• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
OOW13:Leveraging the Cloud to Simplify Your Identity Management Implementation (CON8836)
 

OOW13:Leveraging the Cloud to Simplify Your Identity Management Implementation (CON8836)

on

  • 578 views

Applications moved into a managed cloud environment need Identity and Access Management services to ensure user accounts, passwords and roles are all managed properly for the purposes of Security and ...

Applications moved into a managed cloud environment need Identity and Access Management services to ensure user accounts, passwords and roles are all managed properly for the purposes of Security and Audit. In this session, we’ll discuss the key considerations for a Hosted Private Cloud deployment of Oracle applications integrated with Oracle Identity Management Suite to provide self-service account provisioning and federated Single Sign-on (SSO) for an organization’s internal and external users. You will also hear from a customer on how their key business requirements were addressed with Managed Identity Services from Oracle running at Oracle.

Statistics

Views

Total Views
578
Views on SlideShare
577
Embed Views
1

Actions

Likes
0
Downloads
9
Comments
0

1 Embed 1

http://10.60.10.50 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Today I’d like to start off by explaining a bit about Oracle’s Cloud Solutions and show you how Oracle Managed Cloud Services fits into Oracle’s broader cloud offerings and its key differentiators.Then I will get into the details of today’s session: Managed Cloud Services for Identity and Access ManagementI will be going over the solution that Oracle Managed Cloud Services has implemented to meet the Identity and Access management challenges of INC Research and also give you a peek into our new service offering, MIDaaS.
  • Oracle Cloud Solutions encompasses all types of cloud offerings giving you multiple deployment models to choose from. From the Oracle Cloud (public cloud) , to building your own private cloud as well as having Oracle manage a Private Cloud for you. There are different ways to consume software and technology with cloud computing. There are Public Clouds, as in this example what Oracle calls “Oracle Cloud” where hardware and computing resources are shared amongst customers and there is no hardware to buy or software to manage – your technology is delivered as a subscription-based service from the cloud referred to asSaaS. The SaaS provider in this case, Oracle, owns & operates the technology for you.Often to extend traditional on-premisemodels, customers will build their own private clouds where they offload development and testing to a private area in the cloud or build / deploy applications from their own exclusive cloud and run / maintain that cloud deployment themselves. Meaning the customer owns and operates the technology for themselves.And then in the Managed Cloud Service, you can use a third party provider like Oracle to run, maintain, and even upgrade your applications in the cloud as managed service, reducing costs and lowering risk. Today we are going to focus on Oracle Managed Cloud Services.((Add’l speaking notes: Typically, most customers will journey to the cloud through a variety of cloud computing models while still getting value from their on-premise technology investments. Oracle has offerings in all of these deployment models giving you the choice has to how you want to journey to the cloud.))
  • Today I’d like to start off by explaining a bit about Oracle’s Cloud Solutions and show you how Oracle Managed Cloud Services fits into Oracle’s broader cloud offerings and its key differentiators.Then I will get into the details of today’s session: Managed Cloud Services for Identity and Access ManagementI will be going over the solution that Oracle Managed Cloud Services has implemented to meet the Identity and Access management challenges of INC Research and also give you a peek into our new service offering, MIDaaS.
  • When we talk to customers about cloud – their 3 areas of interest are centered around getting value from the cloud, having flexibility in their cloud choices without lock-in and lastly really wanting to have confidence that the cloud provider they choose would secure and protect their data even better than they would.Oracle Managed Cloud Services has the expertise to provide complete end-to-end managed cloud services for Oracle hardware and software across the entire operations lifecycle; where Oracle provides deployment, management, monitoring, patching, security, and upgrade services for your entire stack. Oracle’s Managed Cloud Services are a critical and proven part of Oracle’s broader cloud offerings that allow businesses to transition with confidence to an enterprise-grade cloud.Because of this deep, specialized Oracle expertise within our managed cloud services, Oracle Managed Cloud Services enable organizations to extend your Oracle investments into the cloud with greater value, choice and confidence. Since we developed and support the entire “stack”, we have unparalleled access to the latest technology developments and to a pool of resources unavailable anywhere else. And can provide more value through this optimization of hardware and software. This includes access to Oracle Product Development as well as Oracle Support. Because we work with the entire stack, we are able to engineer solutions together with certified configurations.Also, we support all the new Oracle application software and have accelerated learning in all Oracle technologies – and can implement much faster than a customer would be able to achieve on their own. Oracle also provides more confidence to customers in that Oracle systems and data is secured at every layer in the stack. Oracle has world class security standards and governance policies that would be nearly impossible to emulate on your own.  
  • For well over 35 years, Oracle has been in the business of technology and data management. Oracle Managed Cloud Services has been successfully managing customers data for over 13 years. So we are very experienced in the business of data and cloud management. Oracle’s has proven expertise in managing technology, applications and systems for customers in the cloud. The stats tell the story. Unparalleled Oracle expertise ensures reliability, and scalability with 1.25 trillion business transactions a day – 41 petabytes of managed storage and growing. With global data centers supporting 27 languages.Additionally when any one talks about cloud, they want to know about security. Oracle has the most comprehensive security and compliance practices and offerings in the market today. Giving you confidence and reliability 24/7. Because of this deep, specialized Oracle expertise within our managed cloud services, Oracle Managed Cloud Services enable organizations to extend your Oracle investments into the cloud with greater value, choice and confidence.
