Downloaded 18 times
![Oracle Entitlements Server
Data Security
Query “My” Employees
Query Employees
OES PDP
ID
123
129
143
Name
Salary
Phone
John Smith $125K 123-456-7890
Bob Black ******** 123-111-2222
Sam Fisher $100K 123-333-4444
123 John Smith $125K 123-456-7890
129 Bob Black $110K 123-111-2222
143 Sam Fisher $100K 123-333-4444
select EMP_ID, NAME, SALARY, PHONE
from
HCM_EMPLOYEES
where MANAGER_ID = :CURRENT_USER
Actions
Promote
Transfer
Transfer
Promote
Transfer
Application level enforcement for Oracle & 3rd party RDBMS
• OES returns an “Obligation” with the security filter (SQL where clause)
isAuthorized(user
=
•authzResult = Permit security Bob Smith,
Object, Row, and Attribute level
userRole = Product Director
Oracle Entitlements Server
•Obligations = Operations
CRUD & Business
resource = Employees Table
[ SECURITY_FILTER | “MANAGER_ID = :CURRENT_USER”]
• High performance & scalability
action
= View)](https://image.slidesharecdn.com/con8837-leverageauthorizationtomonetizecontentandmediasubscriptions-final-131028174539-phpapp01/75/Con8837-leverage-authorization-to-monetize-content-and-media-subscriptions-final-10-2048.jpg)
More Related Content
Similar to Con8837 leverage authorization to monetize content and media subscriptions - final
![Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day3-cfd-251120170304-ddef8112-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-digitalaccessibilitywhydevelopersneedtoknowandcarein2025-251127011019-0674441d-thumbnail.jpg?width=640&height=640&fit=bounds)
Con8837 leverage authorization to monetize content and media subscriptions - final
- 1. 1 Copyright © 2013,Oracle and/or its affiliates. All rights reserved.
- 2. Leverage Authorization to MonetizeContent and Media Subscriptions Roger Wigenstam Sr. Director, Product Management Oracle Identity & Access Management
- 3. The following isintended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 4. Program Agenda OracleEntitlements Server : Overview Customer Case Studies Demo 4 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 5. Oracle Entitlements Server Overview 5 Copyright© 2013, Oracle and/or its affiliates. All rights reserved.
- 6. Oracle Entitlements Server Oracle’sStrategic Authorization Solution Embedded & Integrated In all things Oracle – Over 50 products now using – Many more in progress With popular 3rd party platforms Used by 1000’s of customers 6 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 7. Oracle Entitlements Server Whatis it? Fine grained Authorization Standards based High performance Extreme scale Multi Data Center support Many Deployment options 7 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 8. Authorization Use Cases 8 Copyright© 2013, Oracle and/or its affiliates. All rights reserved.
