2. Leverage Authorization
to Monetize Content and
Media Subscriptions
Roger Wigenstam
Sr. Director, Product Management
Oracle Identity & Access Management
10. Oracle Entitlements Server
Data Security
Query “My” Employees
Query Employees
OES PDP
ID
123
129
143
Name
Salary
Phone
John Smith $125K 123-456-7890
Bob Black ******** 123-111-2222
Sam Fisher $100K 123-333-4444
123 John Smith $125K 123-456-7890
129 Bob Black $110K 123-111-2222
143 Sam Fisher $100K 123-333-4444
select EMP_ID, NAME, SALARY, PHONE
from
HCM_EMPLOYEES
where MANAGER_ID = :CURRENT_USER
Actions
Promote
Transfer
Transfer
Promote
Transfer
Application level enforcement for Oracle & 3rd party RDBMS
• OES returns an “Obligation” with the security filter (SQL where clause)
isAuthorized(user
=
•authzResult = Permit security Bob Smith,
Object, Row, and Attribute level
userRole = Product Director
Oracle Entitlements Server
•Obligations = Operations
CRUD & Business
resource = Employees Table
[ SECURITY_FILTER | “MANAGER_ID = :CURRENT_USER”]
• High performance & scalability
action
= View)
Oracle Adaptive Access ManagerDevice Fingerprinting and Registration DatabaseRisk-Based Authentication that Factors Mobile ContextOracle Enterprise GatewayEnables Mobile Application REST API’s and protects API’s, webservices, and SOA infrastructure from external threats and invalid / suspicious requestsExtends Access Management with authentication, authorization, audit to REST API’s, web servicesOracle Entitlement ServerMake AuthorizationDecisions and Redact Data based on User,Mobile, or any other ContextExternalize AuthorizationPolicies from Application CodeOracle Access Management : Mobile & SocialMobile Identity and Access GatewayAuthentication, Registration, and User Profile Services for MobileOracle Web Services ManagerLast mile security for an organizations backend web services and SOA infrastructure Embedded agentsNative Mobile Security SDKNative Login Screens / Secure Credential StorageEasy Integration w/ SSO and Web Services SecurityNative Mobile Security AppsLogin App for Native and Web Apps Providing Device ContextNative White Pages App Integrated w/ User Profile Services
Extending access to modern mobile devicesConsistent enforcement of access policiesVisibility to real time API access and analyticsAudit Visibility into historic data for audit purposes Heterogeneous
With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.