTION... 3 CHALLENGES AND THE NEED FOR AUTOMATED ATTESTATION... 3 KEY FACTORS, BENEFITS AND

More information

STRONGER AUTHENTICATION for CA SiteMinder

STRONGER AUTHENTICATION for CA SiteMinder STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive

More information

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved.

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. 1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Applications Integration, Oracle Fusion Applications Nigel King, VP Fusion Applications Functional Architecture Amy Andrews, Sr. Director,

More information

> Please fill your survey to be eligible for a prize draw. Only contact info is required for prize draw Survey portion is optional

> Please fill your survey to be eligible for a prize draw. Only contact info is required for prize draw Survey portion is optional Web Access Management May 2008 CA Canada Seminar > Please fill your survey to be eligible for a prize draw Only contact info is required for prize draw Survey portion is optional > How to Transform Tactical

More information

An Oracle White Paper June 2009. Oracle Database 11g: Cost-Effective Solutions for Security and Compliance

An Oracle White Paper June 2009. Oracle Database 11g: Cost-Effective Solutions for Security and Compliance An Oracle White Paper June 2009 Oracle Database 11g: Cost-Effective Solutions for Security and Compliance Protecting Sensitive Information Information ranging from trade secrets to financial data to privacy

More information

Passlogix Sign-On Platform

Passlogix Sign-On Platform Passlogix Sign-On Platform The emerging ESSO standard deployed by leading enterprises Extends identity management to the application and authentication device level No modifications to existing infrastructure

More information

Introduction to Systinet. SOA Governance and Lifecycle Management

Introduction to Systinet. SOA Governance and Lifecycle Management Introduction to Systinet SOA Governance and Lifecycle Management About Systinet WHO WHAT Founded in 2000, Systinet, a division of Mercury, is the leading provider of the foundation for SOA governance and

More information

Enterprise Security Solutions

Enterprise Security Solutions Enterprise Security Solutions World-class technical solutions, professional services and training from experts you can trust ISOCORP is a Value-Added Reseller (VAR) and services provider for best in class

More information

Identity Governance Evolution

Identity Governance Evolution Identity Governance Evolution Paola Marino Principal Sales Consultant Agenda Oracle Identity Governance Innovation Cloud Scenarios enabled by Oracle Identity Platform Agenda Oracle

More information

Understanding Enterprise Cloud Governance

Understanding Enterprise Cloud Governance Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination

More information