SlideShare ist ein Scribd-Unternehmen logo

Oracle 4월 20일

Cana Ko
Cana Ko
Bildung
1 von 27
Downloaden Sie, um offline zu lesen
<Insert Picture Here> Protecting Cloud Applications with Enterprise Single Sign On 임기성, Principal Sales Consultant
Enterprise Application Goals Fast, Secure Access To Systems and Applications is Critical To Accomplishing Your Business Objectives Operational Security & Efficiency Compliance Operating Risk Costs
The Business Problem • Bad password management reduces security • Weak passwords are easy to guess or hack • Strong passwords get written down and our vulnerable • Password synchronization results in “Keys to the Kingdom” • Employees Lose Productivity managing passwords • Complex userid’s and passwords are hard to remember • Employees get locked out of applications resulting in helpdesk calls • Assure GRC Policies are Met (Compliance) • HIPAA 164, PCI, SOX 404, HSPD – 12 • All Compliance initiatives are driven around • Assuring only the appropriate people have access to applications • Auditing when and by whom that application was accessed
Enterprise Access Challenges • Users have too many ID’s & passwords • Need Access from anywhere Sign-on • Hard to know who has • Users forget Windows access to what passwords • Secure delivery of • Strong authentication application credentials is too complex and to end users expensive to deploy
Cloud applications are proliferating • More services being offered in a hosted manner – CRM – Personal Productivity Products – Business Intelligence • Provide many benefits to the organization – No need to procure large and complex infrastructure – No deployment or maintenance costs associated – Provides easy access to information from anywhere
Drawbacks of cloud applications • Add another set of credentials for users to maintain • Securing access to those applications • Controlling access to only those who need it – Changing roles – Termination • Auditing access to the application
Oracle ESSO: Solves Access Challenges Cumulative # of Licenses Sold • Established track record – Passlogix Founded in 1996 – Proven history of success as Oracle OEM provider since 2006 – Oracle Acquires Passlogix in Oct 2010 • Market-leading – 20 million+ licenses sold – 1,500+ enterprise customers – 10,000’s of applications – Customers with millions of employees • Patented technology – Provides fast deployment, quick ROI – 2 US patents and 7 foreign, additional pending
Recognized Leadership “Passlogix has been very successful early on in the IAM market with its Enterprise SSO. Passlogix [has] a solid reputation and name recognition not typically realized by a company of its size.” “Passlogix has some highly functional ESSO technology … they often pioneer in the market…” “Passlogix provides an excellent, lightweight, low maintenance SSO solution, suitable for deployments of any scale … and it is seen as a “best of breed” enterprise SSO product – the general good opinion in which it is held …” 100% of customers would buy it again 100% of customers would recommend it to a peer 100% of customers said Passlogix keeps all promises 71% ranked Passlogix as their Best or 2nd Best Vendor “The company goes around a problem .... It is far different from thinking out of the box. It's refusing to acknowledge that the box exists in the first place.”
Deployed by Leading Customers Financial Healthcare / Pharmaceuticals Licenses: 1.6 million + Licenses: 600,000+ Energy Government Licenses: 500,000+ Licenses: 700,000+
Oracle ESSO Value Proposition Complex Reduced Growing Helpdesk Compliance Employee Security Nightmare Environment Productivity Risks Assure 80% Call Quicker Simplified GRC Volume Application Secure Policies Reduction Access Access Avoid Fines, No Strong Auth Enforce Litigation, Downtime to Ensure Strong Loss of with Acct Identity Policies Revenue Lockouts
Oracle ESSO Suite Plus ESSO Logon Manager ESSO Anywhere Sign-On ESSO Kiosk Manager Sign-on ESSO Provisioning ESSO Password Reset Gateway ESSO Logon Manager ESSO Authentication Manager
ESSO Logon Manager Overview
ESSO Logon Manager (ESSO-LM) ESSO Admin Console Directory, Domain, Windows Database Password Audit, Web Sites Reporting Synch PKI API Mainframes (OS390, AS400) Credential & Profile Store Java Biometrics ESSO AM ESSO Logon Extranet & Manager Portal Token/ Smart card User Authentication User’s Desktop Application Sign-On
ESSO LM Provides Efficient Security • Enforces strong password policies Manage • Optionally can generate random passwords not known by Passwords users • Leverage corporate strong authentication deployment Integrate • Challenge for re-authentication prior to providing credentials Strong Auth to the application • All logon events are audited and associated to an enterprise Ensure user name Compliance • Track all password change events to comply with security
Sample Report
ESSO creates Strong Passwords Randomly Generated Password look like this:
Controlling User’s Access • More challenging then conventional applications – Hosted applications can be accessed from anywhere – Disabling network ID does not terminate application access • ESSO LM does not allow user’s to reveal passwords • This allows easy removal of access – Disable windows account – Remove SSO password through ESSO Provisioning Gateway
Access the cloud anytime, from anywhere Cloud Application
ESSO from Anywhere Cloud Applications Remote PC ESSO-LM Agent
How It Works 1. User logs on to portal with SSL VPN 2. ESSO-LM downloads, runs ESSO-LM 3. ESSO-LM authenticates to corporate directory ESSO-LM Corporate Directory 4. ESSO-LM retrieves credentials ESSO-LM 5. User launches application (e.g. SAAS CRM) automatically signed on by ESSO-LM 6. User signs off, credentials and ESSO-LM deleted
ESSO Provisioning Gateway Provisioning Oracle Identity Manager Applications & Custom Programs Data file and Manual Entry Sources Connectors Oracle Windows ESSO PG SPML Password Server Web Sites Mainframes PKI Directory, (OS390, AS400) Domain, Database Java Provisioning Credentials Biometrics Instructions Extranet & ESSO Logon Manger Portal Token/ Smart card User Auth User’s Desktop Application Sign-On
ESSO-KM Architecture eSSO Admin Console Define kiosk policies and settings AD, LDAP, SQL Retrieves policies and settings Windows Events Monitor App. Shutdown Web, Extranet, LDAP Logon Sign-off Portal - time out - keystroke xmit - card removal - closure request Java - tap out - process terminate Session Actions Mainframes initiate, suspend, screen saver, terminate (OS390, AS400)
ESSO Password Reset Architecture ESSO Reset Reset Server Windows Logon Audit, Reporting Domain Admin ESSO PR Console
ESSO-UAM General Architecture Key Innovations • Simplicity over security ESSO-LM • Natively designed for all methods Admin Console • Client-side architecture Active Directory • No proprietary database •Card serial #, PIN •User Windows id, password •Policies (e.g. PIN length) •Settings (e.g. force user enrollment) Card serial # ESSO-UAM User enrollment Actual authentication PIN reset Cache - disconnected use PIN
For More Information search.oracle.com Identity management or oracle.com/identity
Summary • Simplify access to cloud applications through ESSO • Increase security by maintaining user’s password for them • Audit all access to the application for Regulatory Compliance • Enforce all policies from any computer with internet access
Oracle 4월 20일

