SlideShare a Scribd company logo
1 of 18
Download to read offline
Enterprise Security Architecture: From Access to Audit
<Insert Picture Here>




Enterprise Security Architecture:
From access to audit
Kamal Tbeileh
Database Security Architecture
Agenda

•   Business Challenges
•   IT Challenges
•   Defense in-depth architecture
•   Q&A
Changing Business Climate
Challenges Our Customers Face…




                "In a time of accelerating turbulence, the
                   valuation of a company will be strongly
                     affected by how it executes change."
Today’s IT Challenges




                       More Compliant Business
                       • Increasing regulatory demands
                       • Increasing privacy concerns
                       • Business viability concerns




More Agile Business                                More Secured Business
• More access to employees, customers & partners • Identity theft
• Higher level of B2B integrations               • Intellectual property theft
• Faster reaction to changing requirements       • Insider threats
Today’s “New Normal”
  Users, Systems, Globalization and Compliance Forced Complexity

           Service Level      Compliance &               IT                Records            Anti-Money
                                                                                              Anti-
            Compliance       Ethics Programs         Governance           Retention           Laundering


                 Financial                              Supply Chain
                                         Audit                                   Legal           Data Privacy
                 Reporting                              Traceability
                                       Management                              Discovery
                Compliance




Users
                             Finance    Suppliers     R&D     Mfg          Sales      HR        Legal      Customers



Systems
                               Enterprise    Data        Database       Mainframes     Mobile Devices       Apps
                              Applications Warehouse                                                        Server


Globalization




Mandates             SOX
                     SOX      JSOX
                              JSOX
                                           EU
                                            EU
                                        Directives
                                        Directives
                                                      FDA
                                                      FDA    Basel II
                                                             Basel II       HIPAA
                                                                            HIPAA      GLBA
                                                                                       GLBA
                                                                                                 Patriot
                                                                                                 Patriot
                                                                                                  Act
                                                                                                   Act
                                                                                                               SB1386
                                                                                                               SB1386   PCI…
                                                                                                                        PCI…
Security for Apps, Middleware, Data and Infrastructure
   Comprehensive ‘Defense in Depth’ Approach


       Applications                                            Automated Controls




                             Monitoring and Configuration
                             Monitoring and Configuration




                                                                                           Enterprise Visibility
                                                                                           Enterprise Visibility
                                                            Access to Business Services


                                                            Lower Cost of User Lifecycle
Middleware




                                                            Data Protection and Privacy
Database and
Infrastructure                                                  Unbreakable Linux


                 Copyright © 2008, Oracle and/or its affiliates. All rights reserved.                              7
Enterprise Security Reference Architecture
Oracle Security Components
                             Applications
              E-Business Suite, PeopleSoft, Siebel, Hyperion, JDE
                             SAP, Custom, Legacy




              Access            Identity Web Service




                                                                    Enterprise Manager
  Identity    Manager          Federation Manager
     and
   Access                 Identity Manager
 Management              Directory Services


              Database Vault                Audit Vault
    Data        Advanced
                                          Label Security
   Security   Security Option

               Information Rights Management
A Typical Environment…




Data
Tier




                                         Presentation
                                             Tier




                              Logic
                            (Business)
                               Tier
Solution: Centralize and Simplify Access




                        SSO
                            E   na
                                  b le
                                         dA
                                              pp
                                                lic
                                                    a   tio
                                                           n   s
Solution: Simplify Access to Multiple Datastores…
Solution: Simplify Employee to Business Partner Login




                           SSO
                               +   Fe
                                     de
                                       rat
                                          i   on
                                                -En
                                                      ab
                                                         le   dA
                                                                   pp
                                                                     s
Oracle Database Security Components
                                          Enterprise Applications




                               Business     Custom   Helpdesk    Email      Portals
                                Apps         Apps


                                                                                            Database           Operational    Business
                                                                                                                  DBA        Application
                              Protect Data                                                  Vault
                                                                     Protect Data from
                             in Motion with
                                                                    View and Alteration     Select SALARY
                                                                                                                   X
                                Network                                                     from users;
                                                                     as well as Insider
                            Encryption using
                                                                       Threat using
                                                                                            Alter system.
                                                                                                                                 X
                           Advanced Security                                                Alter table..
                                                                      Database Vault


