Explain Oracle Identity Management
Recently
some forces pulled me into Oracle Identity Management consulting work and it’s
a very cool area to work. Customers always have questions about Sun/Oracle
roadmap and its product mapping. I think the below contents helps you to
understand the product stack and its usage. Cheers!
Overview
This
document describes the Oracle Identity Management (Oracle IDM) suite of
products and their functional usage.
Oracle
Identity Management Suite consists of the following Product families
1 Single Sign-On and
Web Access Control
Oracle Access Manager
Oracle Identity Federation
Oracle Enterprise
Oracle Security Token Service
2 Directory Services
Oracle Unified Directory
Oracle Internet Directory
Oracle Virtual Directory
Oracle Directory Server Enterprise
Oracle Authentication Services for Operating
Systems
3 Content Access
Control
Oracle Information Rights Management
4 Strong Authentication
Extended Identity Management Ecosystem
Oracle Adaptive Access Manager
5 Identity
Administration
Oracle Identity Manager
Oracle Role Manager
6 Web Services Security
Oracle Web Services Manager
Oracle Enterprise
7 Identity and Access
Governance
Oracle Identity Analytics
8 Security Toolkits
Oracle Security Developer Tools
9 Federated Identity
Oracle Identity Federation
10 Fine Grained
Entitlements
Oracle Entitlements Server
11 Fraud Detection
Oracle Adaptive Access Manager
12 Oracle - Sun
Oracle Waveset, Oracle OpenSSO
Business use of Oracle IDM Products
1 Single Sign-On and
Web Access Control
1.1 Oracle Access Manager
Oracle Access Manager (OAM) 11g is a Java EE based
enterprise-level security application that provides single sign-on,
authentication and authorization, policy administration and auditing.
1.2 Oracle Identity Federation
A federated environment enables business
partners to achieve integration in the identity management realm, by providing
a mechanism for business partners to share identity information across their
respective security domains on the top of Single Sign On.
Oracle Identity Federation is a federation
server that enables single sign-on and authentication in a multiple domain
identity network.
It uses Federated Identity Protocols such as
Liberty ID-FF, OpenID and SAML.
1.3 Oracle Enterprise
A .NET and Visual C++ based package which can
be installed on every user Desktop to provide Single Sign On for day to day
applications like VPN, Password Wallet etc.
The Administrator creates this deployment package and distributes at
Desktop machine using File Share or through Web Server.
1.4 Oracle Security Token Service
Oracle Security Token Service (STS) brokers
trust between a Web Service Consumer (WSC) and a Web Service Provider (WSP) and
provides security token lifecycle management services to providers and
consumers.
Oracle STS augments Oracle Identity
Federation (OIF) to use federation protocols such as SAML, WS-Federation, Liberty
2 Directory Services
2.1 Oracle Unified Directory (Part of Oracle
Directory Services Plus)
Oracle Unified Directory (OUD) is the newest
member of the Oracle Directory Services Plus product family.
It can function as
LDAP Server to store data
LDAP Proxy to route requests from Client to
the LDAP Server
Replication Server Gateway between OUD and
Oracle Directory Server Enterprise
2.2 Oracle Internet Directory (Part of Oracle
Directory Services Plus)
Oracle Internet Directory (OID) is a directory
service server (LDAP v3) which uses Oracle Database to store data.
2.3 Oracle Virtual Directory
Oracle Virtual Directory (OVD) acts as a
directory gateway that processes client requests and dynamically re-routes them
to one or more existing directories regardless of format, be it LDAP, RDBMS or
others.
Oracle Virtual Directory presents a virtual
directory hierarchy, or tree, to its clients and then assigns hierarchy
branches of that tree to designated LDAP or RDBMS servers.
2.4 Oracle Directory Server Enterprise
Oracle Directory Server Enterprise Edition
(ODSEE), formerly Sun Directory Server Enterprise Edition is an Enterprise LDAP
Server which provides core directory service with Embedded Database, Directory
Proxy and Synchronization with Active Directory.
2.5 Oracle Authentication Services for Operating
Systems
Oracle Authentication Services for Operating
Systems (OAS4OS) enables enterprises to centralize management for UNIX and
Linux authentication, user accounts, password policies, and sudo authorization
policies using Oracle Internet Directory. Based on open standards interfaces,
OAS4OS provides full automation of client configuration and user migration, and
serves as LDAP based naming service to replace NIS
3 Content Access
Control
3.1 Oracle Information Rights Management
Oracle Information Rights Management secures
and tracks sensitive digital information everywhere it is stored and used.
