The document provides an agenda for a presentation on access management for the Internet of Things. The agenda includes introducing identity for IoT, security challenges for IoT, how Oracle Access Management 11gR2 can secure access for IoT, a customer case study, and a demo. Key topics that will be covered are introducing composite identities for devices, services, and users in IoT; securing communication between people, things, and APIs; and leveraging social networks, mobile access, OAuth, and gateways to manage access and identities for IoT applications and use cases.
The document provides an agenda for an Oracle Identity Manager product discussion. It outlines focus areas for the product including self-paced training, a converged connector framework, a demonstration, user self-service features, reconciliation capabilities, notifications, and QA. Contact information is also provided for Oracle professional services and the Oracle Identity Manager community.
Con8828 justifying and planning a successful identity management upgrade finalOracleIDM
The document discusses planning for an identity management upgrade. It covers considerations for the planning process such as reviewing prerequisites, understanding the target architecture, inventorying any customizations, reviewing release notes and test plans. The presentation also discusses deployment considerations like architecture impacts and data migration needs. Key steps during the upgrade include determining an in-place or out-of-place approach and ensuring familiarity with release notes and pre-upgrade reports. A customer panel discusses experiences with identity management upgrades.
The document discusses Oracle Identity and Access Management solutions. It provides an overview of Oracle's offerings for authentication, authorization, federation, mobile security, access management, identity governance, privileged access management, and directory services. Key capabilities mentioned include single sign-on, adaptive access and fraud prevention, identity federation, role-based access control, and support for cloud, mobile, and on-premise deployments at large scale.
SANS Institute Product Review of Oracle Identity ManagerOracleIDM
The document provides an overview of a SANS Institute product review of Oracle Identity Manager. It summarizes the review of Oracle Identity Manager 11gR2, which focused on personalizing the user interface, provisioning entitlements based on use cases, creating self-service permissions and workflows, an asset request workflow involving multiple approvers, and provisioning to mobile devices. The review found that Oracle Identity Manager 11gR2 simplified complexities normally associated with identity and access management self-service tools by automating workflows, provisioning to legacy applications without new coding, and incorporating familiar features like shopping carts. It also provided customer perspectives from SuperValu on their identity management roadmap and key learning experiences.
Overview of Oracle Identity Management - Customer PresentationDelivery Centric
The document discusses Oracle Identity Management and provides an overview of its products and vision. It describes how Oracle Identity Management offers a unified approach to access management, governance, directory services, and mobile security to help organizations secure access across the extended enterprise. It highlights key customer use cases and provides a roadmap for further enhancing cloud and mobile identity capabilities and simplifying identity management.
- Oracle Identity Manager 11gR2-PS2 has a component architecture that includes a self-contained J2EE application, SOA for workflow and notifications, OES for authorization, BI for reporting, and external dependencies like LDAP and databases.
- The functional architecture has four tiers - presentation, business services, integration services, and data. Key services include identity provisioning, common services, and integration with target applications.
- Identity provisioning services within OIM handle tasks like resource management, account management, provisioning workflow, role integration, and reconciliation.
The document discusses Bring Your Own Identity (BYOI) and how organizations can leverage it to attract new customers and users. It introduces Oracle's identity and access management solution, which enables BYOI while maintaining security. The solution provides single sign-on, federated identity, mobile security and social identity capabilities. It also allows flexible trust models so higher risk transactions can require stronger authentication. Case studies of AARP and BeachBody are presented, showing how the solution addressed their needs around BYOD, cloud/SaaS applications, and empowering employees and volunteers.
Con9573 managing the oim platform with oracle enterprise manager OracleIDM
The document discusses how Qualcomm implemented Oracle Enterprise Manager 12c to manage its Oracle Identity Management platform. Some key points:
- Qualcomm needed to provide high service levels for identity and access management (IAM) and databases, monitor SLAs, and improve compliance through role-based access.
- It implemented EM12c in a highly available configuration with disaster recovery to manage applications, middleware, IAM, and databases from a single console.
- Through dynamic groups and roles in EM12c, IAM administrators, network operators, and database administrators received restricted views of only their relevant targets while using a shared infrastructure.
- This streamlined operations and improved compliance by allowing different teams to manage incidents
The document provides an agenda for an Oracle Identity Manager product discussion. It outlines focus areas for the product including self-paced training, a converged connector framework, a demonstration, user self-service features, reconciliation capabilities, notifications, and QA. Contact information is also provided for Oracle professional services and the Oracle Identity Manager community.
Con8828 justifying and planning a successful identity management upgrade finalOracleIDM
The document discusses planning for an identity management upgrade. It covers considerations for the planning process such as reviewing prerequisites, understanding the target architecture, inventorying any customizations, reviewing release notes and test plans. The presentation also discusses deployment considerations like architecture impacts and data migration needs. Key steps during the upgrade include determining an in-place or out-of-place approach and ensuring familiarity with release notes and pre-upgrade reports. A customer panel discusses experiences with identity management upgrades.
The document discusses Oracle Identity and Access Management solutions. It provides an overview of Oracle's offerings for authentication, authorization, federation, mobile security, access management, identity governance, privileged access management, and directory services. Key capabilities mentioned include single sign-on, adaptive access and fraud prevention, identity federation, role-based access control, and support for cloud, mobile, and on-premise deployments at large scale.
SANS Institute Product Review of Oracle Identity ManagerOracleIDM
The document provides an overview of a SANS Institute product review of Oracle Identity Manager. It summarizes the review of Oracle Identity Manager 11gR2, which focused on personalizing the user interface, provisioning entitlements based on use cases, creating self-service permissions and workflows, an asset request workflow involving multiple approvers, and provisioning to mobile devices. The review found that Oracle Identity Manager 11gR2 simplified complexities normally associated with identity and access management self-service tools by automating workflows, provisioning to legacy applications without new coding, and incorporating familiar features like shopping carts. It also provided customer perspectives from SuperValu on their identity management roadmap and key learning experiences.
Overview of Oracle Identity Management - Customer PresentationDelivery Centric
The document discusses Oracle Identity Management and provides an overview of its products and vision. It describes how Oracle Identity Management offers a unified approach to access management, governance, directory services, and mobile security to help organizations secure access across the extended enterprise. It highlights key customer use cases and provides a roadmap for further enhancing cloud and mobile identity capabilities and simplifying identity management.