                                                        5
Consolidate Audit                Option                                                      * Example roles and privs
     Data &
  Show Reports                                                                                                      Operational
using Audit Vault                                                                     Alter table ….
                                                                                                                       DBA


                                                                                                    Select SALARY from USERS;




    Protect User and Sensitive Data
                                      LNAME     SSN               SALARY
    at Rest by Encrypting Database          123-45-6789
                                           KING                  $125,000
             Columns using                  987-65-4321
                                          SCOTT                  $229,500                         Securely Backup Data To
       Advanced Security Option             345-67-8912
                                          SMITH                  $ 53,700
                                                                                                  Tape with Secure Backup
                                      LNAME CREDIT_CARD          EXP_DATE
                                           KING 1234-5678-9123    04-2010
                                          SCOTT 2345-6789-4321    09-2012
                                          SMITH 9876-5432-1987    01-2011
FMW Security as a Service
   Oracle          3rd Party       Custom             Legacy Applications
   Fusion         ISF Aware      Developed
Applications     Applications    ISF Aware             Business Functions
& Middleware                    Applications                  Authentication
                                                      User
                                                              Authorization
  Business         Business        Business        Management
                                                                Federation
 Functions        Functions       Functions

                                                  Legacy Integration Interface
                                                      Connectors, Agents
             Oracle IAM Suite with Identity Services Framework
 Service Interfaces
                       WS-*, SPML, SAML, XACML, CARML
 Identity Services
   Authentication       Provisioning    Identity Provider         Audit
   Authorization       Administration     Role Provider     Federation & Trust
 Enterprise Identity Management Infrastructure
         Policy & Orchestration              Virtualization & User Store
Oracle Enterprise Security Summary

Application Security                                                  Governance
                                                                      Risk
                                                                      Compliance
                                                                       Policy &
Identity And Access Management                                         Process
 User Management          Directory Management                         Management

 Access Management        Platform Security      Identity Audit        Enterprise
                                                                       Control
Data Security
                                                                       Compliance
 Multi-level Access Control   Encryption                               Analysis &
 Information Rights           DBA Security       Monitoring & Alert    Reporting

Operating System Security                                              Audit
                                                                       Automation
 Authentication Service       User Management
For More Information


         search.oracle.com

            Security



                  or
             oracle.com
Enterprise Security Architecture: From Access to Audit

More Related Content

What's hot

Tackling big data with hadoop and open source integration
Tackling big data with hadoop and open source integrationTackling big data with hadoop and open source integration
Tackling big data with hadoop and open source integrationDataWorks Summit
 
Hadoop's Opportunity to Power Next-Generation Architectures
Hadoop's Opportunity to Power Next-Generation ArchitecturesHadoop's Opportunity to Power Next-Generation Architectures
Hadoop's Opportunity to Power Next-Generation ArchitecturesDataWorks Summit
 
Pay secure connect brochure
Pay secure connect brochurePay secure connect brochure
Pay secure connect brochurescottamc26
 
A Guide to the SOA Galaxy: Strategy, Design and Best Practices
A Guide to the SOA Galaxy: Strategy, Design and Best PracticesA Guide to the SOA Galaxy: Strategy, Design and Best Practices
A Guide to the SOA Galaxy: Strategy, Design and Best PracticesDmitri Shiryaev
 
The Changes In Service Delivery With Cloud Computing
The Changes In Service Delivery With Cloud ComputingThe Changes In Service Delivery With Cloud Computing
The Changes In Service Delivery With Cloud ComputingMartin Hingley
 
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft Private Cloud
 
Simplified Business Event Processing
Simplified Business Event ProcessingSimplified Business Event Processing
Simplified Business Event ProcessingNigel Green
 
Code objects overview sep 2012
Code objects overview   sep 2012Code objects overview   sep 2012
Code objects overview sep 2012steveramsthel
 
