|
AT ORACLE: Oracle News
Expanding Identity Management
By Rich Schwerin
Oblix acquisition delivers security for heterogeneous computing environments.
Heightened security concerns, regulatory pressure, ease of use, and cost containment are some of the factors that make identity management a top concern for organizations today. And with its recent acquisition of Oblix—a leading developer of identity management software that allows Web access control, including single sign-on (SSO), identity administration, and user provisioning—Oracle has significantly bolstered its integrated security and identity management capabilities to better address these concerns across heterogeneous computing environments.
Oracle Identity Management
"Oracle defines identity management as the process by which user identities and accounts are defined and managed throughout their lifecycles," explains Michael Mesaros, Oracle director of product management. "The core concept is centralizing and automating the management of user roles, privileges, credentials, and certificates, and there's a big requirement for the ability to delegate administrative responsibility."
Oracle's Identity Management solution has six components, the central one of which is Oracle Internet Directory (OID), a Lightweight Directory Access Protocol (LDAP) v3-compliant directory service that recently passed Common Criteria Evaluations at Evaluation Assurance Level 4 (EAL4)—the highest level generally achieved by commercial software. Other components include Oracle Single Sign-On, an access-management solution that controls authorization and access to all Oracle Web applications; a directory synchronization platform that allows OID to interoperate with other ID management solutions; a provisioning framework that automatically creates user footprints in connected applications; delegated administration for self-service user administration; and Oracle Certificate Authority, a standards-based product for issuing digital certificates.
SOA and Web Services
In terms of technology, Oblix offers some unique strengths "under the hood," such as authorization management. "Oblix has a very sophisticated, well-defined mechanism for controlling authorization or controlling access to all kinds of Web resources," explains Darren Calman, Oracle director of product management. "So this mechanism isn't limited just to Web applications; it can also control access to SOA [service-oriented architecture] applications. Oblix offers highly granular means of defining responsibilities and defining access rights to these resources. That's very useful and something that our customers can take advantage of immediately."
"Customers can have security as a service, and that's a paradigm that Oracle keeps talking about—the SOA, which connects disparate, loosely coupled information sources within and across the enterprise. Specifically, you can have security internally as one of these SOA services," explains Calman. "And in terms of Web services management, Oblix centrally manages certain roles and rules that grant access to distributed applications."
Oblix and Oracle
"Going forward, you're going to see the Oblix products further integrated with the Oracle Identity Management stack," adds Mesaros. "By the fall, it will be more transparent that Oblix Access Management is running in addition to SSO, and eventually we'll have basically just one product."
Oblix technology also plays a fundamental role in "Oracle Fusion," the next-generation information-oriented architecture and application set supporting the best features, flows, and usability of Oracle, PeopleSoft, and JD Edwards products (see "Oracle News," Oracle Magazine, May/June 2005).
"Oblix is a very important component of Oracle Fusion and is going to be part of the foundation set of services that all the Oracle Fusion applications are going to rely on," explains Mesaros. "Again, it gets back to heterogeneity, which turns out to be a very important requirement—especially in the applications space."
| 
Bookmark
