19.03.12

1

<Insert Picture Here>

Oracle Identity und Access Management Solution Overview

Suvad Sahovic suvad.sahovic@oracle.com

© 2011 Oracle Corporation – Proprietary and Confidential

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remain at the sole discretion of Oracle.

Oracle Fusion Middleware

3 Copyright © 2010, Oracle. All rights reserved

19.03.12

2

Oracle Identity Management Stack Complete, Innovative and Integrated

•  Password Management

•  Self-Service Request & Approval

•  Roles based User Provisioning

•  Analytics, Policy Monitoring

•  Risk-based Access Certification

•  Privileged Account Management

•  Single Sign-On & Federation

•  Web Services Security

•  Authentication & Fraud Prevention

•  Authorization & Entitlements

•  Access from Mobile Devices

•  LDAP Storage

•  Virtualized Identity Access

•  LDAP Synchronization

•  Next Generation (Java) Directory

Platform Security Services Identity Services for Developers

Identity Governance Access Management Directory Services

Oracle Identity Management Oracle + Sun Combination

Oracle Platform Security Services

Access Management* Identity Administration Directory Services

Access Manager Adaptive Access Manager Enterprise Single Sign-On

Identity Federation Entitlements Server

Identity Manager Directory Server EE

Unified Directory Internet Directory Virtual Directory

Identity Analytics

Management Pack For Identity Management

Operational Manageability

Identity & Access Governance

*Access Management includes Oracle OpenSSO STS and Oracle OpenSSO Fedlet

5 Copyright © 2010, Oracle. All rights reserved

© 2011 Oracle Corporation – Proprietary and Confidential

Oracle Identity Manager

19.03.12

3

Oracle Identity Lifecycle

1. Hire Process

10. Leave Process

9. Reporting

8. Attestation Recertification

7. Delegated Administration

2. First User Login Self Registration

3. Manager Self Service

4. User Self Service

5. Forgotten Password Reset

6. Change of HR Data

Oracle Identity Manager

Policy based Provisioning

New Employee/Student

HIS

Provisioned Applications

Revoked Applications

Reconciliation Engine

Identity Store

Access Policy Workflow Connector Role

Student Approval Self Service

Automated De-Provisioning

Identity Store

Reconciliation Engine

Terminated Employee/Student

HIS

Oracle Identity Manager

Revoked Applications

Connector Provisioning Workflow

Manual Task Revoked Device

19.03.12

4

10

Oracle Identity Manager 11g Architecture

Oracle WebLogic Server and Oracle Standard Install/Upgrade

Resource Access Administration

Provisioning Reconciliation Connector Framework

User, Role, Org Admin

Delegated Admin

Request Management/Approval WF

Shared Services for Identity (SSI)

Oracle Fusion Middleware Services

SOA Suite OES OVD JRF (ADF/MDS/OPSS)

BI Publisher Enterprise

Manager

Domain Template Management OPatch Patching Oracle Upgrade

Assistant

ID Store Operational DB Audit DB

OUI Install and Post Install Config

Data Tier

Scheduler

Administrative & User Console

JDeveloper Connectors SPML WS &

Java API

Oracle Identity Manager Connectors

Database Servers

Directory Servers

Enterprise Applications

Enterprise Messaging

Operating Systems Security Management

Help Desk Web Access Control

RACF ACF2 TopSecret

Connector Integration

Adapter Factory Visual Integration Development Environment

GUI Driven Java Code Generator

Identity Connector Framework Common Codebase with Oracle/Sun Waveset

Out-of-The-Box App Specific Connectors

e.g. eBusiness, SAP, AD, Notes, RACF

Out-of-The-Box Generic Techology

e.g. WS-SPML, Flat Files, DB

19.03.12

5

University Scenario

Identity Store

Oracle Identity Manager

Connector

New Employee

HIS SVA

New Student

HIS SOS

HIS QIS

Bibliothek

eMail

LDAP/JDBC

LDAP

JDBC/CSV

HIS INONE

LDAP

JDBC/CSV

JDBC/CSV

Reporting - OOTB

Reporting - advanced

19.03.12

6

© 2011 Oracle Corporation – Proprietary and Confidential

Oracle Access Manager

Oracle Access Management

•  Comprehensive security for applications, data, documents and web services

•  End-to-end authentication, single sign-on, and fine grained application protection

•  Innovative anomaly detection, transaction security, and multi-factor authentication

•  Extensive 3rd party integrations

Oracle Access Management Suite Plus Entitlements Server Adaptive Access Manager

Access Manager

•  Entitlements Management

•  Fine Grained Authorization

•  Web Access Control •  Single Sign-On

•  Risk-based Authentication

•  Real-time Fraud Prevention

Identity Federation

•  Partner SSO & Identity Federation

•  Fedlet SP integration

OpenSSO STS

•  Security Token Management

•  Identity Propagation

19.03.12

7

Oracle Access Manager Product Architecture

Identity Repository

Access Server

Webgate

Accessgate

ASDK

Policy & Config

Oracle Access Manager

Gartner MQ User Provisioning H2 2011

Gartner Marketscope Web Access Mgmt. H2 2011

Gartner Magic Quadrant for Identity and Access Governance H2 2011

Gartner Marketscope ESSO H2 2011

Identity Management Market

21 Oracle Confidential, Not for Redistribution

Identity Administration Customers

19.03.12

8

Questions

© 2011 Oracle Corporation – Proprietary and Confidential