Identity systems
Identity systemsIdentity systems
Identity systemsJim Fenton
 
Sgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SSgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SJames Cofield
 
Xml finland-2011-sami-poikonen-ea nokia
Xml finland-2011-sami-poikonen-ea nokiaXml finland-2011-sami-poikonen-ea nokia
Xml finland-2011-sami-poikonen-ea nokiaSami Poikonen
 
Ics Isac Overview V0.1pub
Ics Isac   Overview V0.1pubIcs Isac   Overview V0.1pub
Ics Isac Overview V0.1pubbradblask
 
How a Cloud Computing Provider Reached the Holy Grail of Visibility
How a Cloud Computing Provider Reached the Holy Grail of VisibilityHow a Cloud Computing Provider Reached the Holy Grail of Visibility
How a Cloud Computing Provider Reached the Holy Grail of Visibilityeladgotfrid
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviromentsFederman Hoyos
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle BH
 
Smart Micro Credit Business Suite
Smart Micro Credit Business SuiteSmart Micro Credit Business Suite
Smart Micro Credit Business SuiteFahad Iftikhar
 
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels – “The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels – TEAM Informatics
 
03.09.10 Stn Event Intro
03.09.10 Stn Event Intro03.09.10 Stn Event Intro
03.09.10 Stn Event Intromcini
 
Audit world slides
Audit world slidesAudit world slides
Audit world slideswdsnead
 

What's hot (20)

Tackling big data with hadoop and open source integration
Tackling big data with hadoop and open source integrationTackling big data with hadoop and open source integration
Tackling big data with hadoop and open source integration
 
Hadoop's Opportunity to Power Next-Generation Architectures
Hadoop's Opportunity to Power Next-Generation ArchitecturesHadoop's Opportunity to Power Next-Generation Architectures
Hadoop's Opportunity to Power Next-Generation Architectures
 
Pay secure connect brochure
Pay secure connect brochurePay secure connect brochure
Pay secure connect brochure
 
A Guide to the SOA Galaxy: Strategy, Design and Best Practices
A Guide to the SOA Galaxy: Strategy, Design and Best PracticesA Guide to the SOA Galaxy: Strategy, Design and Best Practices
A Guide to the SOA Galaxy: Strategy, Design and Best Practices
 
The Changes In Service Delivery With Cloud Computing
The Changes In Service Delivery With Cloud ComputingThe Changes In Service Delivery With Cloud Computing
The Changes In Service Delivery With Cloud Computing
 
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
 
Simplified Business Event Processing
Simplified Business Event ProcessingSimplified Business Event Processing
Simplified Business Event Processing
 
Code objects overview sep 2012
Code objects overview   sep 2012Code objects overview   sep 2012
Code objects overview sep 2012
 
Identity systems
Identity systemsIdentity systems
Identity systems
 
Sgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SSgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 S
 
Xml finland-2011-sami-poikonen-ea nokia
Xml finland-2011-sami-poikonen-ea nokiaXml finland-2011-sami-poikonen-ea nokia
Xml finland-2011-sami-poikonen-ea nokia
 
Ics Isac Overview V0.1pub
Ics Isac   Overview V0.1pubIcs Isac   Overview V0.1pub
Ics Isac Overview V0.1pub
 
How a Cloud Computing Provider Reached the Holy Grail of Visibility
How a Cloud Computing Provider Reached the Holy Grail of VisibilityHow a Cloud Computing Provider Reached the Holy Grail of Visibility
How a Cloud Computing Provider Reached the Holy Grail of Visibility
 
The Value of 'Cloud' in the Business Technology Ecosystem
The Value of 'Cloud' in the Business Technology EcosystemThe Value of 'Cloud' in the Business Technology Ecosystem
The Value of 'Cloud' in the Business Technology Ecosystem
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviroments
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010
 
Smart Micro Credit Business Suite
Smart Micro Credit Business SuiteSmart Micro Credit Business Suite
Smart Micro Credit Business Suite
 
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels – “The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
 
03.09.10 Stn Event Intro
03.09.10 Stn Event Intro03.09.10 Stn Event Intro
03.09.10 Stn Event Intro
 
Audit world slides
Audit world slidesAudit world slides
Audit world slides
 

Similar to Enterprise Security Architecture: From Access to Audit

Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditBob Rhubart
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011IBM Sverige
 
LSI Corporate Presentation
LSI Corporate PresentationLSI Corporate Presentation
LSI Corporate PresentationJWSabatino
 
Intel Cloud Summit: Big Data
Intel Cloud Summit: Big DataIntel Cloud Summit: Big Data
Intel Cloud Summit: Big DataIntelAPAC
 
Service Oriented Application Development Sterpka
Service Oriented Application Development   SterpkaService Oriented Application Development   Sterpka
Service Oriented Application Development Sterpkabsterpka
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk OverviewSplunk
 
Lumension LCRM - DSS @Vilnius 2010
Lumension LCRM - DSS @Vilnius 2010Lumension LCRM - DSS @Vilnius 2010
Lumension LCRM - DSS @Vilnius 2010Andris Soroka
 
Security, Governance & Integration in a Cloud Connected World
Security, Governance & Integration in a Cloud Connected WorldSecurity, Governance & Integration in a Cloud Connected World
Security, Governance & Integration in a Cloud Connected WorldCA API Management
 
Unified big data architecture
Unified big data architectureUnified big data architecture
Unified big data architectureDataWorks Summit
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and CloudCA API Management
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and CloudCA API Management
 
Intel Cloud summit: Big Data by Nick Knupffer
Intel Cloud summit: Big Data by Nick KnupfferIntel Cloud summit: Big Data by Nick Knupffer
Intel Cloud summit: Big Data by Nick KnupfferIntelAPAC
 
Concepts integrationandbiztalksoa andbpm
Concepts integrationandbiztalksoa andbpm Concepts integrationandbiztalksoa andbpm
Concepts integrationandbiztalksoa andbpm Sandro Pereira
 
Distinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service ProvidersDistinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service ProvidersGartnerJessica
 
Open Group Conference Csi V5.1
Open Group Conference Csi V5.1Open Group Conference Csi V5.1
Open Group Conference Csi V5.1Enrico Boverino
 

Similar to Enterprise Security Architecture: From Access to Audit (20)

Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to audit
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
 
Securityinsideout
SecurityinsideoutSecurityinsideout
Securityinsideout
 
LSI Corporate Presentation
LSI Corporate PresentationLSI Corporate Presentation
LSI Corporate Presentation
 
Cloud Auditing
Cloud AuditingCloud Auditing
Cloud Auditing
 
Intel Cloud Summit: Big Data
Intel Cloud Summit: Big DataIntel Cloud Summit: Big Data
Intel Cloud Summit: Big Data
 
Service Oriented Application Development Sterpka
Service Oriented Application Development   SterpkaService Oriented Application Development   Sterpka
Service Oriented Application Development Sterpka
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Lumension LCRM - DSS @Vilnius 2010
Lumension LCRM - DSS @Vilnius 2010Lumension LCRM - DSS @Vilnius 2010
Lumension LCRM - DSS @Vilnius 2010
 
Security, Governance & Integration in a Cloud Connected World
Security, Governance & Integration in a Cloud Connected WorldSecurity, Governance & Integration in a Cloud Connected World
Security, Governance & Integration in a Cloud Connected World
 
Unified big data architecture
Unified big data architectureUnified big data architecture
Unified big data architecture
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and Cloud
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and Cloud
 
Intel Cloud summit: Big Data by Nick Knupffer
Intel Cloud summit: Big Data by Nick KnupfferIntel Cloud summit: Big Data by Nick Knupffer
Intel Cloud summit: Big Data by Nick Knupffer
 
Concepts integrationandbiztalksoa andbpm
Concepts integrationandbiztalksoa andbpm Concepts integrationandbiztalksoa andbpm
Concepts integrationandbiztalksoa andbpm
 
IS201 sec04 metro
IS201 sec04 metroIS201 sec04 metro
IS201 sec04 metro
 
Is201 sec04 metro present
Is201 sec04 metro presentIs201 sec04 metro present
Is201 sec04 metro present
 
