1

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Leverage Authorization
to Monetize Content and
Media Subscriptions
Roger Wigenstam
Sr. Director, Product Management
Oracle...
The following is intended to outline our general product direction. It is
intended for information purposes only, and may ...
Program Agenda
 Oracle Entitlements Server : Overview
 Customer Case Studies

 Demo

4

Copyright © 2013, Oracle and/or...
Oracle Entitlements Server
Overview

5

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Oracle Entitlements Server
Oracle’s Strategic Authorization Solution
Embedded & Integrated
 In all things Oracle
– Over 5...
Oracle Entitlements Server
What is it?
Fine grained Authorization
 Standards based
 High performance
 Extreme scale
 M...
Authorization Use Cases

8

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Oracle Entitlements Server
Fine grained authorization for Web Applications & Portals
Control Access to
• Pages
• Tabs
• Po...
Oracle Entitlements Server
Data Security
Query “My” Employees

Query Employees

OES PDP
ID

123
129
143

Name

Salary

Pho...
Content Management
Attribute Based Access Control
Name

Department

World Domination Strategy.pptx

Top Secret

Strategy, ...
Oracle Entitlements Server
Mobile Authorization
Selective Data Redaction

Authorize Business Transactions

Context Aware
S...
Oracle Entitlements Server

Fine grained authorization for API’s and Web Services

Request

HTTP / REST / SOAP / OAuth
Cli...
Oracle Entitlements Server

Fine grained authorization for API’s and Web Services

HTTP / REST / SOAP / OAuth
Clients

14
...
Oracle Entitlements Server

Fine grained authorization for API’s and Web Services
• Selective Data Redaction of the respon...
Mobile & Social Access Management
Deployment Architecture
Corporate DMZ

OES PDP

OAM Agent

Web Traffic

Access Manager

...
All that is good, but leverage
Authorization to help
Monetize Subscriptions????

17

Copyright © 2013, Oracle and/or its a...
Tiered Subscriptions
To Movies, Internet / WiFI Access, Reports, Customer Data, Content of any kind

 Many organizations ...
Tiered Subscriptions (cont.)
To Movies, Internet / WiFI Access, Reports, Customer Data, Content of any kind
 Answer ?
– E...
Customer Case Studies
Swapnil Mehta, Sena Systems

20

Copyright © 2013, Oracle and/or its affiliates. All rights reserved...
Customer Case Studies
Content & Media Subscriptions

Placeholder for SENA Slides

21

Copyright © 2013, Oracle and/or its ...
Summary
 Monetize and/or make information available to new clients and

applications through simple policy changes
– Cont...
Questions

23

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Don’t miss these IDM Sessions
CON8828
CON8813
CON8836
CON 4342
CON9024
CON8902
CON8826

24

Wednesday 09/25, Moscone West,...
Oracle Fusion Middleware
Business Innovation Platform for the Enterprise and Cloud
 Complete and Integrated
Web

Social

...
26

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
27

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Upcoming SlideShare
Loading in …5
×

Con8837 leverage authorization to monetize content and media subscriptions - final

1,951 views
1,831 views

Published on

Roger Wigenstam's OOW2013 presentation

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,951
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Oracle Adaptive Access ManagerDevice Fingerprinting and Registration DatabaseRisk-Based Authentication that Factors Mobile ContextOracle Enterprise GatewayEnables Mobile Application REST API’s and protects API’s, webservices, and SOA infrastructure from external threats and invalid / suspicious requestsExtends Access Management with authentication, authorization, audit to REST API’s, web servicesOracle Entitlement ServerMake AuthorizationDecisions and Redact Data based on User,Mobile, or any other ContextExternalize AuthorizationPolicies from Application CodeOracle Access Management : Mobile & SocialMobile Identity and Access GatewayAuthentication, Registration, and User Profile Services for MobileOracle Web Services ManagerLast mile security for an organizations backend web services and SOA infrastructure Embedded agentsNative Mobile Security SDKNative Login Screens / Secure Credential StorageEasy Integration w/ SSO and Web Services SecurityNative Mobile Security AppsLogin App for Native and Web Apps Providing Device ContextNative White Pages App Integrated w/ User Profile Services
  • Extending access to modern mobile devicesConsistent enforcement of access policiesVisibility to real time API access and analyticsAudit Visibility into historic data for audit purposes Heterogeneous
  • With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.
  • Con8837 leverage authorization to monetize content and media subscriptions - final

