SANS Institute Product Review: Oracle Entitlements Server

2,090 views 24 slides Mar 21, 2012

Slide 1 of 24

About This Presentation

Webcast covering SANS Institute's Product Review of Oracle Entitlements Server

Size: 2.67 MB

Language: en

Added: Mar 21, 2012

Slides: 24 pages

Slide Content

Demystifying External Authorization: Oracle Entitlements Server Product Review Tanya Baccam , Senior Instructor and Courseware Author, SANS Roger Wigenstam, Sr. Director of Product Management, Oracle © 2012 The SANS™ Institute - www.sans.org

Speakers Senior Instructor SANS Tanya Baccam Sr. Director Product Management Roger Wigenstam

Agenda External Authorization Overview Oracle Entitlements Server Product Review Q&A

Defining External Authorization Data Applications Web Services Data redaction and filtering for data at rest and data in motion. Fine-grained access to applications based on roles, entitlements, attributes , runtime context Access control for sensitive documents stored in portals and content management systems based on roles and identity attributes Portals “Managing granular access permissions for applications, middleware and databases by externalizing and centralizing standards-based authorization policies.” Context-Aware Access Control Data filtering for standards-based web services

Regulatory Considerations Role Explosion Fragmented Security Why Is It Important? Regulations are getting complex and often demand enforcement of Granular Access Privileges Role explosion makes it difficult to secure transactions and data based on roles Authorization policies are often hardwired into application business logic

Applying External Authorization Content Collaboration Privacy Confidentiality Regulation Audit

Web Services (SOA) Security Web Access Control Application Transactions Relational Database Information Portals (SharePoint, etc) Common Use Cases

Oracle Entitlements Server (OES) Unified External Authorization for Applications, Web Services, Portals and Databases Standards-based Policy Enforcement at Run-time Declarative Security Model Simplifies Application Lifecycle

Real-Time Authorization Sub-millisecond Authorization Response Time ©2012 Oracle Corporation Massively scalable External Authorization Management Scales easily to large number of protected resources Hundreds of millions of users Thousands of roles From small workgroups to mission-critical deployments Authorization checks enforced with real-time latency

Comprehensive Standards Support Oracle Confidential Attribute Based Access Control XACML OpenAZ NIST Role Based Access Control Enterprise RBAC Java2 / JAAS Code Based Access Control JSR 115 / JACC* Data Security

Development FWK’s SOA XML Gateways Application Servers Portals & Content Mgmt Identity Management Data Sources Policy Store < XML > Oracle Confidential Native & Custom Integrations

Use Cases Data Security SharePoint Security Web Services Security Application Access Control

Architecture OES Admin Server PEP Identity Store Policy Store PEP PDP PEP PDP PDP Id Store PIPs Id Store PIPs Id Store PIPs

Application Access Control Web Access Control (URL-based and Fine-grained ) Attribute based Access Control (ABAC/XACML) Static and Dynamic Role Mapping Role Inheritance Separation of Duties Checks Runtime Constraint and Context-aware Policy Enforcement Integration with LDAP-based directories * Oracle Entitlements Server can be used to enforce multiple compliance requirements.

Data Security Selective Data Redaction/Filtering - Row-level security -Columnar security Centralized Authorization Policy Administration for Databases Integration with major databases (Oracle, DB2, Sybase, MySQL ) * OES enables management of access policies based on business need.

SharePoint Security Document Access Control (based on document tags, attributes, location, user, role, etc) Custom Page Content (FGA checks for ASP.NET pages ) Integration with Active Directory and LDAP-based directories * OES provides a variety of authorization decisions for different types of applications and users.

Web Services Security Integration with XML Gateways Selective Data Redaction/Filtering for SOA web services Support for a variety of message standards (XML/SOAP/REST/JMS) * Policies can be set up to secure connectivity to SOA and cloud environments..

New York April 12 th Toronto April 17 th Boston April 19 th Aberdeen Group Event Series Featuring Derek Brink Chicago April 10 th San Francisco May 22 nd Register at: www.oracle.com/identity

Platform Best Practices Agilent Technologies Available On-Demand Platform Webcast Series Oracle Customers Discussing Results of Platform Approach Cisco’s Platform Approach Cisco Systems Available On-Demand Platform for Compliance ING Bank April 11 th 2012 Platform Business Enabler Toyota Motors May 30 th 2012 Register at: www.oracle.com/identity

SANS Institute Product Review: Oracle Entitlements Server

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

SANS Institute Product Review: Oracle Entitlements Server

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Pray For The Peace Of Jerusalem and You Will Prosper

Don_t_Waste_Your_Life_God.....powerpoint

VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf

Fertility awareness methods for women in the society

Chapter 5 Arithmetic Functions Computer Organisation and Architecture

syakira bhasa inggris (1) (1).pptx.......