  • Today I’d like to start off by explaining a bit about Oracle’s Cloud Solutions and show you how Oracle Managed Cloud Services fits into Oracle’s broader cloud offerings and its key differentiators.Then I will get into the details of today’s session: Managed Cloud Services for Identity and Access ManagementI will be going over the solution that Oracle Managed Cloud Services has implemented to meet the Identity and Access management challenges of INC Research and also give you a peek into our new service offering, MIDaaS.
  • INC Research need is to build an IDM solution that is an integral part of their access and identity management workflows. And it should cater the need for both externally facing customer focused systems and also for internal provisioning. With the criticality that this presents, uptime and disaster recovery are of at most important.The solution should automate the provisioning of users and offer SSO capabilities for web enabled applications and it should treat the corporate data as an asset and federate access to the connected directory servers.Last but not the least, the solution designed should exceed or meet the industry security standards with auditing and reporting capabilities to enforce the security compliance.You have heard from Nate Thompson of INC Research earlier about their company and their requirements for an Identity and Access Management solution. Over the next few slides, I will be going over the solution that Oracle Managed Cloud Services has implemented for INC Research to address their challenges in the Identity and Access Management space.
  • All the IDM components that are highlighted in RED in the diagram are deployed into their own private cloud @OracleAs the solution demands, IDM components are setup in a HA configuration with Max DR AvailabilityApplications listed on the top, Webcenter, OBIEE and PeopleSoft are hosted in their own private cloud @Oracle. Project Point is hosted @Customer.Federated Single Sign-On is implemented successfully for all the listed applications irrespective of their hosting location.And Some of these applications are internet facing and the access is secured thru the public mid-tier.The solution offers the ability to integrate with multiple Identity Providers with a Custom IDP Discovery Service.In addition to the Single Sign-On, Extensive Provisioning functionality is implemented thru a Custom User Management Portal.The portal is accessed by both Internal and external customer focused users for submittingAccount and Entitlement requests. Both the custom IDM discovery service and the User Management Portal are hosted @Oracle.This highlights the advantage of a private cloud. It gives you the flexibility to deploy a vanilla product and add customizations on the top of it.
  • Industry standard SAM2 protocol is used for federation between Service Provider(OIF) @Oracle and Identity Provider(ADFS) @IncNo passwords stored in the cloud and hence no need of any password sync between Oracle Cloud and Customer systems.And we have implemented a Common model for application authorizations thru the use of OID Groups and RolesThe implementation achieves a Seamless integration of federation with applications hosted @Oracle and also @Customer.The architecture is put together in such a way that it is Extensible for future federations setup with N number of identity providersThe key point to take way with federation is that users get convenient SSO, and no internal customer credentials are ever exposed to us.
  • There are two types of users for INC Research, internal users and customer focused external users.Internal user on-boarding is accomplished thru the Trusted Reconciliation with Active Directory.External user on-boarding is done thru self-registration capabilities offered thru the Custom User Management PortalCustom User Management Portal is an ADF application and it is integrated with OIM thru SPML interface.Enterprise roles that are pertinent to INC are populated in OIM thru a sync from PeopleSoft.Provisioning to OID is achieved thru LDAP Sync configured with rule mappings for multiple OIM organizationsProvisioning to Active Directory for external users is achieved thru Rule based Access provisioning policies.There is no password reconciliation between OIM and any of the targets.
  • Oracle Managed Cloud Services has successfully implemented the Identity and Access Management Services for multiple customers. As you see here, we have customers from various industry verticals for both Single Sign-on and Provisioning service.The implementations not only includes the integration with Oracle products but also with varioius 3rd party applications for both Single Sign-on and provisioning.
  • Up until now all the Managed Identity and Access Management Cloud Services are offered as individual services. With the experience gained and the feedback received from all the previous customer implementations, we are now going to offer two different Managed Cloud services for Identity and Access Management.One is a dial-tone service which is essentially a pre-packaged solution. The dial-tone service is primarily intended for small to medium size companies that would like to have a quick implementation of the service and don’t have a need yet for a full blown managed service.The second one is the specialized(Fully Managed) Service that will offer the flexibility to tailor the solution for a given customer’s requirement. With Fully Managed service, you will get the support of Managed Cloud Services team to architect, customize, 3rd party integration and to add any enhanced security services for your environment.
  • For your convenience , here is a list of the other Managed Cloud Services sessions that are happening at OpenWorld.
  • Tell customers to visit the FB page:https://www.facebook.com/CloudOdysseyTake a cutout picture of yourself as a member of the crewTalk to cloud product expertsWatch the designer create the movie scenes
  • With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.

