Early identity:
SSO, on boarding, provisioning to various applications
Today: Strong Authentication, Federation, encrypted laptops
What we need?
Externalized authorizations policies
Abstraction of deployment details from the application
integration of security with IDE's
Roles, context, trust
Hot pluggable functions....cross platform
All of these mean Service Oriented Security
Authentication Service
Oracle Access Manager (Web SSO) for Java and .NET
Oracle Adaptive Access Manager (Risk based access manager)
compares current behavior to behavioral baseline to assess risk
Authorizations Service
Oracle Role Manager
Oracle Entitlements Server
Oracle entitlements sit in the same namespace as the application, its not centralized, its localized so it doesnt go over the network (this sounds DAMN SEXY...i want details!!)
Identity, Profile Service
Oracle Identity Manager – manages identity lifecycle
Oracle Virtual Directory – replaces main directory in real time
the benefit of SOA Approach is that we can replace it as we see fit
lots of the standards for all of this are in flux and oracle is leading development of them
XACML is an XML representative of policy on disk
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment