Академический Документы
Профессиональный Документы
Культура Документы
Introduction
Organization
Speakers
Security Spectrum
Information Security Spectrum
Oracle Identity Management Platform
Access Control
Support Architecture
Integration Flow
Integration of OID and E-Biz (GUID)
Access Gate integration
Third-party directories integration (AD)
Deployment Topology
Best Practices
PAGE 2
Agenda
PAGE 3
Introduction
Who We Are
Founded in 2000
Distinguished Oracle Leader
PAGE 4
Profile
Kashif Dhatwani
Practice Director, Identity Management and Data Security
Enterprise and Solution Architect
15+ years of experience in delivering solutions around middleware technologies including Security,
SOA , Portal and Custom developed solutions
7+ years with BIAS Corporation and Previously held positions at Oracle and IBM
Focused on delivering solutions to provide best practices and industry standards based solution to
BIAS customers
Leading team of solution and technical architects for delivery of solutions across multiple industries
Madan Shah
PAGE 5
Speakers
PAGE 6
PAGE 7
BIAS Corporation is a recognized leader in Identity & Access Management system assessment,
design and implementation. As an Oracle Platinum partner, BIAS Corporations IDM Practice
provides experienced architects who have expertise in assessment of environments, building
roadmaps, design systems with deep technical experience and implementing solutions using
experienced developers part of BIAS IDM practice.
PAGE 8
Security Spectrum
PAGE 9
Identity Management
Access Management
Mobile Security
Data Security
Security Container
Single Sign-On
Application Management
Governance
Compliance
Single Source of Truth
Provisioning / Deprovisioning
SoD Separation of Duties
Access Control
Authentication
Authorization
Single Sign-On
Multi-Factor Authentication
PAGE 10
Oracle Access
Manager (OAM)
Oracle Adaptive
Access Manager
(OAAM)
Oracle API Gateway
(OEG)
Oracle Identity
Federation (OIF)
Oracle Security
Token Services
(OSTS)
Oracle Entitlement
Server (OES)
Oracle Enterprise
SSO (OeSSO)
Mobile Security
Directory
Access
Oracle Unified
Directory (OUD)
Oracle Virtual
Directory (OVD)
Oracle Internet
Directory (OID)
Oracle Mobile
Security Suite
(OMSS)
Oracle Access
Manager (OAM)
Oracle Identity
Manager (OIM)
PAGE 11
PAGE 12
Access Control
PAGE 13
External
(partners, vendors)
Web Applications
Web Applications
Web Applications
Cloud Providers
Internal
LDAP
Architecture
PAGE 14
Cloud Providers
Federation / SSO
Access Gate
Authentication / SSO
External
(partners, vendors)
On Premise Apps
Webgate
Authentication / SSO
Web Applications
Internal
Web Applications
Web Applications
LDAP
PAGE 15
Overview
PAGE 16
Identity Management
Single Sign-On
Federation
Single Sign-On for Third-Party application partners
Single Sign-On for Cloud based applications
User Repositories
Integration with multiple user repositories
Support for commonly used LDAPs and Microsoft Active Directory
Productivity
Increase productivity of employees
Maintain compliance standards
Capability to self service such as self password management
PAGE 17
Benefits
PAGE 18
Support Architecture
E-Business
Suite
12.2.2+
E-Business
Suite 12
11.1.2.2
11.1.1.7
11.1.2.2
11.1.2.2
11.1.1.7.0
11.1.2.2.0
1.2.3.4
11.5.10.2
12.2
12.1.3
PAGE 19
PAGE 20
Integration Architecture
1. User Requests protected resource
Oracle
E-Business
Suite
Oracle
E-Business
Suite
2. User redirected to
EBS Access Gate
Protected by OAM
E-Business Suite
Access Gate
3. Webgate Intercepts
Per OAM policies
WebServer
Webgate
Oracle
Access
Manager
Oracle
Internet
Directory
PAGE 21
UID +
ORCLGUID
Web Gate
UID +
ORCLGUID
FND_USR Link
Every User
record has
unique
ORCLGUID
FND_USR Link
PAGE 22
EBS
AccessGate
WebGate
Oracle Database
Load Balancer
User
Oracle E-Business
Suite Release 12.2.2+
Web Server 1
Web Server 2
Load Balancer
OID 1
OID 2
PAGE 23
PAGE 24
Key Decisions
Provisioning
Unidirectional Provisioning
From Oracle Internet Directory to Oracle E-Business Suite only
From Oracle E-Business Suite to Oracle Internet Directory only
Bi-Directional Provisioning
From Oracle Internet Directory to Oracle E-Business Suite
From Oracle E-Business Suite to Oracle Internet Directory
Authorization
EBS responsibilities are managed within EBS
Upgrade
Existing environment can upgrade from OSSO to OAM
Co-Existence
Multiple E-Business systems using same Security Framework (Access Manager)
PAGE 25
Architectural Considerations
SSO Infrastructure
High Availability
Disaster Recovery Environment
Performance Considerations
OAM Detached Credential Collector vs Embedded Credential Collector
Multi Factor Authentication and Risk-based Authentications
PAGE 26
Best Practices
PAGE 27
Oracle created the OPN Specialized Program to showcase the Oracle partners who have achieved expertise in Oracle product areas and reached
specialization status through competency development, business results, expertise and proven success. BIAS is proud to be specialized in 30
areas of Oracle products, which include the following:
PAGE 28
Contact Us
Kashif Dhatwani
Practice Director - Identity Management & Data Security
770-685-6240
Kashif.Dhatwani@biascorp.com
PAGE 29