- Oracle Identity Manager 11gR2-PS2 has a component architecture that includes a self-contained J2EE application, SOA for workflow and notifications, OES for authorization, BI for reporting, and external dependencies like LDAP and databases.
- The functional architecture has four tiers - presentation, business services, integration services, and data. Key services include identity provisioning, common services, and integration with target applications.
- Identity provisioning services within OIM handle tasks like resource management, account management, provisioning workflow, role integration, and reconciliation.
The document discusses Bring Your Own Identity (BYOI) and how organizations can leverage it to attract new customers and users. It introduces Oracle's identity and access management solution, which enables BYOI while maintaining security. The solution provides single sign-on, federated identity, mobile security and social identity capabilities. It also allows flexible trust models so higher risk transactions can require stronger authentication. Case studies of AARP and BeachBody are presented, showing how the solution addressed their needs around BYOD, cloud/SaaS applications, and empowering employees and volunteers.
Con9573 managing the oim platform with oracle enterprise manager OracleIDM
The document discusses how Qualcomm implemented Oracle Enterprise Manager 12c to manage its Oracle Identity Management platform. Some key points:
- Qualcomm needed to provide high service levels for identity and access management (IAM) and databases, monitor SLAs, and improve compliance through role-based access.
- It implemented EM12c in a highly available configuration with disaster recovery to manage applications, middleware, IAM, and databases from a single console.
- Through dynamic groups and roles in EM12c, IAM administrators, network operators, and database administrators received restricted views of only their relevant targets while using a shared infrastructure.
- This streamlined operations and improved compliance by allowing different teams to manage incidents
1) The document discusses Oracle Identity Governance and Access Management projects for several clients, including integrating numerous applications with OIM and implementing ESSO.
2) It provides an overview of integrating applications with OIM using connectors and protecting web applications using OAM with WebGates deployed.
3) Finally, it outlines different deployment approaches for OAM including agent-based, agent-less, using a terminal server as a gateway, and a hybrid approach combining methods.
The document discusses Oracle Identity Governance, a unified identity and access governance solution. It addresses challenges of managing access across enterprise, mobile, and cloud applications. The solution provides identity administration, access request management, access risk management, privileged access management, and other features. It uses a modular architecture with components like self-service interfaces, runtime engines, connectors, and common services.
Comprehensive Identity and Access Governance for Rapid, Actionable Compliance
The industry’s most comprehensive identity governance solution delivers user administration, privileged account management, and identity intelligence, powered by rich analytics and actionable insight.
Comprehensive Access Management for Applications, Data, and Web Services
Delivers risk-aware end-to-end user authentication, single sign-on, and authorization protection, enabling enterprises to secure access from mobile devices and seamlessly integrate social identities with applications.
- Oracle Identity and Access Management (IAM) is used to securely manage user access and identities across an organization's applications and systems. It provides features for creating and managing user accounts, roles and access privileges.
- The Oracle IAM architecture separates functionality into three tiers - presentation, server, and data - for scalability. Connectors define how Oracle IAM integrates with external resources through reconciliation and provisioning.
- Administrators construct connectors by defining components like resource types, processes, and adapters to automate user provisioning and identity synchronization between Oracle IAM and target applications and directories.
Oracle Identity Management 11g R2 aims to secure the new digital experience by providing identity management and security solutions. It offers simplified user experiences, a modernized platform to support extreme scale, and a clear upgrade path. The release focuses on simplifying access requests, supporting mobile and social sign-on, improving privileged account management, and providing operational scale through optimized systems and a unified directory.
Oracle Identity Manager (OIM) is an identity management product that automates user provisioning, identity administration, and password management through a comprehensive workflow engine. It is a powerful and flexible enterprise identity management system that automatically manages users' access privileges within enterprise IT resources both within and beyond the firewall and into the cloud. The OIM architecture consists of three tiers - a presentation tier for the GUI, a middleware tier that implements the business logic, and a data tier responsible for data storage.
The document provides sizing guidelines for deploying Oracle Identity Manager 11gR2PS1 based on testing. It discusses factors that impact hardware sizing like the number of users, provisioning operations, reconciliation data volume and frequency, and certification campaigns. The guidelines help estimate the computing resources and database size needed to support expected usage.
The document discusses Oracle Identity Manager, including its architecture and capabilities. It describes Oracle Identity Manager as an application that handles tasks related to managing user access privileges, such as creating, modifying, and removing access privileges. It then outlines Oracle Identity Manager's architecture, which includes presentation, server, and data/enterprise integration tiers. The presentation tier includes administrative and design consoles. The server tier provides services to logical components. And the data/enterprise integration tier includes data access and backend database layers.
- The document introduces Oracle Identity and Access Management (IAM) solutions including Access Control, Directory Services, Identity Administration, Authentication & Authorization, Single Sign-On, Federation, Web Services Security, Identity Lifecycle Administration, Role & Membership Administration, Provisioning & Reconciliation, Compliance Automation, Virtualization, Synchronization, Storage, Audit & Compliance, and Management.
- It discusses Oracle IAM products that address these solutions and how Oracle has been a leader in industry evaluations. Customer examples are provided that demonstrate cost savings, improved security and compliance, and consolidated identity management.
- The future of Oracle IAM is discussed in terms of expanding the product portfolio, building security into databases and middleware,
The document provides an overview of Oracle Unified Directory (OUD). It discusses key drivers for identity management like mobility, cloud, social media, and the internet of things. It then introduces OUD as the next generation optimized directory that can scale to billions of entries with 3x higher performance than previous solutions. OUD is fully compatible and interoperable with other directories. The document outlines new capabilities in OUD 11gR2 like improved performance, security, and support for additional platforms. Finally, it shares examples of customers that have adopted OUD to modernize from older directories or open source solutions.
Con8902 developing secure mobile applications-finalOracleIDM
This document discusses developing secure mobile applications. It provides an overview of Oracle Access Management which can be used to centrally manage mobile security. Oracle Access Management includes features for mobile security, social single sign-on, cloud access, and support for standards. It also provides client SDKs to help build security into native mobile apps and manages single sign-on. The document outlines a deployment architecture and is followed by a partner presentation and developer demo of Oracle's mobile security solution.
