Beyond adding new compliance features and support for emerging and existing standards, the companys also sticking to its guns when it comes to going heterogeneous with the Release 3 of Oracle Identity Management 10g, due by years end.
Oracle is set to give details on the new release on Feb. 14 at the RSA security conference.
The new release breaks out of the Oracle box with updated integration with BEA WebLogic 9.0, IBM WebSphere 6.0 and SAP Enterprise Portal 6.0, and advanced integration with Microsoft Active Directory, eDirectory and OpenLDAP.
Also, components of Oracle IM 10g R3 are certified for use with Oracles JD Edwards and PeopleSoft applications. Connectors are available as well for Oracle E-Business Suite and Siebel applications.
Back when Oracle bought OctetString and Thor Technologies last year, analysts charged Oracle with needing to integrate its Identity Management components.
That was a focus in R3, to the extent that the product now features single sign-on for SAP and integrates with the slew of products Oracle has acquired over the past year, according to Amit Jasuja, vice president of Identity Management Product Development for Oracle, based in Redwood Shores, Calif.
Tighter integration also means that R3 now features single sign-on to Oracle Xellerate Identity Provisioning from CoreID Access and Identity. Oracle Virtual Directory is certified with Oracle Internet Directory and CoreID Access and Identity, and Xellerate Identity Provisioning is certified on Oracle Application Server 10g.
But what Oracle wants most to point to in R3 are the pumped-up compliance features. Oracle Xellerate Identity Provisioning is bringing new automated process controls to help conduct faster audits, aiming to lower compliance costs.
Jasuja said the biggest highlight in R3 is the work the company has done to make staying compliant a lot easier and a lot more automated.
The way Oracle is doing this is by managing and tracking not only what an individual has access to today, but also what a person had access to, for example, six months ago. The access snapshot is stored in a separate database.
The reason behind this approach is the time lag that typically occurs between security breach and discovery, Jasuja said.
"When companies discover a breach, typically it happened at a point in the past," he said. "OK, who had access on Jan. 1, 2006? is a very difficult problem to solve. Companies have had to manage audit log files, have had to root through them to find who did what between Jan. 1 and now."
R3s Xellerate Identity Provisioning captures users current and historical privileges, automatically generating periodic snapshots—on a weekly or monthly basis, for example. Its highly configurable as to time frame or to tracking access to particular applications or providing snapshots to whatever applications particular user communities have access to, Jasuja said. It can also execute corrective actions to meet compliance demands.