News Stay informed about the latest enterprise technology news and product updates.

Oracle Identity Manager adds provisioning, compliance features

Oracle's head of security and identity management development talks about the latest version of Oracle Identity Manger and Oracle's overall identity management strategy.

A new version of Amit Jasuja

What's the overall theme of the latest release of Oracle Identity Manager?

Amit Jasuja: It's compliance -- essentially easing the burden on a typical enterprise for dealing with regulatory compliance.

Where does Oracle see its customers struggling with regard to compliance issues these days?

Jasuja: Companies are dealing with the requirements of compliance and I think the challenges there are twofold: Number one, I think the regulations themselves continue to evolve and I think both regulators and companies are trying to work together to come up with what is a sustainable compliance model. The bottom line is that people are giving feedback, companies are doing what they need to, auditors are coming and taking a look at what the results are and they're fine tuning that whole approach. The second area that people are struggling with [focuses on] how you make being compliant sustainable by way of cost. Assuming for a minute that you know what the regulators need, how do you make sure that you can produce those results without too much manual overhead, with a high degree of accuracy, etc.? Identity management deals with an element of [regulatory compliance] and the element that we focus on is who has access to what. So it's really the identity audit capabilities that we've dealt with in this latest release.

What are some of the key new features found in the new version?

Jasuja: We've added a rule engine to the attestation definition process [and] you can be very granular [with regard to what] are the subsets of the applications and the subsets of the users that you want to take through the attestation process. Another feature in there is the ability to close the attestation process before it is 100% completed.

That was one key area. The second key area that I'd like to highlight is reporting. In the compliance area one of the key things that companies look for is more and more out of the box reports because these reports are fairly complex. You're looking at who has access to what data, you're looking at historical audit records of who used to have access to a particular system, and combining all of these data sources is often challenging. So, we've been continuously adding more and more reports that are more out-of-the-box for customers to be able to use immediately. One specifically that I'd highlight is a report which essentially shows what we call rogue accounts and rogue entitlements. The idea here is that we are able to [suggest] who should have access to a particular system based on company policy and we compare that against who actually has access to these systems.

Are there any other new features you'd like readers to know about?

Jasuja: One more key area is that most companies have very complicated and sophisticated workflow and approval steps that they take as a part of the identity management process. We've always had the ability to do very flexible workflow, which requires no scripting and no coding -- we actually generate Java code based on the configuration design counsel that we offer to customer. What we've done with this release is add a brand new graphical designer for workflows that basically becomes a part of our adaptor factory, so now you can actually do graphical design for your workflow. It works with exactly the same back end model which still requires no coding, no scripting and it works with exactly the same approach. [The idea] is to make it easier for the business user to design and implement what they would like to see from a corporate standpoint.

More on Oracle Identity Management:

Aeronautical university takes identity management to new heights

Oracle integrates Oblix
Oracle picks up two identity management firms

Could you go over some of the key identity management acquisitions Oracle has made and explain how those acquired companies fit into Oracle's overall identity management strategy?

Jasuja: To kind of like roll back the acquisitions: We did one acquisition [in 2004] and then in 2005 we acquired three companies: Oblix, Thor Technologies and OcetString. The specific [technologies] in the latest release that we're talking about today [stem from the] Thor Technologies [acquisition]. And then last year we did two more acquisitions: A company called Bharosa, and Bridgestream. In total, there were six acquisitions over the last four years and they're all a part of our Identity Management Suite now, and these products all address different segments of the identity management market.

To talk about a couple of key ones, Thor Technologies was essentially the foundation of our provisioning products. All of our provisioning capabilities from enterprise user administration and compliance management [standpoints] come from this product. The provisioning software serves as kind of a backbone to unify all the user repositories and user management across all of [the] disparate Oracle applications.

Bridgestream [gave us] a product called Oracle Role Manager. Role management is kind of a key area for companies as they move forward and try to bring some sanity into how they do compliance and how they do provisioning. The challenge they face is that a typical company with 10,000 employees often has 20,000 or 30,000 roles. That obviously isn't going to work if you've got more roles than you've got people. So, with Oracle Role Manager, what we're doing is bringing the ability for people to define their roles in a more systematic way.

Recently, I spoke with

Dig Deeper on Oracle database security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.