Self Service Access Control - Help Yourself to More ProductivityAtul Goyal
This document discusses Oracle Identity Governance and self-service access control. It begins with an agenda that includes business challenges, Oracle Identity Governance, a customer panel discussion, and Q&A. It then discusses the need for simplification, unification, and innovation in identity governance. The following sections describe Oracle Identity Governance's unified approach, identity governance platform, and new features in Oracle Identity Governance 11gR2 PS3 like an improved user interface.
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...oow123
The document discusses Oracle's identity management solutions for the cloud. It outlines Oracle's approach of providing cloud ready identity services, managed identity services, and public cloud identity services. Cloud ready identity services allow customers to extend their on-premise identity solutions to the cloud. Managed identity services offer pre-configured and Oracle-managed identity functionality. Public cloud identity services provide a multi-tenant identity as a service offering hosted on Oracle Cloud.
Oracle Access Manager has five main components: OAM WebPass provides the user interface to the OAM Identity Server which manages the user repository. The OAM Policy Manager is the administrative interface for the OAM Access Server, which handles policy resolution and decisions. OAM Web Gates enforce policies at the server level as defined by the Access Points and Decision Points.
Con8837 leverage authorization to monetize content and media subscriptions ...OracleIDM
The document discusses leveraging authorization to monetize content and media subscriptions. It describes how organizations can offer tiered subscription levels for content, and how an externalized authorization system like Oracle Entitlements Server allows them to quickly change entitlements and offerings by adjusting policies. This helps expand customer bases and upsell subscribers to premium tiers. Customer case studies are provided of companies using authorization to manage content subscriptions.
The document provides an overview of Oracle Identity and Access Management (OIDAM) from social, enterprise, and solution perspectives. It discusses Oracle Identity Manager (OIDM) which is about governance, including requesting access, risk assessment, and auditing. It also discusses Oracle Access Manager (OAM) which is about identity controlling by checking for authentication and authorization. The document outlines the overall OIDAM architecture and components and how OIDAM must be integrated as part of an enterprise solution.
The document outlines Oracle's OIM Connector for Webservices product. It discusses the business drivers for cloud and custom integrations, and describes the connector's architecture as using SOA Suite for loosely coupled integration between OIM and targets. The connector supports various features like WS-Security, mediation, and exposing services. The presentation covers configuration steps, defining operations in the SOA composite, and error handling. It provides assets, roadmaps, and FAQs for the connector.
This document discusses Oracle security solutions. It begins with an overview of recent security breaches and their causes and consequences. It then discusses Oracle's defense-in-depth approach to security across infrastructure, database, middleware, applications, and interactions. The document outlines Oracle's security portfolio and components across these areas. It notes benefits to customers such as cost savings, compliance support, and integration capabilities. It concludes with recommendations based on lessons from client engagements and references Oracle security resources.
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
John Bradley, Ping Identity, gave this presentation at the AllSeen Alliance's Partner Programme at Mobile World Congress 2015.
About Ping Identity: Ping Identity provides next-generation identity security solutions. With more than 1,200 enterprise customers worldwide, including half of the Fortune 100, Ping Identity delivers professional-grade identity security solutions that meet the needs of organizations managing workforce, customer, and partner identities. Identity at Internet scale is a concept that will be required as the industry builds services that encompass billions of connected devices and identities.
1) The document discusses Oracle Identity Governance and Access Management projects for several clients, including integrating numerous applications with OIM and implementing ESSO.
2) It provides an overview of integrating applications with OIM using connectors and protecting web applications using OAM with WebGates deployed.
3) Finally, it outlines different deployment approaches for OAM including agent-based, agent-less, using a terminal server as a gateway, and a hybrid approach combining methods.
The document discusses Oracle Identity Governance, a unified identity and access governance solution. It addresses challenges of managing access across enterprise, mobile, and cloud applications. The solution provides identity administration, access request management, access risk management, privileged access management, and other features. It uses a modular architecture with components like self-service interfaces, runtime engines, connectors, and common services.
Comprehensive Identity and Access Governance for Rapid, Actionable Compliance
The industry’s most comprehensive identity governance solution delivers user administration, privileged account management, and identity intelligence, powered by rich analytics and actionable insight.
Comprehensive Access Management for Applications, Data, and Web Services
Delivers risk-aware end-to-end user authentication, single sign-on, and authorization protection, enabling enterprises to secure access from mobile devices and seamlessly integrate social identities with applications.
- Oracle Identity and Access Management (IAM) is used to securely manage user access and identities across an organization's applications and systems. It provides features for creating and managing user accounts, roles and access privileges.
- The Oracle IAM architecture separates functionality into three tiers - presentation, server, and data - for scalability. Connectors define how Oracle IAM integrates with external resources through reconciliation and provisioning.
- Administrators construct connectors by defining components like resource types, processes, and adapters to automate user provisioning and identity synchronization between Oracle IAM and target applications and directories.
Oracle Identity Management 11g R2 aims to secure the new digital experience by providing identity management and security solutions. It offers simplified user experiences, a modernized platform to support extreme scale, and a clear upgrade path. The release focuses on simplifying access requests, supporting mobile and social sign-on, improving privileged account management, and providing operational scale through optimized systems and a unified directory.
Oracle Identity Manager (OIM) is an identity management product that automates user provisioning, identity administration, and password management through a comprehensive workflow engine. It is a powerful and flexible enterprise identity management system that automatically manages users' access privileges within enterprise IT resources both within and beyond the firewall and into the cloud. The OIM architecture consists of three tiers - a presentation tier for the GUI, a middleware tier that implements the business logic, and a data tier responsible for data storage.
The document provides sizing guidelines for deploying Oracle Identity Manager 11gR2PS1 based on testing. It discusses factors that impact hardware sizing like the number of users, provisioning operations, reconciliation data volume and frequency, and certification campaigns. The guidelines help estimate the computing resources and database size needed to support expected usage.
The document discusses Oracle Identity Manager, including its architecture and capabilities. It describes Oracle Identity Manager as an application that handles tasks related to managing user access privileges, such as creating, modifying, and removing access privileges. It then outlines Oracle Identity Manager's architecture, which includes presentation, server, and data/enterprise integration tiers. The presentation tier includes administrative and design consoles. The server tier provides services to logical components. And the data/enterprise integration tier includes data access and backend database layers.
- The document introduces Oracle Identity and Access Management (IAM) solutions including Access Control, Directory Services, Identity Administration, Authentication & Authorization, Single Sign-On, Federation, Web Services Security, Identity Lifecycle Administration, Role & Membership Administration, Provisioning & Reconciliation, Compliance Automation, Virtualization, Synchronization, Storage, Audit & Compliance, and Management.
