Oracle Security and Identity Management - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Oracle Security and Identity Management

Description:

Oracle Advanced Security Option. Oracle Virtual Private Database ... Multimaster & Fan-out replication. Hot backup/recovery, RAC, etc. Manageability ... – PowerPoint PPT presentation

Number of Views:151
Avg rating:3.0/5.0
Slides: 20
Provided by: anal144
Category:

less

Transcript and Presenter's Notes

Title: Oracle Security and Identity Management


1
Oracle Security and Identity Management
Wojciech Karwowski Piotr Kopczynski Oracle Polska
2
Agenda
  • Oracle Database security
  • Oracle Advanced Security Option
  • Oracle Virtual Private Database
  • OracleAS platform security Identity Management
  • Internet Directory (LDAP)
  • User Provisioning
  • Single Sign-on
  • Certificate Authority
  • Delegated Administration Services

3
Oracle Database Security
4
Oracle DatabaseAdvanced Security Option
  • Privacy Solutions
  • Data Protection over the wire
  • Client to Server
  • Mid tier to Server
  • Dataguard (Primary to Standby)
  • JDBC (thick and thin), OCI
  • Strong Authentication
  • Strong alternatives to passwords
  • Industry Standard Solutions
  • PKI, Kerberos, RADIUS

5
Oracle DatabaseAdvanced Security Option
Native ASO (client/server)
SSL (Internet)
RC4
RC4
Crypto
AES
AES
3DES
3DES
MD5
MD5
Integrity
SHA-1
SHA-1
Kerberos, Radius (tokens, chip cards)
certificates X.509 version3
Authenti cation
6
Oracle DatabaseVirtual Private Database
  • Column Relevant Policies
  • Policy enforced only if specific columns are
    referenced
  • Increases row level security granularity

7
Oracle Database Virtual Private Database
  • Column Filtering
  • Optional VPD configuration to return all rows but
    filter out column values in rows which dont meet
    criteria

8
Oracle Label Security
  • Pre-enabled row level security
  • Built on Virtual Private Database
  • Label Based Access Control (LBAC) framework
  • Based on stringent government and commercial
    requirements for row level security
  • Data access is based on sensitivity labels and
    customizable enforcement options
  • Leverages Identity Management for
  • Labels
  • Identities and roles
  • Policy information

9
OracleAS Identity Management
10
Oracle Application Server 10g
11
Identity Management
12
Identity Management Components
13
Internet Directory
  • Scalability
  • Millions of users
  • 1000s of simultaneous clients
  • High availability
  • Multimaster Fan-out replication
  • Hot backup/recovery, RAC, etc.
  • Manageability
  • Grid Control multi-node monitoring
  • Security
  • Comprehensive password policies
  • Role policy based access control
  • Auditability
  • Extensibility Virtualization
  • Plug-in Framework
  • Attribute and namespace virtualization
  • External authentication
  • Custom password policies

LDAP Clients
OID Server
Directory Admin Console
Oracle Database
14
Directory Integration
External Directories
DirectoryIntegrationService
SunOne
Active Directory
OracleInternet Directory
Oracle HR
Oracle DB
OpenLDAP
eDirectory
Connectors
15
Provisioning Integration
Corporate HR (Employee Enrollment)
Portal
eMail
ERP,CRM,
OID
Helpdesk Admin
Event Notification Engine
Policy Workflow Engine
Portal Admin
Partner Provisioning System
eMail Admin
Oracle Provisioning Integration Service
Self-service (Pswds, preferences)
16
Single Sign-On
OracleAS Enabled Environment
ERP, CRM,
OracleAS Single Sign-on
Portal
PKI, pwd, Win2K Native Auth
Partner SSO (Netegrity, RSA, Oblix)
SecureID, Biokey,
  • Integrates Oracle and partner-SSO enabled apps
  • Transparent access to DB Tier, 3rd party web apps
  • Multiple AuthN options
  • Different auth modes to match application
    security levels

Federation / Liberty
Partner SSO Enabled Environment
Extranet
17
Certificate Authority
Oracle Internet Directory
  • Solution for strong authentication / PKI
  • Easy provisioning of X.509v3 digital certificates
    for end users
  • Web Based certificate management and
    administration
  • Seamless integration with Oracle Application
    Server Single Sign-On OID

User
Oracle Single Sign-On

Metadata Repository
Oracle Certificate Authority
Secure IT Facility
18
Delegated Administration Services
  • Admin console w/ role-based customization
  • User / group management
  • End-user vs Admin views
  • Admin delegation
  • End-user self-service
  • Self service provisioning
  • Set preferences, Org-chart
  • Pswd reset
  • Embeddable admin components
  • For integration with Apps
  • Extensively configurable
  • Accommodate new applications
  • Customize UI views

19
Oracle Security and Identity Management
  • Key component of Oracles overall security
    strategy
  • Provides an integrated identity management
    infrastructure built upon Oracles unbreakable
    technology
  • Centralizes security management of Oracle
    applications across the enterprise
  • Provides a robust, standards-based platform for
    security services to the entire enterprise
Write a Comment
User Comments (0)
About PowerShow.com