Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity and Access Management in a highly secured Federated Environment Xavier Verhaeghe Vice President Oracle Security Solutions Oracle West Europe.

Similar presentations


Presentation on theme: "Identity and Access Management in a highly secured Federated Environment Xavier Verhaeghe Vice President Oracle Security Solutions Oracle West Europe."— Presentation transcript:

1 Identity and Access Management in a highly secured Federated Environment Xavier Verhaeghe Vice President Oracle Security Solutions Oracle West Europe

2 2

3 Identity Management Market Leader User Provisioning, H2 2008Web Access Management, H “Oracle assumes the No. 1 position” - Earl Perkins, Perry Carpenter, Aug (Research G ) “Oracle is currently the IdM vendor to beat” - Burton VantagePoint 2008: Identity and Privacy Trends “Oracle has established itself as Leader.” - The Forrester Wave: Identity And Access Management, Q1'08

4 Oracle Confidential Some Oracle Security Customers Financial Services Manufacturing & Technology Public Sector Transportation & Services Telecommunication Retail ORACLE HAS A LOT OF CUSTOMERS, IN DIFFERENT SECTORS, INCLUDING IN MILITARY, DEFENSE, INTELLIGENCE UNITS, POLICE,...

5 5

6 Completely unique, or not COMMON NEEDSCOMMON NEEDS Continuous threatsContinuous threats Fragmented solution patchworkFragmented solution patchwork Manual tasks / orphaned accounts / complianceManual tasks / orphaned accounts / compliance Pressure to reduce costsPressure to reduce costs Not part of a full strategic information security platformNot part of a full strategic information security platform External (trusted?) collaborationExternal (trusted?) collaboration Changing needs/architectureChanging needs/architecture User productivityUser productivity Management capabilitiesManagement capabilities SPECIFIC NEEDS Level of attacks Impact when information is compromised Segregation of duties/compliance Balance of internal security with alliance security Fraud prevention vs. Fraud detection

7 7 7 Security as a service model Open standards based Need for a comprehensive strategic platform Scalability Sustainable – management capabilities Common need for a step back

8 Oracle Confidential 8 Databases Applications Content Oracle Security Inside Out Infrastructure Information Databases Applications Content Infrastructure Information Databases Applications Content Infrastructure Information Databases Applications Content Infrastructure Information

9 Comprehensive Identity Services Platform Enterprise Identity Providers protected by IGF-style policy controls and Virtualization Identity Assurance Identity Administration Identity Authorization Identity Hub Federated Authentication & User-Centric Identity that spans the enterprise environment and cloud environment Strong User and Access Lifecycle Management (Provisioning/De-Provisioning Capabilities) A Claims-Based Authorization model, coupled with strong XACML-based Entitlement Management A standardized Audit Framework for creating, managing and analyzing audit trails across cloud services Identity Audit Interfaces Identity Services Platform DB SECURITY

10 Oracle Access Management Comprehensive security for applications, data, documents and web services End-to-end authentication, single sign-on, and fine grained application protection Innovative anomaly detection, transaction security, and multi-factor authentication Extensive 3 rd party integrations 10 Copyright © 2009, Oracle. All rights reserved

11 11 Windows CardSpace WS-Fed SAML 1.x/2.0 Liberty ID-FF Applications Portals IdM Infrastructures Identity Stores Certificate Stores Policy Stores Authn/SSO Partners/Affiliates Seamless Single Sign-On Universal Federation Framework Enterprise-class Manageability Oracle Identity Federation 11g

12 Hot-Pluggable & Open Standards INNOVATION : CONTRIBUTION:IMPLEMENTATION BUT CUSTOMER DRIVEN Contribute and lead SSTC (SAML Working Group) - Co-Chair Liberty Alliance - President, Board Member WSS, WS-SX (Web Services Sec), Author SPML - Author XACML – Voting member Implement Accelerate product development Simplify product integration & minimize TCO Innovate Identity Governance Framework: CARML, AAPML Standards for end-to-end security

13 13

14 Fraud Prevention Strengthened authentication Real-time anomaly detection Preventative actions Reporting and forensics 14 Copyright © 2009, Oracle. All rights reserved Fraud Prevention Secure Login Challenge or Block Model Risk Evaluate transactions Analysis and Forensics Detect Anomalies

15 18/04/ :55 15 Adaptive Risk Manager Key Capabilities Real time monitoring of web traffic, builds profiles of normal transaction activity Evaluates activities and context information against rules engine Prompts for additional challenge questions or secondary authentication (OTP, etc.) Blocks access or notifies administrators of potential fraudulent activity Offline forensics analysis of audit data

16 18/04/ :55 16 Adaptive Strong Authenticator Key Capabilities Mutual authentication via personalized images Virtual Authenticator devices protect passwords, PINs, and challenge questions against key loggers, man-in-the-middle attacks, OCR programs Control & randomize placement of authenticators in the browser

17 18/04/ :55 17 Virtual Authenticator Interfaces Time Stamp Personalized Phrase Personalized Image

18 18

19 Oracle Identity Management Platform Audit & Compliance Manageability Access ManagementIdentity AdministrationDirectory Services Access Manager Adaptive Access Manager Enterprise Single Sign-On Identity Federation Entitlements Server Identity Manager Role Manager Internet Directory Virtual Directory Identity Management SuiteEnterprise Manager IdM Pack

20 20 QUESTIONS

21


Download ppt "Identity and Access Management in a highly secured Federated Environment Xavier Verhaeghe Vice President Oracle Security Solutions Oracle West Europe."

Similar presentations


Ads by Google