- It discusses Oracle IAM products that address these solutions and how Oracle has been a leader in industry evaluations. Customer examples are provided that demonstrate cost savings, improved security and compliance, and consolidated identity management.
- The future of Oracle IAM is discussed in terms of expanding the product portfolio, building security into databases and middleware,
The document provides an overview of Oracle Unified Directory (OUD). It discusses key drivers for identity management like mobility, cloud, social media, and the internet of things. It then introduces OUD as the next generation optimized directory that can scale to billions of entries with 3x higher performance than previous solutions. OUD is fully compatible and interoperable with other directories. The document outlines new capabilities in OUD 11gR2 like improved performance, security, and support for additional platforms. Finally, it shares examples of customers that have adopted OUD to modernize from older directories or open source solutions.
Con8902 developing secure mobile applications-finalOracleIDM
This document discusses developing secure mobile applications. It provides an overview of Oracle Access Management which can be used to centrally manage mobile security. Oracle Access Management includes features for mobile security, social single sign-on, cloud access, and support for standards. It also provides client SDKs to help build security into native mobile apps and manages single sign-on. The document outlines a deployment architecture and is followed by a partner presentation and developer demo of Oracle's mobile security solution.
Self Service Access Control - Help Yourself to More ProductivityAtul Goyal
This document discusses Oracle Identity Governance and self-service access control. It begins with an agenda that includes business challenges, Oracle Identity Governance, a customer panel discussion, and Q&A. It then discusses the need for simplification, unification, and innovation in identity governance. The following sections describe Oracle Identity Governance's unified approach, identity governance platform, and new features in Oracle Identity Governance 11gR2 PS3 like an improved user interface.
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...oow123
The document discusses Oracle's identity management solutions for the cloud. It outlines Oracle's approach of providing cloud ready identity services, managed identity services, and public cloud identity services. Cloud ready identity services allow customers to extend their on-premise identity solutions to the cloud. Managed identity services offer pre-configured and Oracle-managed identity functionality. Public cloud identity services provide a multi-tenant identity as a service offering hosted on Oracle Cloud.
Oracle Access Manager has five main components: OAM WebPass provides the user interface to the OAM Identity Server which manages the user repository. The OAM Policy Manager is the administrative interface for the OAM Access Server, which handles policy resolution and decisions. OAM Web Gates enforce policies at the server level as defined by the Access Points and Decision Points.
Con8837 leverage authorization to monetize content and media subscriptions ...OracleIDM
The document discusses leveraging authorization to monetize content and media subscriptions. It describes how organizations can offer tiered subscription levels for content, and how an externalized authorization system like Oracle Entitlements Server allows them to quickly change entitlements and offerings by adjusting policies. This helps expand customer bases and upsell subscribers to premium tiers. Customer case studies are provided of companies using authorization to manage content subscriptions.
The document provides an overview of Oracle Identity and Access Management (OIDAM) from social, enterprise, and solution perspectives. It discusses Oracle Identity Manager (OIDM) which is about governance, including requesting access, risk assessment, and auditing. It also discusses Oracle Access Manager (OAM) which is about identity controlling by checking for authentication and authorization. The document outlines the overall OIDAM architecture and components and how OIDAM must be integrated as part of an enterprise solution.
The document outlines Oracle's OIM Connector for Webservices product. It discusses the business drivers for cloud and custom integrations, and describes the connector's architecture as using SOA Suite for loosely coupled integration between OIM and targets. The connector supports various features like WS-Security, mediation, and exposing services. The presentation covers configuration steps, defining operations in the SOA composite, and error handling. It provides assets, roadmaps, and FAQs for the connector.
This document discusses Oracle security solutions. It begins with an overview of recent security breaches and their causes and consequences. It then discusses Oracle's defense-in-depth approach to security across infrastructure, database, middleware, applications, and interactions. The document outlines Oracle's security portfolio and components across these areas. It notes benefits to customers such as cost savings, compliance support, and integration capabilities. It concludes with recommendations based on lessons from client engagements and references Oracle security resources.
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
John Bradley, Ping Identity, gave this presentation at the AllSeen Alliance's Partner Programme at Mobile World Congress 2015.
About Ping Identity: Ping Identity provides next-generation identity security solutions. With more than 1,200 enterprise customers worldwide, including half of the Fortune 100, Ping Identity delivers professional-grade identity security solutions that meet the needs of organizations managing workforce, customer, and partner identities. Identity at Internet scale is a concept that will be required as the industry builds services that encompass billions of connected devices and identities.
This document discusses securing financial services applications. It notes that 48% of fraud is caused by insiders and 86% of hacking involves compromised credentials. The challenges include fragmented authorization, brittle access controls, and hardcoded security. It proposes an entitlements management approach using an identity platform to define entitlement catalogs, enforce dynamic authorization policies, audit access and risks, and secure application data through techniques like encryption and masking. Using a platform can reduce costs compared to point solutions and help simplify application security.
WSO2Con EU 2015: Implementing an Open API for Smart Thermostats with WSO2′s A...WSO2
WSO2Con EU 2015: Implementing an Open API for Smart Thermostats with WSO2′s API Manager
With over 100,000 sold Toon’s for Eneco, Quby is the European market leader for Smart Thermostats. Last March, Eneco opened up there Smart Thermostat platform for external developers by offering an Open API. This Open API was developed on the WSO2 API Manager with some customization to allow for the integration with Eneco’s selfcare website. This session describes the architecture, the implementation project and shows some of the highlights of the participants of the Hackathon organised by Eneco at the beginning of March 2015.
Presenter:
Michiel Fokke
IT Architect,
Quby B.V.
Big Data Expo 2015 - Anchormen Enter the Lambda-architectureBigDataExpo
Real-time results with Big Data almost seem like a paradox. The business capabilities unlocked by using map-reduce on vast amounts of data appear to go hand in hand with inertia. Something that only increases as your data lake grows.
Enter the Lambda-architecture. With this new paradigm it is possible to combine the streaming of real-time results with the insights gained from batch processing.. At the same time it protects your most valuable asset, your data, from human error, and still provides the flexibility to develop new business capabilities.
