Oracle Entitlements Server is a fine grained authorization engine that externalizes, unifies, and simplifies the management of complex entitlement policies—strengthening security and compliance, improving IT efficiency, and enhancing business agility. These authorizations may be used to protect the most fine grained business or IT concept. For example, Oracle Entitlements Server policies can describe how users interact with entire application interfaces or even single form fields. Oracle Entitlements Server protects user interfaces, business logic, and even databases. Oracle Entitlements Server is a component of Oracle Fusion Middleware, a well-integrated family of customer-proven software products designed to shine in the most demanding customer environments.
Oracle Entitlements Server provides a centralized administration point for complex entitlement policies across a diverse range of business and IT systems. Oracle Entitlements Server offers a sophisticated delegated administration model that allows multiple organizations and application stakeholders to create, modify and report on the entitlement policies that affect them. This management can be done by security policy specialists and do not require intervention by a development organization. Oracle Entitlements Server integrates with existing Oracle Identity and Access Management produces (such as Oracle Access Manager, Oracle Adaptive Access Manager) to provide a complete end to end access management solution covering a wide span of entitlement use cases.
Web based fine grained entitlements for applications
Reduce administrative overhead and speeds application deployment time by empowering line of business users to define, administer and enforce application entitlements policy
Interoperability through open standards
Supports XACML 2.0 request response profile and XACML policy export for interoperability. Supports SAML for identity federation.
Design and runtime analysis
Strengthen governance and compliance adherence with design time and runtime analysis
Intelligent policy distribution
Ensures that Security Modules are given only the policies they need and keeps Security Modules synchronized with latest policy updates..
Adapts to multiple administrative scenarios involving any number of participants across multiple organizations and lines of business.
Built for Integration
Entitlements Server administrative features are fully accessible via web based or programmatic means.
The administration features of Oracle Entitlements Server include:
Support for massive policy stores with thousands of resources and policies
Partitioning features for large numbers of organizations and applications
Fully delegated administration with flexible role mapping of users
Web-based interface that runs on popular J2EE containers
Fully programmable administrative interface for custom administrative needs
Administration model that is protected by OES itself
Oracle Entitlements Server handle the task of publishing policies to the individual Security Modules protecting applications and services. This distribution provides a transactional mechanism to ensure each Security Module has just the policy it needs. Features of the policy distribution include:
Ability to update policies in Security Module without interrupting applications.
Intelligent push technology that only pushes the policies needed by a Security Module.
Sophisticated protocol which handles interrupted distribution scenarios.
Simple architectural requirements for policy distribution without foresaking security and integrity of policies in-flight
Security Modules operate in a 'disconnected' mode with no runtime dependency on Entitlements Server.
Support for Multiple Platforms
Oracle Entitlements Server runs on many popular J2EE containers such as WebLogic Server, Tomcat and WebSphere. Policy repositories can be stored in Oracle Database, Sybase, SQL Server and DB2.
Oracle Entitlements Server provides ad-hoc query facility to help policy administrators understand how users and roles map to permissions and entitlements. Policy reports can be generated for specific application resources (e.g. reports, database columns, EJBs), identies (users, groups, roles) and even permissions. Reports are available as simple text files for consumption by downstream BI or reporting tools.
Oracle Entitlements Server is the only enterprise-class entitlements solution that provides rich fine-grained entitlements and centralized security administration for both application software components and application business objects. Oracle Entitlements Server strengthens security and compliance, increases IT efficiency and enhances business agility by decoupling security logic from applications, providing consistent policy administration, and enforcing auditability across applications across the enterprise.
This document is provided for informational purposes only, and the information herein is subject to change without notice. Please report any errors herein to Oracle Corporation. Oracle Corporation does not provide any warranties covering and specifically disclaims any liability in connection with this document.
Oracle is a registered trademark of Oracle Corporation.
All other company and product names mentioned are used for identification purposes only and may be trademarks of their respective owners.