HOL9449 Access Management: Secure web, mobile and cloud access

Similar documents
An Oracle White Paper Dec Oracle Access Management OAuth Service

An Oracle White Paper Dec Oracle Access Management Federation Service

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant

Kenneth Hee Director, Business Development Security & Identity Management. Oracle Identity Management 11g R2 Securing The New Digital Experience

Single Sign On. SSO & ID Management for Web and Mobile Applications

OPENIAM ACCESS MANAGER. Web Access Management made Easy

IBM Tivoli Federated Identity Manager

Integrating Apex into Federated Environment using SAML 2.0. Jon Tupman Portalsoft Solutions Ltd

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

Build Your Mobile Strategy Not Just Your Mobile Apps

TrustedX - PKI Authentication. Whitepaper

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Flexible Identity Federation

Adding Stronger Authentication to your Portal and Cloud Apps

An Overview of Samsung KNOX Active Directory and Group Policy Features

SUPERVALU Successfully Leverages Tablet Technology and Identity and Access Management Infrastructure for Increased Security and Business Productivity

A Standards-based Mobile Application IdM Architecture

The Future of Cloud Identity Security. Michael Schwartz Founder / CEO Gluu

nexus Hybrid Access Gateway

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

Oracle Mobile Security

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

AAI for Mobile Apps How mobile Apps can use SAML Authentication and Attributes. Lukas Hämmerle

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

Egnyte Single Sign-On (SSO) Installation for OneLogin

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Identity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics

HP Software as a Service

How Oracle MAF & Oracle Mobile Cloud can Accelerate Mobile App Development

Migration Best Practices for OpenSSO 8 and SAM 7.1 deployments O R A C L E W H I T E P A P E R M A R C H 2015

Sun and Oracle: Joining Forces in Identity Management

Secure Cloud Computing

Introduction to Oracle Mobile Application Framework Raghu Srinivasan, Director Development Mobile and Cloud Development Tools Oracle

MIT Tech Talk, May 2013 Justin Richer, The MITRE Corporation

Novell Access Manager

Dell One Identity Cloud Access Manager How to Develop OpenID Connect Apps

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Oracle Access Management 11gR2 ( x) Frequently Asked Questions (FAQ)

Extend and Enhance AD FS

Safe Harbor Statement

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Introduction to SAML

AVG Business SSO Partner Getting Started Guide

An Oracle White Paper Dec Oracle Access Management Security Token Service

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

Identity. Provide. ...to Office 365 & Beyond

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

Getting Started with AD/LDAP SSO

Oracle Process Cloud Service Rapidly Automate & Manage Process Applications

Copyright Pivotal Software Inc, of 10

The Role of Identity Enabled Web Services in Cloud Computing

An Overview of Samsung KNOX Active Directory-based Single Sign-On

WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES

STRONGER AUTHENTICATION for CA SiteMinder

TrustedX: eidas Platform

Access Management Analysis of some available solutions

Oracle Cloud Bjarte Drivenes Enterprise Architect. Copyright 2014 Oracle and/or its affiliates. All rights reserved.

SAP HANA Cloud Portal Overview and Scenarios

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY

Single Sign On for ShareFile with NetScaler. Deployment Guide

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP

Cloud for e-government

UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL SS. Single Sign-On (SSO) Solution

MY1LOGIN SOLUTION BRIEF: PROVISIONING. Automated Provisioning of Users Access to Apps

Agenda. How to configure

Administering Jive Mobile Apps

Mobile Security. Policies, Standards, Frameworks, Guidelines

Amplify Service Integration Developer Productivity with Oracle SOA Suite 12c

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013

Security Services. Benefits. The CA Advantage. Overview

Oracle Platform Security Services & Authorization Policy Manager. Vinay Shukla July 2010

BYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD?

