|
REDWOOD SHORES, Calif.,
29-NOV-2006 05:15 AM
Oracle today announced an open initiative, the
Identity Governance Framework (IGF), designed to help organizations
better govern and protect sensitive identity-related employee, customer
and partner information as it flows across heterogeneous applications.
Leading identity vendors including CA, Layer 7 Technologies, Novell,
Ping Identity, Securent and Sun Microsystems, Inc. have reviewed a
draft of the Framework and plan to work with Oracle to develop full
specifications. With today's announcement, Oracle is also inviting
additional vendors and customers to review and contribute to the key
draft specifications.
Organizations today are struggling to balance
the need to meet regulatory mandates and secure personal information
while maintaining streamlined business processes. As a consequence,
identity-related data is often embedded in numerous applications across
an organization, making it prone to inconsistencies, placing
information at risk and triggering privacy violations. IGF will
uniquely address this problem and establish a standard way of defining
enterprise-level policies for organizations to share sensitive personal
information securely and confidently between applications and diverse
identity sources while helping ensure security and privacy. With the
IGF, organizations can more easily determine and control how identity
information - including Personally Identifiable Information, access
entitlements and personal attributes - is used, stored, and propagated
across diverse systems, helping ensure the information is easily
auditable and not abused, compromised or misplaced.
"Historically, enterprise architects and
developers have struggled with the challenge of seamlessly integrating
identity services with business applications - a situation that is
further compounded by contemporary regulatory and compliance
pressures," said Gerry Gebel, vice president and service director at
Burton Group. "Efforts, such as the Identity Governance Framework, can
help bring order to unsystematic environments or approaches by
addressing areas not covered in other identity and security standards."
The IGF provides a standard mechanism for
organizations to establish "contracts" between their applications and
sources of identity data. The four key components of the Identity
Governance Framework that vendors and customers can currently review
include:
* Client Attribute Requirement Markup Language
(CARML) - an XML-based declarative contract defined by application
developers that informs deployment managers and service providers about
the attribute usage requirements of an application;
* Attribute Authority Policy Markup Language
(AAPML) - a set of policy rules regarding the use of identity-related
information from an identity source that allow these sources to specify
constraints on use of provided data by consuming applications;
* CARML API - an Application Programming
Interface that makes it easier for developers to write applications
that consume and use identity-related data in a way that conforms to
policies set around the use of such information; and
* Identity Service - a policy-secured service
for accessing identity-related data from multiple identity sources.
"As a provider of business and infrastructure
applications, Oracle understands the challenges our customers face when
trying to manage and secure identity-related information that is often
scattered across their entire infrastructure and recognizes the
increasing importance of establishing auditable policies pertaining to
that information," said Hasan Rizvi, vice president, Identity
Management and Security products, Oracle. "By creating the Identity
Governance Framework we are helping organizations overcome this
challenge and gain complete visibility into how identity information is
stored and used in their systems."
Industry Support
of the Identity Governance Framework
Key vendors in the identity management market
support the IGF and plan to help further develop the specifications
that will be submitted to a recognized global standards setting
organization in the future. Oracle, CA, Layer 7 Technologies, Novell,
Ping Identity, Securent and Sun Microsystems are expected to be joined
by other technology companies who also plan to contribute to the
initiative. Customers are expected to benefit from a common industry
standard by being able to share sensitive identity-related data more
easily across their heterogeneous IT environment and know where it is,
how it's being used and by whom.
"CA is supporting the Identity Governance
Framework to help customers more easily protect personal data across
their disparate systems and applications," said Vadim Lander, vice
president and chief architect, Security Management at CA. "We look
forward to working with Oracle and others to develop practical,
adaptable XML-based specifications that simplify the creation,
enforcement and management of identity security policies."
"Consistent and cross-platform access to
identity information is central to good security and compliance," said
Toufic Boubez, CTO of SOA security vendor, Layer 7 Technologies.
"Nowhere is this more critical than in SOA where identity context needs
to be shared across heterogeneous services that span enterprise
departments and divisions. Secure, compliant SOA therefore requires a
policy driven framework for consistently accessing and sharing identity
information across an extended enterprise. Layer 7 is excited to be
working with its partners to help formulate a standards based framework
for delivering these kind of identity services to market."
"Novell is committed to working with Oracle
and other leaders in the identity management market in the development
of an open framework that will facilitate developers' efforts to better
identity-enable applications and services independent of the underlying
identity infrastructure," said Nick Nikols, vice president, Product
Management Identity and Security Novell, Inc. "This commitment goes
hand in hand with our existing participation and contributions to the
Higgins and Bandit projects."
"The Identity Governance Frame work is a much
needed addition to the identity management industry," said Patrick
Harding, CTO, Ping Identity. "The Framework, as an extension of
Federated Identity Management, will allow our customers to better
maintain the privacy of their user information and to have
finer-grained control over the release of that information to their
business partners."
"Secure access to sensitive identity-related
information including HR information, location/presence information,
customer information, etc. is increasingly critical for businesses,"
said Sekhar Sarukkai, Founder and CTO of Securent Inc. "As the leading
XACML-based entitlement management vendor, Securent is in the forefront
of deploying policy-driven authorization solutions across heterogeneous
environments and is happy to contribute its experiences to the creation
of the Identity Governance Framework in order to enable an
open-standards-based, declarative, mechanism to securely publish, and
consume, identity related information."
"The direction which the Identity Governance
Framework is heading is positive," said Don Bowen, director of Identity
Integration for Sun Microsystems, Inc. "Sun supports its submission to
a standards body and thinks the Liberty Alliance may be best, as it is
a natural and essential evolution of the work already done within that
organization."
To learn more about the Identity Governance
Framework and to review the specifications, visit
http://www.oracle.com/goto/igf.
About Oracle
Oracle (NasdaqGS: ORCL) is the world's largest
enterprise software company. For more information about Oracle, visit
our Web site at http://www.oracle.com.
# # #
Trademarks
Oracle, JD Edwards, PeopleSoft, and Siebel are
registered trademarks of Oracle Corporation and/or its affiliates.
Other names may be trademarks of their respective owners.
|