- 9. Oracle Entitlements Server Finegrained authorization for Web Applications & Portals Control Access to • Pages • Tabs • Portlets / Regions • Tables • Text Fields • Buttons • Tree Nodes • Graphics / Charts • Dropdowns / List Items / List of Values • What data do you get to see (documents, in tables, charts etc) • Data Masking • Operations on Data (hire, promote, approve, reject) • Backend Data & Web Service operations • Personalization / Customization • and more… 9 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 10. Oracle Entitlements Server DataSecurity Query “My” Employees Query Employees OES PDP ID 123 129 143 Name Salary Phone John Smith $125K 123-456-7890 Bob Black ******** 123-111-2222 Sam Fisher $100K 123-333-4444 123 John Smith $125K 123-456-7890 129 Bob Black $110K 123-111-2222 143 Sam Fisher $100K 123-333-4444 select EMP_ID, NAME, SALARY, PHONE from HCM_EMPLOYEES where MANAGER_ID = :CURRENT_USER Actions Promote Transfer Transfer Promote Transfer Application level enforcement for Oracle & 3rd party RDBMS • OES returns an “Obligation” with the security filter (SQL where clause) isAuthorized(user = •authzResult = Permit security Bob Smith, Object, Row, and Attribute level userRole = Product Director Oracle Entitlements Server •Obligations = Operations CRUD & Business resource = Employees Table [ SECURITY_FILTER | “MANAGER_ID = :CURRENT_USER”] • High performance & scalability action = View)
- 11. Content Management Attribute BasedAccess Control Name Department World Domination Strategy.pptx Top Secret Strategy, Development Cost Analysis.xls Secret Accounting World Domination - Details.docx Top Secret Development Progress Report.pptx Top Secret Strategy Public Statement.pptx 11 Sensitivity Public Marketing Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 12. Oracle Entitlements Server MobileAuthorization Selective Data Redaction Authorize Business Transactions Context Aware Standards Based Full Audit Trail No Code Changes Required 12 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 13. Oracle Entitlements Server Finegrained authorization for API’s and Web Services Request HTTP / REST / SOAP / OAuth Clients 13 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. <SOAP:Envelope> <SOAP:Header> <User> Gary Chalmers </User> <Org> Public Schools </Org> <Role> Superintendent </Role> </SOAP:Header> <SOAP:Body> <getStudentDetail> <studentID> 999999 </studentID> </getStudentDetail> </SOAP:Body> </SOAP:Envelope> Student WebService
- 14. Oracle Entitlements Server Finegrained authorization for API’s and Web Services HTTP / REST / SOAP / OAuth Clients 14 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Response <SOAP:Envelope> … <SOAP:Body> Student WebService <getStudentDetailResponse> <studentID> 99999 </studentID> <name> Bart Simpson </name> <grade> F </phone> <SSN> 987-65-4321 </SSN> <DoB> 13-Feb-2005 </DoB> <address> Evergreen Terrace </address> </getStudentDetailResponse> </SOAP:Body> </SOAP:Envelope>
- 15. Oracle Entitlements Server Finegrained authorization for API’s and Web Services • Selective Data Redaction of the response payload • OES authz decision returns an “Obligation” with information on what to redact Oracle API Gateway HTTP / REST / SOAP / OAuth Clients 15 <SOAP:Envelope> Response … <SOAP:Body> OES PDP <getStudentDetailResponse> Student WebService <studentID> 99999 </studentID> <name> Bart Simpson </name> <grade> F </phone> <SSN> ***-***-**** </SSN> isAuthorized(user = Gary Chalmers, <DoB> **/**/**** </DoB> userOrg = Public Schools <address> Evergreen Terrace </address> userRole = Superintendent </getStudentDetailResponse> studentId = 99999 </SOAP:Body> action = getStudentDetail) Oracle Entitlements Server </SOAP:Envelope> Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 16. Mobile & SocialAccess Management Deployment Architecture Corporate DMZ OES PDP OAM Agent Web Traffic Access Manager Corporate Network Entitlements Server Adaptive Access Web Apps OHS Directory Services OAM Agent Mobile and Social OES PDP REST Traffic OES PDP HTTP / REST / SOAP / OAuth Clients Oracle API Gateway Web Services Service Bus Manager Context Aware Authorization and Data Redaction 16 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. SOAP/REST and Legacy Web Services
- 17. All that isgood, but leverage Authorization to help Monetize Subscriptions???? 17 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 18. Tiered Subscriptions To Movies,Internet / WiFI Access, Reports, Customer Data, Content of any kind Many organizations offer content through subscriptions – Free vs Basic vs Premium offerings How do I expand my customer base ? How do I make each tier more attractive and lure customers to sign up for premium offerings ? How do I quickly capitalize on rapidly evolving events and market trends ? 18 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 19. Tiered Subscriptions (cont.) ToMovies, Internet / WiFI Access, Reports, Customer Data, Content of any kind Answer ? – Expand the customer base and upsell through traditional marketing campaigns etc? – Offerings may be difficult to change, require involvement from the development team Or perhaps ? – Make premium content temporarily available for free, or to subscribers at lower levels to get them hooked / upsell – Stay current with market trends, rapidly change offerings by simply deciding what policy changes are required to make content available to subscribers at different levels – Leveraging an externalized Authorization system can help ! 19 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 20. Customer Case Studies SwapnilMehta, Sena Systems 20 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 21. Customer Case Studies Content& Media Subscriptions Placeholder for SENA Slides 21 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 22. Summary Monetize and/ormake information available to new clients and applications through simple policy changes – Control exposure of sensitive data – Control what transactions users can submit Leveraging Oracle Access Management – Oracle Entitlements Server – Oracle API Gateway – Oracle Access Manager – Oracle Mobile & Social – Oracle Adaptive Access Manager 22 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
- 23. Questions 23 Copyright © 2013,Oracle and/or its affiliates. All rights reserved.
