Oracle Access Manager

Introduction to
Oracle Identity and Access Management
Copyright 2006, Oracle. All rights reserved.
Objectives
After completing this lesson, you should be able to

describe the following:
Benefits of identity management
Identity management concepts and terminology
Oracle Identity and Access Management Suite
components
1-2
Enterprise Identity Management
Employees
Supply chain
Self-service
Web Services Security

Customers
Access control
User admin
Auditing
compliance
Provisioning
Federation
Directory
Security
administrators
Service provider
1-3
What Is Identity Management?
Identity management (IM) is a system of business

processes, policies, and technologies that:
Facilitate and control user access to online applications
and resources
Protect confidential and personal information from
unauthorized users
Identity management solutions represent a category of

interrelated solutions that are used to administer:
User authentication, account profiles, and passwords
Access rights and restrictions
Other attributes that support user roles and profiles on
one or more applications or systems
1-4
Benefits of Identity Management
Identity management technologies can provide benefits

in the following areas:
Reduction of security risks
Improved end-user experience
Regulatory compliance
Business agility
Cost containment
1-5
Identity Management: Terminology
1-6
Identity
Entitlements
Authentication
Authorization
Identity database
Security principals
Identity provisioning
Account provisioning
Identity administration
Identity management
policies
Authorization policies
Policy decision services
Identity management
realms
Centralized assertion
services
Identity policy assertion
services
Identity Management Functionality
Identity management products provide the following types

of functionality:
1-8
Directory
Services
Identity
Administration
Provisioning
Access
Management
Federation
Web Services
Security
Overview of Oracle Identity

and Access Management Suite
Oracle Internet
Directory
Oracle Identity
Federation
Oracle Web
Services
Manager
Oracle Identity
Manager
Oracle
Application Server
Single Sign-On
Oracle Access
Manager
1-9
Oracle
Virtual
Directory
Oracle Product Functionality Matrix
This table summarizes the identity management functions

that are provided by Oracle Identity and Access
Management components.
Functionality
1 - 10
Component
Directory Services
Oracle Internet Directory

Oracle Virtual Directory
Identity Administration
and Provisioning
Oracle Access Manager

Oracle Identity Manager
Access Management

OracleAS Single Sign-On
Federation
Oracle Identity Federation

Oracle Web Services Manager
Web Service Security
Oracle Web Services Manager
Directory Services
The directory services are provided by:

Oracle Internet Directory and
Oracle
Identity
Oracle Directory Integration
Federation
Platform
Oracle Internet
Directory
Oracle Identity
Manager
Oracle Web
Services
Manager
Oracle
Application Server
Single Sign-On
Oracle Access
Manager
1 - 11
Oracle
Virtual
Directory
Oracle Internet Directory:

Is an LDAP directory that is implemented in an Oracle
database
Serves as the central repository for identity and
access management
Is a key component of:
OracleAS Portal
Oracle E-Business Suite
Oracle Collaboration Suite
1 - 12
Oracle Directory Integration Platform
Oracle Directory Integration Platform is designed to

synchronize identity data across compatible Oracle
products.
It can be used for synchronizing data between Oracle
Internet Directory and other LDAP directories.
The application integration feature enables automatic
notification of identity entry changes to the target
applications.
1 - 13
Oracle Virtual Directory:

Enables real-time data joins from multiple locations
and presents data as a single logical directory (known
as the metadata directory)
Can provide an application-specific view of identity
data
Enables integration of identity
data without:
Changes to existing directories
Need for synchronizing data
between directories
1 - 14
Identity Administration and Provisioning
The Oracle Identity

Oracle Identity
Management product set Federation
comprises Oracle
Identity Manager and
Oracle Web
Services
Oracle Delegated
Manager
Administration Services.
This set addresses
automation of identity
provisioning,
Oracle
compliance, and
Application Server
enforcement of policies. Single Sign-On
Oracle Internet
Directory
Oracle Identity
Manager
Oracle Access
Manager
1 - 15
Oracle
Virtual
Directory
Oracle Identity Manager enables you to automate user

identity provisioning and deprovisioning.
Identity provisioning also helps reduce administration
costs.
Oracle Identity Manager provides attestation support.
Attestation also enables automation
of delegation, tracking, archiving,
and auditing of access.
1 - 16
Oracle Delegated Administration Services
Oracle Delegated Administration Services are part of

Oracle Internet Directory.
It has administrative interfaces for Oracle products
such as OracleAS Portal, Oracle Collaboration Suite,
Oracle Database Security Manager, and Oracle
E-Business Suite.
It has a self-service console that enables end users and
application administrators to search and manage data
in Oracle Internet Directory.
1 - 17
Access Management
Access management enables enterprises to design and

implement authentication
Oracle Identity
Oracle Internet
Federation
and authorization.
Directory
Access management
Oracle Web
products include:
Services
Manager

OracleAS Single Sign-On
Oracle Identity
Manager
Oracle
Application Server
Single Sign-On
Oracle Access
Manager
1 - 18
Oracle
Virtual
Directory
Oracle Access Manager:

Provides Web-based identity and access administration
Can be used to administer user identities in a number
of directory repositories
Supports popular authentication methods
1 - 19
Oracle Application Server Single Sign-On
OracleAS Single Sign-On:

Provides a single sign-on and sign-off facility for
Oracle and third-party Web applications
Provides a lightweight authentication solution
for Oracle products such as Oracle Portal and Oracle
Collaboration Suite
Can also be used to authenticate identities in other
repositories, such as Active Directory
1 - 20
Oracle Identity Federation:

Combines the ease of a stand-alone application with a
scalable, standards-based interoperable architecture
Helps corporations securely link their operations with
partners
1 - 21
Oracle Application Server Infrastructure:

Components
Oracle Application Server Infrastructure comprises the
identity and access management products:
Oracle Directory Integration
Platform
Oracle Application Server
Single Sign-On
Oracle Delegated
Administration Services
1 - 22
Summary
In this lesson, you should have learned to describe the

following:
Benefits of identity management
Identity management concepts and terminology
Oracle Identity and Access Management Suite
components
1 - 23

Oracle Access Manager

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Oracle Access Manager

Uploaded by

Copyright:

Available Formats

Introduction to

Oracle Identity and Access Management

Copyright 2006, Oracle. All rights reserved.

After completing this lesson, you should be able to

Copyright 2006, Oracle. All rights reserved.

Enterprise Identity Management

Web Services Security

Copyright 2006, Oracle. All rights reserved.

What Is Identity Management?

Identity management (IM) is a system of business

Identity management solutions represent a category of

Copyright 2006, Oracle. All rights reserved.

Benefits of Identity Management

Identity management technologies can provide benefits

Copyright 2006, Oracle. All rights reserved.

Identity Management: Terminology

Copyright 2006, Oracle. All rights reserved.

Identity Management Functionality

Identity management products provide the following types

Copyright 2006, Oracle. All rights reserved.

Overview of Oracle Identity

Copyright 2006, Oracle. All rights reserved.

Oracle Product Functionality Matrix

This table summarizes the identity management functions

Oracle Internet Directory