    1. 1. 1 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    2. 2. Leverage Authorization to Monetize Content and Media Subscriptions Roger Wigenstam Sr. Director, Product Management Oracle Identity & Access Management
    3. 3. The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    4. 4. Program Agenda  Oracle Entitlements Server : Overview  Customer Case Studies  Demo 4 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    5. 5. Oracle Entitlements Server Overview 5 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    6. 6. Oracle Entitlements Server Oracle’s Strategic Authorization Solution Embedded & Integrated  In all things Oracle – Over 50 products now using – Many more in progress  With popular 3rd party platforms  Used by 1000’s of customers 6 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    7. 7. Oracle Entitlements Server What is it? Fine grained Authorization  Standards based  High performance  Extreme scale  Multi Data Center support  Many Deployment options 7 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    8. 8. Authorization Use Cases 8 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    9. 9. Oracle Entitlements Server Fine grained authorization for Web Applications & Portals Control Access to • Pages • Tabs • Portlets / Regions • Tables • Text Fields • Buttons • Tree Nodes • Graphics / Charts • Dropdowns / List Items / List of Values • What data do you get to see (documents, in tables, charts etc) • Data Masking • Operations on Data (hire, promote, approve, reject) • Backend Data & Web Service operations • Personalization / Customization • and more… 9 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    10. 10. Oracle Entitlements Server Data Security Query “My” Employees Query Employees OES PDP ID 123 129 143 Name Salary Phone John Smith $125K 123-456-7890 Bob Black ******** 123-111-2222 Sam Fisher $100K 123-333-4444 123 John Smith $125K 123-456-7890 129 Bob Black $110K 123-111-2222 143 Sam Fisher $100K 123-333-4444 select EMP_ID, NAME, SALARY, PHONE from HCM_EMPLOYEES where MANAGER_ID = :CURRENT_USER Actions Promote Transfer Transfer Promote Transfer Application level enforcement for Oracle & 3rd party RDBMS • OES returns an “Obligation” with the security filter (SQL where clause) isAuthorized(user = •authzResult = Permit security Bob Smith, Object, Row, and Attribute level userRole = Product Director Oracle Entitlements Server •Obligations = Operations CRUD & Business resource = Employees Table [ SECURITY_FILTER | “MANAGER_ID = :CURRENT_USER”] • High performance & scalability action = View)
    11. 11. Content Management Attribute Based Access Control Name Department World Domination Strategy.pptx Top Secret Strategy, Development Cost Analysis.xls Secret Accounting World Domination - Details.docx Top Secret Development Progress Report.pptx Top Secret Strategy Public Statement.pptx 11 Sensitivity Public Marketing Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    12. 12. Oracle Entitlements Server Mobile Authorization Selective Data Redaction Authorize Business Transactions Context Aware Standards Based Full Audit Trail No Code Changes Required 12 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    13. 13. Oracle Entitlements Server Fine grained authorization for API’s and Web Services Request HTTP / REST / SOAP / OAuth Clients 13 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. <SOAP:Envelope> <SOAP:Header> <User> Gary Chalmers </User> <Org> Public Schools </Org> <Role> Superintendent </Role> </SOAP:Header> <SOAP:Body> <getStudentDetail> <studentID> 999999 </studentID> </getStudentDetail> </SOAP:Body> </SOAP:Envelope> Student WebService
    14. 14. Oracle Entitlements Server Fine grained authorization for API’s and Web Services HTTP / REST / SOAP / OAuth Clients 14 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Response <SOAP:Envelope> … <SOAP:Body> Student WebService <getStudentDetailResponse> <studentID> 99999 </studentID> <name> Bart Simpson </name> <grade> F </phone> <SSN> 987-65-4321 </SSN> <DoB> 13-Feb-2005 </DoB> <address> Evergreen Terrace </address> </getStudentDetailResponse> </SOAP:Body> </SOAP:Envelope>