- 24. Don’t miss theseIDM Sessions CON8828 CON8813 CON8836 CON 4342 CON9024 CON8902 CON8826 24 Wednesday 09/25, Moscone West, Room 1:15PM 2018 Wednesday, 09/25, Moscone West, Room 3:30PM 2018 Thursday 09/26, Moscone West, Room 11:00AM 2018 Thursday 09/26, Moscone West, Room 12:30PM 2018 Thursday 09/26, Moscone West, Room 2:00PM 2018 Thursday, 09/26 Marriot Marquis – Golden 2:00PM Gate C3 Thursday, 09/26, Moscone West, Room 3:30PM 2018 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Justifying and Planning a successful Identity Management Upgrade Securing privileged accounts with an integrated identity management solution Leveraging the Cloud to simplify your Identity Management implementation Identity Services in the New GM IT Sanjay Rallapalli, Oracle Next Generation Optimized Directory - Oracle Unified Directory Developing Secure Mobile Applications Etienne Remillon, Oracle Zero Capital Investment by leveraging Identity Management as a Service Olaf Stullich, Oracle Guru Shashikumar, Oracle GM Mark Wilcox, Oracle Mike Neuenschwander, Oracle
- 25. Oracle Fusion Middleware BusinessInnovation Platform for the Enterprise and Cloud Complete and Integrated Web Social Mobile Best-in-class User Engagement Business Process Management Open standards Content Management Service Integration Business Intelligence Data Integration Identity Management Development Tools 25 Cloud Application Foundation Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Enterprise Management On-premise and Cloud Foundation for Oracle Fusion Applications and Oracle Cloud
- 26. 26 Copyright © 2013,Oracle and/or its affiliates. All rights reserved.
- 27. 27 Copyright © 2013,Oracle and/or its affiliates. All rights reserved.
Editor's Notes
- #17 Oracle Adaptive Access ManagerDevice Fingerprinting and Registration DatabaseRisk-Based Authentication that Factors Mobile ContextOracle Enterprise GatewayEnables Mobile Application REST API’s and protects API’s, webservices, and SOA infrastructure from external threats and invalid / suspicious requestsExtends Access Management with authentication, authorization, audit to REST API’s, web servicesOracle Entitlement ServerMake AuthorizationDecisions and Redact Data based on User,Mobile, or any other ContextExternalize AuthorizationPolicies from Application CodeOracle Access Management : Mobile & SocialMobile Identity and Access GatewayAuthentication, Registration, and User Profile Services for MobileOracle Web Services ManagerLast mile security for an organizations backend web services and SOA infrastructure Embedded agentsNative Mobile Security SDKNative Login Screens / Secure Credential StorageEasy Integration w/ SSO and Web Services SecurityNative Mobile Security AppsLogin App for Native and Web Apps Providing Device ContextNative White Pages App Integrated w/ User Profile Services
- #23 Extending access to modern mobile devicesConsistent enforcement of access policiesVisibility to real time API access and analyticsAudit Visibility into historic data for audit purposes Heterogeneous
- #26 With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.