OOW13:Leveraging the Cloud to Simplify Your Identity Management Implementation (CON8836) OOW13:Leveraging the Cloud to Simplify Your Identity Management Implementation (CON8836) Presentation Transcript

  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.1
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.2 Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  • Managed Cloud Services for Identity and Access Management Sashi Aluri Principal IDM Solutions Engineer
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.4 Program Agenda  Oracle’s Cloud Solutions  Oracle Managed Cloud Services  Oracle Managed Cloud Services (OMCS) for Identity & Access Management
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.5 Bring Oracle’s leading Enterprise Technology and Business Applications Software to any customer or partner, anywhere in the world, through the Internet Oracle’s Cloud Solutions: Mission
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.6 Oracle’s Cloud Solutions Multiple Deployment Models ManagedBuild Subscribe Customer owns. Oracle operates. Customer owns. Customer operates. Oracle owns. Oracle operates. Private Cloud
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.7 Program Agenda  Oracle’s Cloud Solutions  Oracle Managed Cloud Services  Oracle Managed Cloud Services (OMCS) for Identity & Access Management
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.8 MORE VALUE MORE CHOICE MORE CONFIDENCE Any Oracle Applications or Technologies Managed by Oracle in a Private Cloud Oracle Software and Hardware Optimized Together for Performance and Efficiency Customers Your Oracle Systems and Data Secured and Protected by Oracle at Every Layer Oracle Managed Cloud Services Transition to an Enterprise-Grade Cloud
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.9 Confidence: Secure and Reliable Modern, Scalable, Managed Private Cloud  13+ years running Oracle technologies  5.5 million+ satisfied end- users  20+ patented or patent pending technologies  14,000+ Oracle service experts  27 languages supported Massive Scale Secure & CompliantUnparalleled Expertise  1.25 trillion business transactions per day  5.34 billion database transactions per hour at peak  557,000 active sessions per month  World’s largest Oracle VM & Linux Grid  6,000+ Environments  41+ petabytes of managed storage  Correlate 475 million independent events per day  Monitor 2.2 billion netflows per day  Most comprehensive Security offerings in the market (ISO 27001, ISO 27002, HIPAA, ISAE 3402 / SSAE 16, NIST, DIACAP, PCI, CFR Part 11)
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.10 Program Agenda  Oracle’s Cloud Solutions  Oracle Managed Cloud Services  Oracle Managed Cloud Services (OMCS) for Identity & Access Management
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.11 Problem Statement  Enterprise provisioning solution that offers self-service capabilities.  Automated workflows with approvals for provisioning and de- provisioning of user accounts.  Common security model for authentication and authorization of users into applications irrespective of the application hosting location.  Extensible architecture that facilitates the quick on-boarding of the partners via Identity Federation.  Solution designed to exceed or meet the Industry security standards with auditing and reporting capabilities to enforce the security compliance.
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.12  Provisioning of Internal and External users with approval workflows.  Self-service capabilities with Custom User Management Portal.  Federated Single Sign-On(SSO).  Custom IDP Discovery Service  Integration with multiple applications hosted @Oracle and also @Customer Solution Highlights Solution Architecture Overall Architecture WC OBIEE PSFT PP OAM OIF OID OIM DB ADFS AD
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.13  Federated SSO using SAML2 protocol between OIF@Oracle and ADFS@Customer  Custom IDP Discovery Service to authenticate against multiple IDP’s based on user profile attributes  Application authorizations implemented thru groups in OID  Webcenter, OBIEE, PeopleSoft(HR, FIN) applications hosted @Oracle integrated for SSO.  PeopleSoft(ELM) and Project point applications hosted @Customer integrated for SSO. Solution Highlights Solution Architecture Federated Single Sign-On Architecture
