Introduction
Oracle Entitlements Server is a fine grained authorization engine that
externalizes, unifies, and simplifies the management of complex
entitlement policies—strengthening security and compliance, improving IT
efficiency, and enhancing business agility. These authorizations may
be used to protect the most fine grained business or IT concept. For
example, Oracle Entitlements Server policies can describe how users
interact with entire application interfaces or even single form fields.
Oracle Entitlements Server protects user interfaces, business logic,
and even databases. Oracle Entitlements Server is a component of
Oracle Fusion Middleware, a well-integrated family of customer-proven
software products designed to shine in the most demanding customer
environments.
Oracle Entitlements Server provides a centralized
administration point for complex entitlement policies across a diverse
range of business and IT systems. Oracle Entitlements Server offers
a sophisticated delegated administration model that allows multiple
organizations and application stakeholders to create, modify and report on
the entitlement policies that affect them. This management can be
done by security policy specialists and do not require intervention by a
development organization. Oracle Entitlements Server integrates with
existing Oracle Identity and Access Management produces (such as Oracle
Access Manager, Oracle Adaptive Access Manager) to provide a complete end
to end access management solution covering a wide span of entitlement use
cases.
| Key Features
|
Benefits
|
| Web based
fine grained entitlements for applications |
Reduce
administrative overhead and speeds application deployment time by
empowering line of business users to define, administer and enforce
application entitlements policy |
| Interoperability
through open standards |
Supports
XACML 2.0 request response profile and XACML policy export for
interoperability. Supports SAML for identity
federation. |
| Design and
runtime analysis |
Strengthen governance and
compliance adherence with design time and runtime
analysis |
| Intelligent policy
distribution |
Ensures that Security Modules
are given only the policies they need and keeps Security Modules
synchronized with latest policy updates.. |
| Flexible Administration |
Adapts to multiple
administrative scenarios involving any number of participants across
multiple organizations and lines of business. |
| Built for
Integration |
Entitlements Server
administrative features are fully accessible via web based or
programmatic means. |
Policy Administration
The administration features of Oracle
Entitlements Server include:
- Support for massive policy stores with thousands of resources and
policies
- Partitioning features for large numbers of organizations and
applications
- Fully delegated administration with flexible role mapping of users
- Web-based interface that runs on popular J2EE containers
- Fully programmable administrative interface for custom
administrative needs
- Administration model that is protected by OES itself
Policy Distribution
Oracle Entitlements Server handle the task of
publishing policies to the individual Security Modules protecting
applications and services. This distribution provides a
transactional mechanism to ensure each Security Module has just the policy
it needs. Features of the policy distribution include:
- Ability to update policies in Security Module without interrupting
applications.
- Intelligent push technology that only pushes the policies needed by
a Security Module.
- Sophisticated protocol which handles interrupted distribution
scenarios.
- Simple architectural requirements for policy distribution without
foresaking security and integrity of policies in-flight
- Security Modules operate in a 'disconnected' mode with no
runtime dependency on Entitlements Server.
Support for Multiple Platforms
Oracle Entitlements Server runs on many popular
J2EE containers such as WebLogic Server, Tomcat and WebSphere.
Policy repositories can be stored in Oracle Database, Sybase,
SQL Server and DB2.
Policy Reporting
Oracle Entitlements Server provides ad-hoc query
facility to help policy administrators understand how users and roles map
to permissions and entitlements. Policy reports can be generated for
specific application resources (e.g. reports, database columns, EJBs),
identies (users, groups, roles) and even permissions. Reports are
available as simple text files for consumption by downstream BI or
reporting tools.
Bottom Line
Oracle Entitlements Server is the only
enterprise-class entitlements solution that provides rich fine-grained
entitlements and centralized security administration for both application
software components and application business objects. Oracle
Entitlements Server strengthens security and compliance, increases IT
efficiency and enhances business agility by decoupling security logic from
applications, providing consistent policy administration, and enforcing
auditability across applications across the enterprise.
Top
of Page | 
Bookmark