    15. 15. Oracle Entitlements Server Fine grained authorization for API’s and Web Services • Selective Data Redaction of the response payload • OES authz decision returns an “Obligation” with information on what to redact Oracle API Gateway HTTP / REST / SOAP / OAuth Clients 15 <SOAP:Envelope> Response … <SOAP:Body> OES PDP <getStudentDetailResponse> Student WebService <studentID> 99999 </studentID> <name> Bart Simpson </name> <grade> F </phone> <SSN> ***-***-**** </SSN> isAuthorized(user = Gary Chalmers, <DoB> **/**/**** </DoB> userOrg = Public Schools <address> Evergreen Terrace </address> userRole = Superintendent </getStudentDetailResponse> studentId = 99999 </SOAP:Body> action = getStudentDetail) Oracle Entitlements Server </SOAP:Envelope> Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    16. 16. Mobile & Social Access Management Deployment Architecture Corporate DMZ OES PDP OAM Agent Web Traffic Access Manager Corporate Network Entitlements Server Adaptive Access Web Apps OHS Directory Services OAM Agent Mobile and Social OES PDP REST Traffic OES PDP HTTP / REST / SOAP / OAuth Clients Oracle API Gateway Web Services Service Bus Manager Context Aware Authorization and Data Redaction 16 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. SOAP/REST and Legacy Web Services
    17. 17. All that is good, but leverage Authorization to help Monetize Subscriptions???? 17 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    18. 18. Tiered Subscriptions To Movies, Internet / WiFI Access, Reports, Customer Data, Content of any kind  Many organizations offer content through subscriptions – Free vs Basic vs Premium offerings  How do I expand my customer base ?  How do I make each tier more attractive and lure customers to sign up for premium offerings ?  How do I quickly capitalize on rapidly evolving events and market trends ? 18 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    19. 19. Tiered Subscriptions (cont.) To Movies, Internet / WiFI Access, Reports, Customer Data, Content of any kind  Answer ? – Expand the customer base and upsell through traditional marketing campaigns etc? – Offerings may be difficult to change, require involvement from the development team  Or perhaps ? – Make premium content temporarily available for free, or to subscribers at lower levels to get them hooked / upsell – Stay current with market trends, rapidly change offerings by simply deciding what policy changes are required to make content available to subscribers at different levels – Leveraging an externalized Authorization system can help ! 19 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    20. 20. Customer Case Studies Swapnil Mehta, Sena Systems 20 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    21. 21. Customer Case Studies Content & Media Subscriptions Placeholder for SENA Slides 21 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    22. 22. Summary  Monetize and/or make information available to new clients and applications through simple policy changes – Control exposure of sensitive data – Control what transactions users can submit  Leveraging Oracle Access Management – Oracle Entitlements Server – Oracle API Gateway – Oracle Access Manager – Oracle Mobile & Social – Oracle Adaptive Access Manager 22 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    23. 23. Questions 23 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    24. 24. Don’t miss these IDM Sessions CON8828 CON8813 CON8836 CON 4342 CON9024 CON8902 CON8826 24 Wednesday 09/25, Moscone West, Room 1:15PM 2018 Wednesday, 09/25, Moscone West, Room 3:30PM 2018 Thursday 09/26, Moscone West, Room 11:00AM 2018 Thursday 09/26, Moscone West, Room 12:30PM 2018 Thursday 09/26, Moscone West, Room 2:00PM 2018 Thursday, 09/26 Marriot Marquis – Golden 2:00PM Gate C3 Thursday, 09/26, Moscone West, Room 3:30PM 2018 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Justifying and Planning a successful Identity Management Upgrade Securing privileged accounts with an integrated identity management solution Leveraging the Cloud to simplify your Identity Management implementation Identity Services in the New GM IT Sanjay Rallapalli, Oracle Next Generation Optimized Directory - Oracle Unified Directory Developing Secure Mobile Applications Etienne Remillon, Oracle Zero Capital Investment by leveraging Identity Management as a Service Olaf Stullich, Oracle Guru Shashikumar, Oracle GM Mark Wilcox, Oracle Mike Neuenschwander, Oracle
    25. 25. Oracle Fusion Middleware Business Innovation Platform for the Enterprise and Cloud  Complete and Integrated Web Social Mobile  Best-in-class User Engagement Business Process Management  Open standards Content Management Service Integration Business Intelligence Data Integration Identity Management Development Tools 25 Cloud Application Foundation Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Enterprise Management  On-premise and Cloud  Foundation for Oracle Fusion Applications and Oracle Cloud
    26. 26. 26 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
    27. 27. 27 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.

    ×