Rutger shares his knowledge on the Lambda-architecture based on a case-study that is reflective of modern day needs. The case-study is put in the context of the current Hadoop eco-system, including Apache Kafka and Spark, and will illustrate the benefits of this powerful combination.
Joe wants to save money on energy costs while also helping the environment. He finds it difficult to get objective advice on home upgrades with all the sales promotions. Joe's friend Tim has a Quby Smart Thermostat that provides personalized energy usage data and recommendations. Seeing how it helps Tim, Joe also gets a Quby, which gives him customized advice to save energy in a cost-effective way while reducing his home's environmental impact.
Quby uses data analytics on information collected from Toon thermostats to provide more insights into home energy usage. Data on energy consumption, temperatures, and user interactions is collected from thermostats and analyzed to identify typical appliance and system characteristics. Signatures are created and compared to benchmarks to detect unusual usage patterns. Users are then alerted and engaged in a dialogue to provide feedback, with the goal of giving actionable energy efficiency advice. This helps solve problems around improving home energy efficiency and demand side energy management.
Password Policies in Oracle Access Manager. How to improve user authenticatio...Andrejs Prokopjevs
This document discusses configuring password policies in Oracle Access Manager to improve authentication security for an Oracle E-Business Suite. It begins with an overview of the standard password policy capabilities in E-Business Suite, which are limited. It then reviews the history of password policy implementations in Oracle Access Manager and how the capabilities have improved over time. Finally, it provides an example of how to configure the password policy and set up the required user identity store in Oracle Access Manager to centrally manage password policies for an E-Business Suite.
Con8896 securely enabling mobile access for business transformation - finalOracleIDM
The document discusses planning for secure mobile access. It begins with an introduction to mobile security challenges for IT departments in managing access vs control with the rise of mobile. It then covers types of mobile apps, key security terms, and the need for mobile access management solutions. The document outlines Oracle's mobile security architecture and platform, which provides authentication, SSO, device security, API security and access management for mobile. It stresses the importance of planning with all stakeholders and having governance over development standards, access points and policies. The document ends with a case study of Verizon Wireless and their approach to planning mobile and social SSO to improve the customer experience across channels.
Con8817 api management - enable your infrastructure for secure mobile and c...OracleIDM
The document discusses API security challenges in modern enterprises driven by cloud and mobility. It outlines Oracle's approach to API management and security which includes: (1) treating the enterprise web as consisting of APIs, (2) addressing the same security problems around DMZ security, access control, and insider threats but with new names, (3) enabling better security through service abstraction and standards-based layers for access control. It then provides examples of Oracle's API gateway and identity management solutions for securing APIs.
Oracle OpenWorld 2015 | CON9456 Mobile Security in the CloudIndus Khaitan
Slides from my talk at Oracle OpenWorld.
Enterprise mobility management and security can be simply delivered as a scalable cloud service. This session addresses how organizations can use Oracle Identity Cloud Service to address security and management for consumer, corporate-owned, and BYOD devices.
The document discusses identity and access management challenges posed by emerging technologies like mobile, cloud, social media, and the Internet of Things. It outlines Oracle's identity management platform approach, which aims to simplify deployment and management across devices through a single platform with converged governance, authentication, authorization, and device management capabilities. The platform is designed to scale from thousands to billions of users and devices to address the growing challenges of securing identities in an increasingly connected world.
This document provides an overview of Oracle Mobile Cloud Service (MCS) and its features. MCS addresses challenges with enterprise mobile development like integration across apps and backend systems. It provides mobile backends, platform APIs, custom APIs, connectors, and a client SDK. The presentation demonstrates consuming MCS from an Oracle MAF app and summarizes key capabilities like mobile backends, custom APIs using Node.js, and connectors for external systems.
Con8819 context and risk aware access control any device any where - finalOracleIDM
This document summarizes an Oracle presentation on context and risk aware access control using Oracle Access Management 11gR2. The presentation discusses market trends driving demand for mobile and cloud security, as well as avoiding system fragmentation. It then outlines key features of Oracle Access Management 11gR2 such as simplified and innovative access management, flexible policy models, mobile authentication options, device-based security, context-aware authorization and risk-based authentication. The presentation also covers how Oracle Access Management uses identity context and real-time risk analysis to enhance security and user experience while lowering costs.
Con8836 leveraging the cloud to simplify your identity management implement...OracleIDM
The document discusses Oracle's Managed Cloud Services for Identity and Access Management. It provides an overview of Oracle's cloud solutions and managed cloud services. It then describes Oracle's Managed Cloud Services for Identity and Access Management, including its ability to provision internal and external users with approval workflows, enable self-service single sign-on capabilities, and integrate with multiple applications hosted both within Oracle and by the customer. The summary concludes by noting that Oracle provides both standardized and customized managed identity and access management services to customers.
OOW13: Developing secure mobile applications (CON8902)GregOracle
As more organizations develop mobile applications that access ever increasing levels of sensitive data, it is critical that standard security policies can be applied, whether coding native, hybrid or mobile browser-based applications. This session will teach you how to code your mobile applications to gain access to Oracle's Mobile Access Management services including device registration, authentication, authorization, step-up authentication and single sign-on.
OOW13:Leveraging the Cloud to Simplify Your Identity Management Implementatio...GregOracle
Applications moved into a managed cloud environment need Identity and Access Management services to ensure user accounts, passwords and roles are all managed properly for the purposes of Security and Audit. In this session, we’ll discuss the key considerations for a Hosted Private Cloud deployment of Oracle applications integrated with Oracle Identity Management Suite to provide self-service account provisioning and federated Single Sign-on (SSO) for an organization’s internal and external users. You will also hear from a customer on how their key business requirements were addressed with Managed Identity Services from Oracle running at Oracle.
Connecting devices to the internet of thingsBernard Kufluk
Connecting devices to IBM's Internet of Things Foundation. The foundation is a PaaS service allowing you to get devices connected quicker than ever before.
The document introduces Augmate's wearable device management platform. It allows enterprises to securely manage fleets of VR and wearable devices. Some key features include remote application deployment, device locking, policy management, and real-time battery monitoring. It discusses use cases across various industries and Augmate's competitive advantages over other MDM solutions in supporting wearable devices.