Oracle Information Rights Management uses
encryption to extend the management of information beyond the server side
repository - to every copy of an organization's most sensitive information,
everywhere it is stored and used - on end user desktops, laptops and in other repositories,
inside and outside the firewall.
4 Strong Authentication
4.1 Oracle Adaptive Access Manager
Oracle Adaptive Access Manager protects
companies exposing Web applications and services, and their end users from
online threats and insider fraud. It provides risk-aware authentication,
real-time behaviour profiling, and transaction and event risk analysis.
5 Identity
Administration
5.1 Oracle Identity Manager
Oracle Identity Manager is a user
provisioning and administration solution, which automates the process of
adding, updating, and deleting user accounts from applications and directories
within an enterprise.
5.2 Oracle Role Manager (Formerly Bridgestream
SmartRoles)
Oracle Role Manager is a Java EE based
product which enforces Role based Management for organizations. Using its web
interface, administrators can configure roles for applications, importing users
from diverse repositories and exporting role definition for role life cycle
management.
6 Web Services Security
6.1 Oracle Web Services Manager
Oracle Web Services Manager (OWSM) is part of
WebLogic Server Installation from 11g. It secures the Web Services by having
policies at Oracle Database.
6.2 Oracle Enterprise
Oracle Enterprise Gateway designed to
simplify and secure SOA deployments on-premise, across domain boundaries or in
the cloud. Oracle Enterprise Gateway secures, accelerates, integrates and
routes XML and other types of data with SOA and Cloud infrastructures.
7 Identity and Access
Governance
7.1 Oracle Identity Analytics (Formerly Sun Role
Manager)
Oracle Identity Analytics provides
enterprises with the ability to define and manage roles and automate critical
identity-based controls.
8 Federated Identity
8.1 Oracle Identity Federation
Oracle Identity Federation is a standalone,
self-contained federation server that enables single sign-on and authentication
in a multiple-domain identity network. Oracle Identity Federation supports
multiple federated identity protocols including the Liberty ID-FF, OpenID, and
SAML protocols.
9 Fine Grained Entitlements
9.1 Oracle Entitlements Server (Formerly BEA
AquaLogic Enterprise Security)
Oracle Entitlements Server is an
authorization product that allows an organization to protect its resources by
defining and managing policies that control access to, and usage of, these
resources. The policy can enforce controls on all types of resources including
software components (URLs, Java Server Pages, Enterprise JavaBeans, methods,
servlets and the like used to construct an application) and business objects
(representations of user accounts, personal profiles and contracts such as bank
accounts in a banking application, patient records in a health care
application, or anything used to define a business relationship).
Oracle Entitlements Server supports the
creation of role policies and access control policies. Role policies are used
to define constraints regarding which users are assigned roles. Access control
policies define access to the software components and business objects.
Contents
of the downloadable IDM packages
Oracle Identity Management (11.1.1.6.0)
Includes
HTTP Server
Oracle Internet
Directory
Directory Integration
Platform
Virtual Directory
Directory Services
Manager
Identity Federation
Security Developer
Tools
Enterprise Manager
Fusion Middleware Control
Required Additional
Software
WebLogic Server
Repository Creation
Utility
Patch Scripts
Oracle Database
Oracle Identity and Access Management (11.1.1.5.0)
Includes
Access Manager
Adaptive Access Manager
Identity Manager
Identity Navigator
Oracle Security Token Service
Oracle Entitlements Server
Required Additional Software
WebLogic Server
Repository Creation Utility
Patch Scripts
Oracle Database
BI Publisher
SOA Suite (for Oracle Identity Manager)
Oracle
Access Manager WebGates (11.1.1.5.0)
Includes
Oracle HTTP Server 11g WebGates
Required Additional Software
Oracle Access Manager (11.1.1.5.0)
Oracle HTTP Server 11gR1
this is a really nice blog dear i really like it and hope more from you in future from you and suggest you that keep up it dear very useful for us.Oracle Security
ReplyDeleteHi! I am a digital marketer. The previous seo guy working for my client left a spammy comment at your blog with the username Rosemarie rana which links to my client's site.
DeleteSuch comments are or might cause serious damage to my client's site with respect to SEO which is why I am request you here by to remove it asap.
If you don't remove it by 11:59 pm, Pacific Standard Time, 3rd January 2014, we will have use Google's Disavow Tool to get back-link removed and, sorry to say this, but Google may not look too nicely upon you either for not having removed the comment. Thanks in advance for your cooperation.