Protect Everything: Networks, Applications and Cloud Services

NCSU SSO. Case Study

Oracle IDM Integration with E-Business Suite & Middleware Technologies

The increasing popularity of mobile devices is rapidly changing how and where we

PRODUCT BRIEF OpenAM. Delivering secure access for customers, applications, devices and things

The Top 5 Federated Single Sign-On Scenarios

Authentication Strategy: Balancing Security and Convenience

Enabling SSO for native applications

From centralized to single sign on

G Cloud 6 CDG Service Definition for Forgerock Software Services

Oracle Fusion Middleware 11g Release 1 IDM Suite

API-Security Gateway Dirk Krafzig

Powering Security and Easy Authentication in a Multi-Channel World

Federated Identity for Cloud Computing and Cross-organization Collaboration

Apigee Edge API Services Manage, scale, secure, and build APIs and apps

Authentication Integration

Mobile Identity and Edge Security Forum Sentry Security Gateway. Jason Macy CTO, Forum Systems

SWISSVBS LEARNING CLOUD (SLC)

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

McAfee Cloud Identity Manager

Transcription:

HOL9449 Access Management: Secure web, mobile and cloud access Kanishk Mahajan Principal Product Manager, Oracle September, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal/Restricted/Highly Restricted

Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal/Restricted/Highly Restricted 3

Unified Access Management Key Solution Requirements Seamless Multi-Channel Access Integrated Risk, Fraud & Strong Authentication Access Any Application, From Any Device, Any Where Standards Based Modular Architecture Scalable for today s Internet Needs Increase Agility with External Security Policies

Oracle Access Management Unified Approach to Complete Authentication, Authorization and Audit Authentication Authorization Mobile and API Federation Intelligent Risk Based Authentication Integrated Strong Authentication Real Time External Security Policies RESTful Interfaces API Management Standards Based Social Platform Common Policy Model Standards Bases Approach Scalable High Availability and DR Authentication Plugin Framework Cloud Apps Desktop Apps Enterprise Apps Oracle Apps Mobile Apps

RISK HIGH Access Management Intelligent Context-aware, Content-aware and Risk-aware If the risk is very high: Deny access and alert the security team MED- HIGH If the risk is high: KBA or OTP MED- LOW If the risk is medium: Local account/ SAML Federated accounts LOW If the risk is low: Social Identity ALLOW RESPONSE DENY Better user experience, enhanced security, improved compliance

Access Management 11gR2 Adoption 1000 OAM 11g R2 Active Customers 900 800 700 600 500 400 300 200 100 0 3/31/20135/20/20137/9/20138/28/2013 10/17/2013 12/6/20131/25/20143/16/2014

Cloud Ready Access Access Portal SSO Portal to SaaS, Partner and OAM protected resources Web-based interface that adapts to the device Catalog available for users to add, configure, modify and remove applications Configurable View All, Favorites, Recent and Search RESTful interfaces enable integration and customization

Cloud Ready Access Access Portal Access Proxy Form Fill SSO through different technologies Applications with login forms Form-Fill Applications that are federation enabled Corporate web resources protected by OAM SSO via OAM session identifiers Identity Federation OAM Resources

Cloud Ready Access Identity Federation Fully Converged IdP and SP Protocol Support SAML 2.0, SAML 1.1, OpenID 2.0 IdP/SP initiated SSO, Logout (SAML 2.0) Native Integration with Access Manager Seamless integration, Shared ID Store (Multiple ID Store Support) Leverage OAM Authentication Schemes Session Attribute Support

Enabling Cloud API Economy OAuth 2.0 Full OAuth 2.0 Support Integrated into Access Management Server and client, 2 & 3 legged, profile service Natively leverage Access Management services (Auth, SSO, Fraud)

Enabling Cloud API Economy OAuth 2.0 Built-in integration with Oracle Access Management Leverage any authentication schemes Fraud Detection & Strong Authentication Single Sign On Shares a common Oracle Access Management configuration, deployment and infrastructure Internet Engineering Task Force (IETF) OAuth 2.0 compliant

Securing External Mobile Applications Accelerate deployment of Legacy Applications (Oracle API Gateway) Protect user data with API security for Internet facing mobile applications Enable consistent user experience across platforms with mobile access management Secure mobile app development by externalizing security requirements

Securing External Mobile Applications 3. User registers Apps over APNS. Apps request OAuth tokens to access ACME Financials REST services Client requests Stock and Mortgage info from ACME Financials 1. User Apple downloads Push Notification ACME StockApp Server C C from CT App AT Store T 2. User downloads ACME MortgageApp from App Store C AT T T C AT T Mobile & Social Service Client Registration Service Push Notification Service Fraud Detection Service MobileSSO Service C CT T C AT T IDM OAuth Service M&S Service OAuth Extensions C CT T ACME Financials Service C AT T ACME Financials ACME Financials examines the Access Token and sends account info to Mobile Apps Device Store Server Side Device Store enables MobileSSO between participating Apps

Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal/Restricted/Highly Restricted 15