Securing the Extended Enterprise with Mobile Security - Customer Presentation Delivery Centric
This document discusses securing mobile access in the extended enterprise. It notes that mobile computing, social networking, cloud computing and other technologies are driving rapid changes. This brings opportunities but also challenges around securing increased application proliferation across devices. The document advocates a unified identity management approach to reduce risks and costs compared to disconnected identity solutions. It presents Oracle's mobile security solutions for areas like secure access, application management, and identity services. Case studies demonstrate how these solutions can improve security and productivity when providing mobile access to enterprise applications and data.
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
Scalable enterprise mobility solutions: How to give your employees tools they need without sacrificing user experience and security.
Consumerization of IT and BYOD are here – and it’s a GOOD thing. Today's dynamic workplaces and hyper-competitive markets drive demand for more mobile productivity solutions. Nearly 70% of enterprise employees report making better decisions, being more productive and happier if they are allowed to use mobile devices and cloud-based tools. Yet, IT organizations often resist these trends because of cost and risk associated with multi-platform, multi-device ecosystem having access to corporate data and resources.
In this webinar, product experts from Sencha and Centrify will help your organization embrace BYOD and SaaS in a cost-effective, scalable way. Sencha Space is an advanced platform for securely deploying mobile apps and delivering a consistent, elegant, mobile user experience to end-users. Users can launch any mobile web app, or HTML5 app in a secure, managed environment. Combining Space with secure, Active Directory- or Cloud-Based Identity and Access Management (IAM) from Centrify gives IT visibility and control over mobile platforms and SaaS / in-house apps while improving user experience and reducing security risk.
Session 1908 connecting devices to the IBM IoT CloudPeterNiblett
IBM MessageSight and the IBM Internet of Things cloud enable connectivity across a wide variety of devices - from existing devices in silos and systems through the wide range of new devices that are appearing on a daily basis. This session covers patterns of connectivity, how to make it happen, including sending events like measurements and receiving of commands. The session goes into detail on how to use the industry standard MQ Telemetry Transport protocol to achieve this and encompasses best practices for topics and message format.
The document discusses architecture design for information systems. It describes key components of architecture design including software components, hardware components, and different architecture models like client-server. It emphasizes that architecture design should assign software components to hardware devices in the most advantageous way based on requirements. Non-functional requirements like operational, performance, security, and cultural needs should highly influence the chosen architecture. The document also discusses creating a hardware and software specification to outline technical needs for a new system.
EduID Mobile App - Use-Cases, Concepts and ImplementationChristian Glahn
This presentation describes the token-agent implementation for openID Connect for authenticating native mobile apps provided by third parties. It presents a standards-based working solution for integrating loosely coupled native apps into a trust federation using. This allows for deeper integrated authentication services on Android and iOS without violating app-store policies.
This presentation has been part of the EduID Mobile App workshop at SWITCH on 25 Apr. 2017.
Thanks to Christoph Graf (SWITCH), Riccardo Mazza (USI), Michael Hausherr (FHNW), Goran Josic (USI), and Yann Cuttaz (USI).
The document describes Oracle Blockchain Platform (OBP), which provides a fully-managed blockchain as a service. OBP uses Hyperledger Fabric as its underlying blockchain framework and handles all administration and management tasks automatically. It allows developers to build and deploy smart contracts through a console and SDKs to automate business processes on the blockchain network. OBP also offers tools to integrate blockchain applications with Oracle and third-party applications.
Con8833 access at scale for hundreds of millions of users finalOracleIDM
The document outlines a presentation on Oracle Access Management's capabilities for scaling to hundreds of millions of users. Key points:
- Oracle Access Management 11g is a highly scalable access management solution that can scale to hundreds of millions of external users.
- It uses a distributed architecture with horizontal scalability achieved by adding nodes to the WebLogic cluster within and across data centers. Caching is provided by Coherence.
- A benchmark tested Oracle Access Management and Oracle Adaptive Access Management serving 250 million users, deployed on Oracle Exalogic and Exadata hardware. With three Exalogic nodes, over 16 million logins per hour were supported.
Con8813 securing privileged accounts with an integrated idm solution - finalOracleIDM
The document discusses Oracle Privileged Account Manager (OPAM) and how it can be used to securely manage privileged accounts. It provides an overview of OPAM's capabilities including secure password vaulting, session management and auditing, integration with Oracle Identity Governance platforms, and support for common targets. The document also presents a use case of how OPAM could help Oracle Cloud for Industry securely manage privileged accounts by providing centralized policies and reducing risks related to disparate practices and minimal auditing/reporting.
Con8811 converged identity governance for speeding up business and reducing c...OracleIDM
The document discusses Oracle's converged identity governance solution. It addresses key business problems such as simplifying access management, maintaining compliance, and reducing fragmentation and costs. The solution provides a platform approach to identity governance, provisioning, access requests, policy management, and reporting. It aims to simplify access, reduce risk, and improve compliance. The presentation includes a customer panel discussion on their identity governance implementations.
Con 8810 who should have access to what - finalOracleIDM
The document outlines an agenda for a session on identity governance and risk management. The session goals are to understand current market trends in access compliance and risk management, learn the benefits of an identity governance platform for managing risks, and hear from customers about their experiences. The agenda includes discussions of market trends driving needs for improved access management, how Oracle Identity Governance can help with risk management and compliance needs, and a customer panel discussion.
The document discusses Oracle's security solutions and capabilities. It highlights that Oracle has been providing security solutions since 1977 and has market-leading security products backed by aggressive research and development. The solutions cover infrastructure security, governance, compliance, identity management, database security, and services/consulting. Oracle takes a defense-in-depth approach to security and aims to embed security capabilities inside its products to securely protect what is strategic for customers.
Con8808 enabling business growth in the new economy finalOracleIDM
This document discusses Oracle's identity management and access security solutions. It describes how Oracle enables secure mobile access through single sign-on and secure containers on mobile devices. It also discusses how Oracle provides secure privileged access management with approval workflows for privileged commands. Finally, it outlines Oracle's unified identity governance solution for certifying user and data access across applications and repositories.
The document outlines innovations in database security by Oracle. It discusses the changing security landscape, Oracle's database governance model, and its strategy for securing databases. The agenda indicates it will cover these topics and new security features in Oracle Database 12c, such as database vault, data masking, and encryption.
The document discusses the growing number of connected devices and the need for identity management solutions. It outlines Oracle's identity management platform and its ability to handle authentication, authorization, and management at massive scale across various devices. The platform provides a single solution for securing all devices and addresses new security requirements as interactions between people, devices, and applications increase.
