Oracle Identity Management 10g R3 Unites Tech

By Lisa Vaas  |  Posted 2006-02-09

Oracle Identity Management 10g R3 Unites Tech

Oracle is set to announce details about the first update to Oracle Identity Management 10g that ties together the identity technology it gobbled up in November—Thor Technologies cross-platform provisioning technologies and OctetStrings virtual directory software.

Beyond adding new compliance features and support for emerging and existing standards, the companys also sticking to its guns when it comes to going heterogeneous with the Release 3 of Oracle Identity Management 10g, due by years end.

Oracle is set to give details on the new release on Feb. 14 at the RSA security conference.

The new release breaks out of the Oracle box with updated integration with BEA WebLogic 9.0, IBM WebSphere 6.0 and SAP Enterprise Portal 6.0, and advanced integration with Microsoft Active Directory, eDirectory and OpenLDAP.

Also, components of Oracle IM 10g R3 are certified for use with Oracles JD Edwards and PeopleSoft applications. Connectors are available as well for Oracle E-Business Suite and Siebel applications.

Back when Oracle bought OctetString and Thor Technologies last year, analysts charged Oracle with needing to integrate its Identity Management components.

That was a focus in R3, to the extent that the product now features single sign-on for SAP and integrates with the slew of products Oracle has acquired over the past year, according to Amit Jasuja, vice president of Identity Management Product Development for Oracle, based in Redwood Shores, Calif.

Tighter integration also means that R3 now features single sign-on to Oracle Xellerate Identity Provisioning from CoreID Access and Identity. Oracle Virtual Directory is certified with Oracle Internet Directory and CoreID Access and Identity, and Xellerate Identity Provisioning is certified on Oracle Application Server 10g.

But what Oracle wants most to point to in R3 are the pumped-up compliance features. Oracle Xellerate Identity Provisioning is bringing new automated process controls to help conduct faster audits, aiming to lower compliance costs.

Click here to read more about Oracle Enterprise Manager 10g R2.

Jasuja said the biggest highlight in R3 is the work the company has done to make staying compliant a lot easier and a lot more automated.

The way Oracle is doing this is by managing and tracking not only what an individual has access to today, but also what a person had access to, for example, six months ago. The access snapshot is stored in a separate database.

The reason behind this approach is the time lag that typically occurs between security breach and discovery, Jasuja said.

"When companies discover a breach, typically it happened at a point in the past," he said. "OK, who had access on Jan. 1, 2006? is a very difficult problem to solve. Companies have had to manage audit log files, have had to root through them to find who did what between Jan. 1 and now."

R3s Xellerate Identity Provisioning captures users current and historical privileges, automatically generating periodic snapshots—on a weekly or monthly basis, for example. Its highly configurable as to time frame or to tracking access to particular applications or providing snapshots to whatever applications particular user communities have access to, Jasuja said. It can also execute corrective actions to meet compliance demands.

Next Page: Component enhancements and flexible replication.

Component Enhancements and Flexible


Another highlight in R3 is its multilingualism: The release features enhanced internationalization and localization support for 28 languages, including Arabic and Japanese. "Its really geared toward customers that are global," Jasuja said.

As far as component enhancements go, Oracle CoreID Access and Identity is picking up advanced password management capabilities in R3.

Its also been seamlessly integrated with Oracle Identity Provisioning and features enhanced integration with PeopleSoft Enterprise, JD Edwards, Oracle E-Business Suite and SAP applications.

Oracle Virtual Directory gained updated audit and reporting features, along with scenario wizards for increased ease of use with Oracle CoreID Identity and Access, IBM Tivoli and Microsoft Active Directory.

Support for current emerging standards is featured in Oracle CoreID Federation, which picked up support for SAML 2.0, including the X.509 Attribute Sharing Profile, as well as for SAML 1.0 and 1.1. CoreID Federation also now supports Liberty ID-FF 1.1 and 1.2, along with WS-Federation specs and a new bulk federation utility that facilitates account linking.

Oracle Internet Directory has been updated with flexible replication topologies, as well as updatable fan-out replication. This pertains to how companies typically set up directories when they have multiple data centers.

An organization may have, within two data centers, two separate copies of Oracles Internet Directory, for example. Applications talk to whichever directory product has the highest amount of bandwidth available as the data centers attempt to balance load.

The challenge is to keep four directory copies synched so they contain the same information.

Fan-out replication is having two masters replicating but also fanning out to local copies set up as another sequence of replication steps. This feature is designed to make sure customers have highly available directory infrastructure across data centers.

Read more here about security and compliance features in Oracle Database 10g.

Oracle has also done a fair amount of work to support different topologies, Jasuja said, to optimize for customers who have single or multiple copies of the directory in the data center.

R3 also features integration with Oracle Enterprise Manager, which gives a single management console through which components can be centrally administered and monitored.

Oracle also plans to announce at RSA new Identity Management customers, spanning industries and the globe, such as Bechtel, Avago, iNuntius, MTA Long Island Rail Road and Volkswagen Credit.

Bechtel, for example, is using the suite for securing access to employees accessing portals. Orient Overseas Container Line is doing the same for business partners as it manages access to shipping information and container reservation systems, while Volkswagen Credit is doing the same with its customers.

Oracle is also expanding its partner programs. It plans to launch the Oracle Security and Identity Management Partner Initiative, which will enable incremental go-to-market activities for select security and identity management partners.

Oracle Identity Management 10g Release 3 is scheduled for general availability by the end of fiscal year 2006.

Editors Note: This story was updated to clarify the products release date.

Check out eWEEK.coms for the latest database news, reviews and analysis.

Rocket Fuel