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.14  Internal user on-boarding using AD Trusted Recon  External user on-boarding thru Self-Service registration using custom ADF enabled User Management Portal  Integration of UM Portal with OIM thru SPML  Propagation of Roles from PeopleSoft to OIM  LDAP Sync between OIM and OID for Users, Roles and Role memberships  Automated AD provisioning thru OIM Access Policies Solution Highlights Solution Architecture Provisioning Architecture
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.15 Oracle Managed Cloud Services Customers Single Sign-on Service Customers  Large Bank  Large Hotelier  Leader in Tax and financial Software  Global Pro-services firm  Global Engineering and Project Management firm Provisioning Service Customers  Leader in Healthcare Industry  Leading Cancer Research Organization
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.16 OMCS Delivery Models for Identity & Access Dial-tone Service(MIDaaS)  Managed IDentity as a Service  Pre-packaged Identity and Access Management Components Specialized (Fully Managed) Service  Install and configure the Identity and Access Management components as per the given customer’s requirement  Support for Customization of the components  Support for Integration with 3rd party applications
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.17 QUESTIONS AND ANSWERS
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.18 Managed Cloud Services OpenWorld Sessions TIME SESSION ID SESSION TITLE ROOM 10:45-11:45 CON8702 Managed Cloud Services Strategy: More Value. More Choice. More Confidence. 3000 MW 2:00-3:00 CON9200 Customer Success Stories with Oracle Commerce and Oracle Managed Cloud Services 3005 MW CON8705 Managed Cloud Innovation: On-Premise Private Cloud and Automation Platform 3022 MW CON8662 Building Trust: Confidence in the Cloud – Partner Session with Deloitte 2020 MW CON8724 Customer Panel: Managing Engineered Systems in the Cloud Westin Franciscan I (0/122) CON8240 Cloud Options and Strategy for JD Edwards InterContl Grd Ballrm A (0/175) 10:00-11:00 CON9152 Best Practices for Upgrading to PeopleSoft Palace Twin Peaks N (0/102) CON8692 CIO Perspective: Adopting Fusion and New Technologies in the Cloud 2002/2004 MW CON9558 Oracle Fusion Applications and the Oracle Cloud 3022 MW CON8723 Customer Perspective: Migrating to the Cloud with Oracle Managed Cloud Services 3022 MW CON9517 Customer Success: Oracle Data Relationship Management InterContl Ballrm B (0/163) 11:00-12:00 CON8836 Leveraging the Cloud to Simplify Your Identity Management Implementation 2018 MW 12:30-1:30 CON8703 Managed Cloud Services: Upgrade Factory for ERP Solutions 3022 MW 3:30-4:30 CON8661 Success Spotlight: Latin America Managed Cloud Services Customers 3022 MW MON SEP 23 WED SEP 25 THURS SEP 26 3:15-4:15 4:45 - 5:45 11:45-12:45 10:15-11:15
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.19 Calling All Heroes! Visit the Cloud Odyssey Booth Meet the Cloud Experts Moscone West 4048 https://www.facebook.com/CloudOdyssey
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.20 Join the Conversation @OracleCloudZone #Cloud www.facebook.com/OracleCloudComputing Learn more: oracle.com/ManagedCloudServices https://blogs.oracle.com/cloud
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.21 Oracle Fusion Middleware Business Innovation Platform for the Enterprise and Cloud  Complete and Integrated  Best-in-class  Open standards  On-premise and Cloud  Foundation for Oracle Fusion Applications and Oracle Cloud User Engagement Identity Management Business Process Management Content Management Business Intelligence Service Integration Data Integration Development Tools Cloud Application Foundation Enterprise Management Web Social Mobile
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.22
  • Copyright © 2013, Oracle and/or its affiliates. All rights reserved.23