The document discusses the future of identity and security management as the number of connected devices increases dramatically. It notes that by 2020 there will be many more devices than can currently be predicted, across all industries. This will redefine concepts of identity and trust between people and devices. New security requirements will emerge to handle the massive scale of authentication, authorization, and dynamic user volumes across devices, appliances, and sensors. Oracle's identity management platform aims to provide a single solution to address these new challenges as the Internet of Things continues to grow.
Avea, a Turkish mobile operator, replaced its aging Sun identity management platform with Oracle Identity Management to improve security, compliance, and scalability. The project involved migrating 6,300 identities and integrating with 16 enterprise systems. Key challenges included defining business roles and access policies. Lessons learned included the need for role mining and testing onsite. The new platform provides enhanced self-service, provisioning performance, and ability to scale.
This document summarizes a panel discussion on managing risk and enforcing compliance in healthcare with identity analytics. The panel discussed Kaiser Permanente's implementation of Oracle identity and access management solutions to standardize access management, automate compliance processes, and gain visibility into user access across their environment. PwC provided an overview of their healthcare privacy and security practice and experience implementing Oracle identity solutions. Oracle discussed how their identity analytics and identity management products help boost security, enforce compliance, improve user productivity, and reduce costs for healthcare organizations.
Oracle Identity Management 11g R2 aims to enable the new digital workplace by simplifying and innovating the user experience, supporting cloud, mobile, and social sign-on, optimizing the system directory server for higher performance at lower cost, and demonstrating mobile sign-on capabilities. The presentation encourages attendees to connect with Oracle to learn more about implementing identity management solutions.
Oracle Identity Management 11g R2 is designed to simplify the user experience, support cloud, mobile and social sign-on, and provide optimized system performance at a lower cost. The presentation outlines features of Oracle Identity Management 11g R2 such as mobile sign-on, privileged account management, and increased system directory server performance.
ISACA Webcast Featuring SuperValu - Tackling Security and Compliance Barri…OracleIDM
In this webinar, host Scott Bonnell discussed security and compliance issues with Philip Black from SuperValu. Business drivers and a Sun to Oracle technology upgrade project are discussed.
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyOracleIDM
Developing and enforcing a BYOD policy is important for companies using mobile devices. The document discusses a mobility survey that found 97% of respondents feel mobile policies are important, yet many organizations still do not have policies. It also covers the top 3 mobile security practices of authenticating users, controlling access to resources, and protecting corporate data. Implementing an effective BYOD policy presents challenges in finding the right balance of security controls without upsetting employees.
Oracle implemented an identity management system to improve security, enable single sign-on, and ensure zero downtime. They deployed Oracle Access Manager and Oracle Internet Directory to manage over 1,000 applications and 17 million user accounts while consolidating systems and reducing costs. The transition was completed in phases to avoid disruption and allow immediate rollback if needed.
The document discusses security risks and threats. It notes that risks are inside companies from issues like stolen credentials, while threats are outside from hacking. It shows that most data breaches in 2012 involved hacking that exploited stolen credentials or privilege misuse. The document advocates managing risks by implementing security across IT layers, systems, and providing solutions like identity management, database security and infrastructure security.
The document discusses security challenges posed by new digital experiences and emerging technologies. It outlines Oracle's identity management and security solutions that can help organizations address issues like identity theft, data security, regulatory compliance, and access management across mobile, cloud, and social environments. Visual diagrams and statistics are presented on topics like single sign-on, fraud detection, and the growing use of mobile and social technologies.
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfflufftailshop
When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
3. Program Agenda
Introducing Identity for the Internet Of Things
Security Challenges for the Internet of Things
Oracle Access Management 11gR2- Securing access for the
Internet of Things
Customer Case Study
Demo
Q&A
3
5. Internet Of Things
Internet of Things
• Refers to the general idea of
things, including everyday objects
that are:
• Readable/recognizable
• Locatable/Addressable
• Controllable
• Communicable
5
6. Identity for the Internet Of Things
Composite Identities
• Identity as a communication endpoint:
• User
• Service
• Device
• Software Module
• Sensor
• User identities are tied to Things based on:
• Interaction
• Context
6
7. Identity for the Internet of Things
Social Networks
• Connect, Communicate, Share
• Use public or private social
networks
• Link physical and virtual
Things, services, devices,
APIs
• Allow reacting to events
7
8. Identity for the Internet of Things
Securing the “Smart Toaster”
• Securing Autonomous
Independent Things
• Context Aware Authentication
• Securing Communication
• Person to Thing
Communication
• Thing to Thing
Communication
8
10. Security is a Barrier for Adoption of IoT
“The horizontal evolution of M2M will require
full end-to-end security. Significant efforts
need to be invested into M2M application
security in order for the M2M market to fully
evolve. Whether this is through open source
initiatives or standards development, the
demand for increased M2M application
security will have to be answered, and
sooner rather than later.”
ABI Research, M2M Dream Challenged by Alarming Security
Concerns, Feb 2013
40%
30%
Of embedded systems and
applications developers have
not proactively addressed
security in existing
development projects
Median CAGR growth (2011-2014)
in shipments of security
solutions for industrial
automation, medical devices,
consumer electronics,
automotive and retail
Source: VDC Research
Strategic Insights 2012: Embedded Software & Tools Market,
Security Development & Runtime Solutions
10
11. Challenges in IoT Security
Control
• What protection measures are possible as thousands of
intelligent things cooperate with other real and virtual entities in
random and unpredictable ways?
• How do you ensure security given IoT’s highly distributed
nature and use of fragile technologies, such as limited-function
embedded devices?
• How do you leverage investments in existing internet security
technologies for the highly fragmented IoT networks?
• How can you define and enable trust in a dynamic IoT network
with weak trust links between network nodes?
Access
• Typical challenges for IoT service
providers
11
12. Key IoT Security Requirements
Onboarding &
Enrollment
Authentication &
Authorization
Device Metadata &
Control
Policy & Key
Management
Application
Management &
Provisioning
• Mutual authentication between
devices and server
• Confidentiality of data transfer
over multi-protocol networks
• Device data management
• Governance of trust
relationships in IoT networks
• Device applications provisioning
& management
12
25. Example Login Flow – Native App with OAM
Client
App(Mobile)
1
Mobile and Social
Server(Server)
Security App
(Mobile)
Request Access
Token
2 - If valid token in local credential
store, return token to App, else
continue below.
