OTN Logo

Oracle Identity Analytics


Introduction

Oracle Identity Analytics (formerly Sun Role Manager) provides enterprises with the ability to engineer and manage roles and automate critical identity-based controls.  The key features are the following:

Identity Warehouse

Identity Warehouse is the central repository that contains identity, access and audit data, optimized for complex analytical queries and simulations. This data is imported from one or more databases within your organization on a scheduled basis. The Oracle Identity Analytics import engine supports complex entitlement feeds saved as either text files or XML. A glossary entry, defined as a business friendly term for typically cryptic IT entitlements, can also be captured during the import process enabling business users to view and analyze user’s access rights in a business-friendly way. Oracle Identity Analytics provides strong and robust integration capabilities with the provisioning products including Oracle Identity Manager and Oracle Waveset (formerly Sun Identity Manager). The integration focuses on synchronization of common identity data with well-defined authoritative ownership of each entity.

Attestation of Access Rights

Oracle Identity Analytics reduces operational risk exposure by providing a 360-degree view of users' access – not just who has access to what, but whether access was appropriately assigned and how it is being used. Oracle Identity Analytics securely automates existing manual re-certification or attestation processes for certifying the user access rights by business managers and application owners. This significantly reduces costs associated with existing manual controls and enhances audit effectiveness, resulting in enforcement of "least privilege" across the enterprise.

Segregation of Duties

Segregation of duties (SoD) enforcement prevents users from intentionally or inadvertently breaching security policy by having a conflicting combination of roles or entitlements. SoD enforcement directly impacts an organization¹s ability to comply with explicit requirements of the Sarbanes-Oxley Act and multiple other regulatory mandates aimed at ensuring the integrity of enterprise financial operations.

Analytical Dashboards & Reports

Oracle Identity Analytics provides comprehensive dashboards and reporting capabilities based on user identity, access and audit data residing in the Identity Warehouse. Oracle Identity Analytics provides various compliance and operational dashboards for a quick review of compliance and operational status in context of roles, segregation of duty policies, audit policies and other controls. While compliance dashboards are typically used for executive level compliance monitoring, detailed out of box reports enables IT staff, business users and auditors to structurally analyze the warehouse data.. The dashboards can further be customized for business users, compliance and audit officers and other end users on need basis. While Oracle Identity Analytics provides close to 50 out of box reports, its data dictionary is published to allow customers to extend these reports and build custom reports.

Role Lifecycle Management

Roles defined across an enterprise are subject to evolve over time, and require a robust administration and audit process. Oracle Identity Analytics provides role approvals upon detection of associated entitlement updates and performs real time impact analysis for role consolidation before changes are applied in a live environment. The role change approval process combined with role versioning, role change “what if” simulations, and rollback features, provides a complete role change and lifecycle management solution. As part of its role lifecycle management features, Oracle Identity Analytics fully audits all the changes made to role definitions including role assignment rules and entitlement mapping policies.

Feature Summary

Key Features Function
Benefit
360-degree view of assigned access
  • Goes beyond “who has access to what” to reveal what was done with the access, including policy violations and potential violations
  • Provides information to make intelligent decisions concerning user access
Closed-loop remediation
  • Provides an automated, end-to-end solution for reviewing and revoking access
  • Automatically verifies remediation and sends alerts if remediation does not take place
  • Helps control cost of compliance by automating processes
  • Reduces risk of policy violations and compliance failures
Rule lifecycle management    


  • Applies role lifecycle management technology to audit and role assignment rules
  • Proactively determines impact of rule changes on access assignment processes
  • Provides API for remotely executing rule assignment and SoD rules
  • Improves audit effectiveness by capturing rules history
  • Provides information for decision making
  • Simplifies integration with systems that utilize Role Manager as authoritative source for roles
Role maintenance
  • Provides role approvals upon detection of entitlement updates
  • Performs impact analysis before changes
  • Allows for the definition of temporary roles
  • Enables simple changes in access based on changes in job responsibilities
  • Improves organizational flexibility by making it fast and easy to change access based on business needs
Role certification
  • Allows for ongoing role certification by business unit managers or role owners
  • Improves alignment between IT and business organizations
Access certification
  • Automates existing processes for certifying the access assigned to users by business managers and application owners
  • Reduces costs by automating existing manual controls
  • Enhances audit effectiveness by enforcing concept of least privilege
Policy enforcement   
  • Enables enterprise-level monitoring of access for conflicts in SoD and security policy
  • Supports inter- and intra- application policy enforcement
  • Provides complete lifecycle management of a policy violation
  • Reduces business risk associated with failed access controls
  • Enhances audit effectiveness by enforcing security policies related to SoD and least privilege
  • Reduces costs by automating existing manual processes for enforcing security policies
Compliance dashboard
  • Delivers an enterprise view of certification status
  • Provides an enterprise view of policy exceptions
  • tracks policy exceptions by type and business unit
  • Provides historical trending analysis
  • Improves compliance by providing an easily accessible view of activities
Data collection based on extract, transform, and load (ETL)   
  • Enables integration with any resourceful
  • Eliminates the need to write connectors to applications
  • Ensures ability to access entitlement data
  • Increases efficiency and cuts costs by reducing time to load data by 70%


Top of Page


Oracle Corporation
World Headquarters
500 Oracle Parkway
Redwood Shores, CA 94065

Worldwide Inquiries:
+1.650.506.7000
Fax +1.650.506.7200
http://www.oracle.com/

Copyright© Oracle Corporation 2008
All Rights Reserved

This document is provided for informational purposes only,
and the information herein is subject to change
without notice. Please report any errors herein to
Oracle Corporation. Oracle Corporation does not provide
any warranties covering and specifically disclaims any
liability in connection with this document.

Oracle is a registered trademark of Oracle Corporation.

All other company and product names mentioned are used
for identification purposes only and may be trademarks of
their respective owners.

Left Curve
Popular Downloads
Right Curve
Untitled Document