As presented by Kamal Tbeileh at OTN Architect Day, Redwood Shores, CA, 7/22/09.
Find an OTN Architect Day event near you: http://www.oracle.com/technology/architect/archday.html
Interact with Architect Day presenters and participants on Oracle Mix: https://mix.oracle.com/groups/15511
3. Agenda
• Business Challenges
• IT Challenges
• Defense in-depth architecture
• Q&A
4. Changing Business Climate
Challenges Our Customers Face…
"In a time of accelerating turbulence, the
valuation of a company will be strongly
affected by how it executes change."
5. Today’s IT Challenges
More Compliant Business
• Increasing regulatory demands
• Increasing privacy concerns
• Business viability concerns
More Agile Business More Secured Business
• More access to employees, customers & partners • Identity theft
• Higher level of B2B integrations • Intellectual property theft
• Faster reaction to changing requirements • Insider threats
6. Today’s “New Normal”
Users, Systems, Globalization and Compliance Forced Complexity
Service Level Compliance & IT Records Anti-Money
Anti-
Compliance Ethics Programs Governance Retention Laundering
Financial Supply Chain
Audit Legal Data Privacy
Reporting Traceability
Management Discovery
Compliance
Users
Finance Suppliers R&D Mfg Sales HR Legal Customers
Systems
Enterprise Data Database Mainframes Mobile Devices Apps
Applications Warehouse Server
Globalization
Mandates SOX
SOX JSOX
JSOX
EU
EU
Directives
Directives
FDA
FDA Basel II
Basel II HIPAA
HIPAA GLBA
GLBA
Patriot
Patriot
Act
Act
SB1386
SB1386 PCI…
PCI…
14. Oracle Database Security Components
Enterprise Applications
Business Custom Helpdesk Email Portals
Apps Apps
Database Operational Business
DBA Application
Protect Data Vault
Protect Data from
in Motion with
View and Alteration Select SALARY
X
Network from users;
as well as Insider
Encryption using
Threat using
Alter system.
X
Advanced Security Alter table..
Database Vault
5
Consolidate Audit Option * Example roles and privs
Data &
Show Reports Operational
using Audit Vault Alter table ….
DBA
Select SALARY from USERS;
Protect User and Sensitive Data
LNAME SSN SALARY
at Rest by Encrypting Database 123-45-6789
KING $125,000
Columns using 987-65-4321
SCOTT $229,500 Securely Backup Data To
Advanced Security Option 345-67-8912
SMITH $ 53,700
Tape with Secure Backup
LNAME CREDIT_CARD EXP_DATE
KING 1234-5678-9123 04-2010
SCOTT 2345-6789-4321 09-2012
SMITH 9876-5432-1987 01-2011
15. FMW Security as a Service
Oracle 3rd Party Custom Legacy Applications
Fusion ISF Aware Developed
Applications Applications ISF Aware Business Functions
& Middleware Applications Authentication
User
Authorization
Business Business Business Management
Federation
Functions Functions Functions
Legacy Integration Interface
Connectors, Agents
Oracle IAM Suite with Identity Services Framework
Service Interfaces
WS-*, SPML, SAML, XACML, CARML
Identity Services
Authentication Provisioning Identity Provider Audit
Authorization Administration Role Provider Federation & Trust
Enterprise Identity Management Infrastructure
Policy & Orchestration Virtualization & User Store
16. Oracle Enterprise Security Summary
Application Security Governance
Risk
Compliance
Policy &
Identity And Access Management Process
User Management Directory Management Management
Access Management Platform Security Identity Audit Enterprise
Control
Data Security
Compliance
Multi-level Access Control Encryption Analysis &
Information Rights DBA Security Monitoring & Alert Reporting
Operating System Security Audit
Automation
Authentication Service User Management