-
4
Extracts device attributes and ID
contexts
-
Use token to
make calls to
server
application
protected by
OAM
Accept username/password
-
5
Present login page
-
Oracle
SDK
Makes authentication call with
user/password, device attributes
and device tokens
-
-
Registers Device/App if
unregistered
-
Authenticates with OAM Server
-
Publishes ID context to OAM Server
and OES for authorization decisions
-
Invokes OAAM for risk analysis
-
Responds User/Access Tokens
Stores User/Access Token
-
3 - Validates device tokens
Returns token to Client App
25
33. Oracle Fusion Middleware
Business Innovation Platform for the Enterprise and Cloud
Complete and Integrated
Web
Social
Mobile
Best-in-class
User Engagement
Business
Process
Management
Open standards
Content
Management
Service Integration
Business
Intelligence
Data Integration
Identity Management
Development
Tools
Cloud Application
Foundation
On-premise and Cloud
Foundation for Oracle
Fusion Applications and
Oracle Cloud
Enterprise
Management
33
The concept of the Internet of Things includes network-enabling virtually any type of product or machinery so that data about the object can be captured and communicated. In effect, these networked Things become "smart objects" that can become part of the Internet and active participants in business processes. The Internet of Things describes a world where humans are surrounded by machines that communicate with each other and with them. People need an understanding of this multi-device environment and the network needs a representation of “who” the user is.The Internet of Things defines a virtual identity as the endpoint of communication - independent of the device - allowing users to interact with several devices, seamlessly, under one name. The user may have several virtual identities to represent the different personas and aspects of their service usage.
Identities may represent entities of all kinds including persons, devices and software. The internet of Things defines two types of identities: - an Identinet where identities are at the end point of all communications. These identities may represent entities of all kinds including persons, devices and software. - a digital shadow –also called a virtual identity or a composite identity – represents the digital shadow of entities in the digital world. The digital shadow designates the concept of entities using services, nodes, equipment and infrastructure in a specific context which allows users to attach their identity to a Thing- a service, node or infrastructure based on their interaction with that Thing. By attaching a user identity to a Thing based on the user’s usage of the Thing – users attach multiple entry points into the physical Internet without losing a consistent view on that dataUsers have Many/Many relationships with Things. For e.g. Many cars in the family: All family members drive all cars but each has specific privileges with their own individual cars. Other common scenarios include rental car scenarios or where service equipment is shared by several field employees.
In a social network- individuals only connect with thosethey know ANDwith those who are interested in following their activity—without the expectation of reciprocationIn the above description:1) is relevant to the Internet of Things as people not only share relations with friends, but they also have relations toThings - to favoritebooks, movies, gadget, items, products, food, devices, automobiles…2) is very relevant to the Internet of Things as it allows building a technical publish/subscribe type of network where various sensorsand actuators post their state. For e.g. Twitter is a commonly used online social network that allows plugins (publishers/subscribers) topost events from selectedsensors to Twitter and listen for Tweets themselves from devices they are interested in.--the washingmachine twittering when it has done its job, the stereo telling the worldabout the music you are listening to, or the mobile phone announcing the callsyou have made recently.
Most Things on the Internet are : Autonomous Independent Things i.e. 1. don’t require another device (such as a smartphone or web service) to function2. able to sense contextand are able to autonomously interact with other things, sensors, and services.The graphic depicts a WiFi enabled toaster that makes light fun of this. However, consider the “Smart” refrigerator:Stage 1: Non autonomous i.e. provides value to users using interaction with other devices such as smartphones : The refrigerator owner scans cartons of milk with his smartphone, which triggers a reminder when the milk expireStage 2: Partially autonomous: The refrigerator detects the milk on its own and issues reminders across a broader range of connected appsStage3: Autonomous Independent: The refrigerator orders replacement milk just before it’s empty or expires — entirely on its own.
OAM provides an easy framework for applications to connect and integrate with social networks. OAM Social also provides out of the box integration with trust for social logins (use for initial authn, step up for anything else). Built-in integration with Federation provides linking local to social accounts and new capabilities such as Oauth server support provides the ability to build private social networks while allowing for the capability to leverage public OAuth servers such as FaceBook or Twitter and OpenID authentication via Google.
Oracle Adaptive Access ManagerDevice Fingerprinting and Registration DatabaseRisk-Based Authentication that Factors Mobile ContextOracle ApplicationGatewayEnables Mobile Application REST API’s and protects API’s, webservices, and SOA infrastructure from external threats and invalid / suspicious requestsExtends Access Management with authentication, authorization, audit to REST API’s, web servicesOracle Entitlement ServerMake AuthorizationDecisions and Redact Data based on User,Mobile, or any other ContextExternalize AuthorizationPolicies from Application CodeOracle Access Management : Mobile & SocialMobile Identity and Access GatewayAuthentication, Registration, and User Profile Services for MobileOracle Web Services ManagerLast mile security for an organizations backend web services and SOA infrastructure Embedded agentsNative Mobile Security SDKNative Login Screens / Secure Credential StorageEasy Integration w/ SSO and Web Services SecurityNative Mobile Security AppsLogin App for Native and Web Apps Providing Device ContextNative White Pages App Integrated w/ User Profile Services
Consider using OAM,OAM M&S and OAG to validate and secure JWT tokens during various REST invocations for service to service interactions between the apps on the vehicle, dealer, vendor and the user. Several of these services are invoked from native mobile apps on the vehicle or the dealer or the user. The tokens are validated with policies configured on Oracle M&S that include device registration and device fingerprinting.
Uses the Oauth 2.0 client credentials grant flow—the client is also the resource ownerThe client credentials grant uses client credentials as an authorization grant. This grant makes sense when the client is also the resource owner.The following sequence diagram shows the successful process.
Username and PasswordSocial LogonStep up Auth and OTP, can be applied:-first time with this device (device registration)-sensitive application-high risk score-user with high level of access to application
Mobile Application Access SecurityIntegrates native mobile apps, mobile web with corporate systems & informationAccess management, authorizations, API security, and fraud detectionDevice context based fine grained authorizationSupport for iOS Mobile Device Security ElementsDevice security – jailbreak detection at loginDevice lifecycle – white-list/blacklist/lost device managementDevice fingerprinting
With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.