IS201 sec04 metro present
IS201 sec04 metro presentIS201 sec04 metro present
IS201 sec04 metro present
 
Distinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service ProvidersDistinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service Providers
 
Open Group Conference Csi V5.1
Open Group Conference Csi V5.1Open Group Conference Csi V5.1
Open Group Conference Csi V5.1
 

More from Bob Rhubart

Business Integration for the 21st Century
Business Integration for the 21st Century Business Integration for the 21st Century
Business Integration for the 21st Century Bob Rhubart
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureBob Rhubart
 
Enterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityEnterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityBob Rhubart
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Cloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud AdoptionCloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud AdoptionBob Rhubart
 
High Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud ComputingHigh Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud ComputingBob Rhubart
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureBob Rhubart
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceBob Rhubart
 
Making IT Simple: A Pragmatic Approach to Cloud Computing
Making IT Simple: A Pragmatic Approach to Cloud ComputingMaking IT Simple: A Pragmatic Approach to Cloud Computing
Making IT Simple: A Pragmatic Approach to Cloud ComputingBob Rhubart
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureBob Rhubart
 
Oracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudOracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudBob Rhubart
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureBob Rhubart
 
21st Century SOA
21st Century SOA21st Century SOA
21st Century SOABob Rhubart
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsBob Rhubart
 
Cloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and DirectionsCloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and DirectionsBob Rhubart
 
Manage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the CloudManage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the CloudBob Rhubart
 
21st Century Service Oriented Architecture
21st Century Service Oriented Architecture21st Century Service Oriented Architecture
21st Century Service Oriented ArchitectureBob Rhubart
 
Application-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural ConsiderationsApplication-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural ConsiderationsBob Rhubart
 
Oracle Enterprise Manager
Oracle Enterprise ManagerOracle Enterprise Manager
Oracle Enterprise ManagerBob Rhubart
 
Engineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureEngineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureBob Rhubart
 

More from Bob Rhubart (20)

Business Integration for the 21st Century
Business Integration for the 21st Century Business Integration for the 21st Century
Business Integration for the 21st Century
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
 
Enterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityEnterprise Strategy for Cloud Security
Enterprise Strategy for Cloud Security
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle Coherence
 
Cloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud AdoptionCloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud Adoption
 
High Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud ComputingHigh Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud Computing
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the Future
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle Coherence
 
Making IT Simple: A Pragmatic Approach to Cloud Computing
Making IT Simple: A Pragmatic Approach to Cloud ComputingMaking IT Simple: A Pragmatic Approach to Cloud Computing
Making IT Simple: A Pragmatic Approach to Cloud Computing
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
 
Oracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudOracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the Cloud
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the Future
 
21st Century SOA
21st Century SOA21st Century SOA
21st Century SOA
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
 
Cloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and DirectionsCloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and Directions
 
Manage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the CloudManage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the Cloud
 
21st Century Service Oriented Architecture
21st Century Service Oriented Architecture21st Century Service Oriented Architecture
21st Century Service Oriented Architecture
 
Application-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural ConsiderationsApplication-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural Considerations
 
Oracle Enterprise Manager
Oracle Enterprise ManagerOracle Enterprise Manager
Oracle Enterprise Manager
 
Engineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureEngineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the Future
 

Recently uploaded

VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 

Recently uploaded (20)

VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 

Enterprise Security Architecture: From Access to Audit

  • 2. <Insert Picture Here> Enterprise Security Architecture: From access to audit Kamal Tbeileh Database Security Architecture
  • 3. Agenda • Business Challenges • IT Challenges • Defense in-depth architecture • Q&A
  • 4. Changing Business Climate Challenges Our Customers Face… "In a time of accelerating turbulence, the valuation of a company will be strongly affected by how it executes change."
  • 5. Today’s IT Challenges More Compliant Business • Increasing regulatory demands • Increasing privacy concerns • Business viability concerns More Agile Business More Secured Business • More access to employees, customers & partners • Identity theft • Higher level of B2B integrations • Intellectual property theft • Faster reaction to changing requirements • Insider threats
  • 6. Today’s “New Normal” Users, Systems, Globalization and Compliance Forced Complexity Service Level Compliance & IT Records Anti-Money Anti- Compliance Ethics Programs Governance Retention Laundering Financial Supply Chain Audit Legal Data Privacy Reporting Traceability Management Discovery Compliance Users Finance Suppliers R&D Mfg Sales HR Legal Customers Systems Enterprise Data Database Mainframes Mobile Devices Apps Applications Warehouse Server Globalization Mandates SOX SOX JSOX JSOX EU EU Directives Directives FDA FDA Basel II Basel II HIPAA HIPAA GLBA GLBA Patriot Patriot Act Act SB1386 SB1386 PCI… PCI…
  • 7. Security for Apps, Middleware, Data and Infrastructure Comprehensive ‘Defense in Depth’ Approach Applications Automated Controls Monitoring and Configuration Monitoring and Configuration Enterprise Visibility Enterprise Visibility Access to Business Services Lower Cost of User Lifecycle Middleware Data Protection and Privacy Database and Infrastructure Unbreakable Linux Copyright © 2008, Oracle and/or its affiliates. All rights reserved. 7
  • 9. Oracle Security Components Applications E-Business Suite, PeopleSoft, Siebel, Hyperion, JDE SAP, Custom, Legacy Access Identity Web Service Enterprise Manager Identity Manager Federation Manager and Access Identity Manager Management Directory Services Database Vault Audit Vault Data Advanced Label Security Security Security Option Information Rights Management
  • 10. A Typical Environment… Data Tier Presentation Tier Logic (Business) Tier
  • 11. Solution: Centralize and Simplify Access SSO E na b le dA pp lic a tio n s
  • 12. Solution: Simplify Access to Multiple Datastores…
  • 13. Solution: Simplify Employee to Business Partner Login SSO + Fe de rat i on -En ab le dA pp s
  • 14. Oracle Database Security Components Enterprise Applications Business Custom Helpdesk Email Portals Apps Apps Database Operational Business DBA Application Protect Data Vault Protect Data from in Motion with View and Alteration Select SALARY X Network from users; as well as Insider Encryption using Threat using Alter system. X Advanced Security Alter table.. Database Vault 5 Consolidate Audit Option * Example roles and privs Data & Show Reports Operational using Audit Vault Alter table …. DBA Select SALARY from USERS; Protect User and Sensitive Data LNAME SSN SALARY at Rest by Encrypting Database 123-45-6789 KING $125,000 Columns using 987-65-4321 SCOTT $229,500 Securely Backup Data To Advanced Security Option 345-67-8912 SMITH $ 53,700 Tape with Secure Backup LNAME CREDIT_CARD EXP_DATE KING 1234-5678-9123 04-2010 SCOTT 2345-6789-4321 09-2012 SMITH 9876-5432-1987 01-2011
  • 15. FMW Security as a Service Oracle 3rd Party Custom Legacy Applications Fusion ISF Aware Developed Applications Applications ISF Aware Business Functions & Middleware Applications Authentication User Authorization Business Business Business Management Federation Functions Functions Functions Legacy Integration Interface Connectors, Agents Oracle IAM Suite with Identity Services Framework Service Interfaces WS-*, SPML, SAML, XACML, CARML Identity Services Authentication Provisioning Identity Provider Audit Authorization Administration Role Provider Federation & Trust Enterprise Identity Management Infrastructure Policy & Orchestration Virtualization & User Store
  • 16. Oracle Enterprise Security Summary Application Security Governance Risk Compliance Policy & Identity And Access Management Process User Management Directory Management Management Access Management Platform Security Identity Audit Enterprise Control Data Security Compliance Multi-level Access Control Encryption Analysis & Information Rights DBA Security Monitoring & Alert Reporting Operating System Security Audit Automation Authentication Service User Management
  • 17. For More Information search.oracle.com Security or oracle.com