Empfohlen

Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
Đỗ Duy Trung
 
SAP Single Sign-On 2.0 Overview
SAP Single Sign-On 2.0 OverviewSAP Single Sign-On 2.0 Overview
SAP Single Sign-On 2.0 Overview
SAP Technology
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ON
Shambhavi Sahay
 
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAMLAlfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
J V
 
Single sign on
Single sign onSingle sign on
Single sign on
guest64ab8e
 
Sybase Afaria için Samsun Advanced Enterprise Server Farkları
Sybase Afaria için Samsun Advanced Enterprise Server FarklarıSybase Afaria için Samsun Advanced Enterprise Server Farkları
Sybase Afaria için Samsun Advanced Enterprise Server Farkları
Sybase Türkiye
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
Devam Shah
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The Basics
Ishan A B Ambanwela
 

Empfohlen

Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
Đỗ Duy Trung
 
SAP Single Sign-On 2.0 Overview
SAP Single Sign-On 2.0 OverviewSAP Single Sign-On 2.0 Overview
SAP Single Sign-On 2.0 Overview
SAP Technology
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ON
Shambhavi Sahay
 
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAMLAlfresco: Implementing secure single sign on (SSO) with OpenSAML
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
J V
 
Single sign on
Single sign onSingle sign on
Single sign on
guest64ab8e
 
Sybase Afaria için Samsun Advanced Enterprise Server Farkları
Sybase Afaria için Samsun Advanced Enterprise Server FarklarıSybase Afaria için Samsun Advanced Enterprise Server Farkları
Sybase Afaria için Samsun Advanced Enterprise Server Farkları
Sybase Türkiye
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
Devam Shah
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The Basics
Ishan A B Ambanwela
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
Ajit Dadresa
 
Layer 7 SecureSpan Solution
Layer 7 SecureSpan SolutionLayer 7 SecureSpan Solution
Layer 7 SecureSpan Solution
CA API Management
 
Soa Security Testing
Soa Security TestingSoa Security Testing
Soa Security Testing
Jaipal Naidu
 
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based ApplicationSoa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
Jaipal Naidu
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
SafeNet
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
OracleIDM
 
Slide 1 - Authenticated Reseller SSL Certificate Authority
Slide 1 - Authenticated Reseller SSL Certificate AuthoritySlide 1 - Authenticated Reseller SSL Certificate Authority
Slide 1 - Authenticated Reseller SSL Certificate Authority
webhostingguy
 
Declarative security-oes
Declarative security-oesDeclarative security-oes
Declarative security-oes
OracleIDM
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
OracleIDM
 
Food and Beverage Automation with InduSoft Web Studio
Food and Beverage Automation with InduSoft Web StudioFood and Beverage Automation with InduSoft Web Studio
Food and Beverage Automation with InduSoft Web Studio
AVEVA
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
 
Single Sign On - Case Study
Single Sign On - Case StudySingle Sign On - Case Study
Single Sign On - Case Study
Ebizon
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
CA API Management
 
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
Atlanta Salesforce UG Meeting 2/23/2011 SymplifiedAtlanta Salesforce UG Meeting 2/23/2011 Symplified
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
vraopolisetti
 
Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4
OracleIDM
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
OracleIDM
 
Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013
Dr. Ranbijay Kumar
 
SAML and Liferay
SAML and LiferaySAML and Liferay
SAML and Liferay
Mika Koivisto
 
Ioug webcast entitlements in check
Ioug webcast entitlements in checkIoug webcast entitlements in check
Ioug webcast entitlements in check
OracleIDM
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
webhostingguy
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Hitachi ID Systems, Inc.
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
CA API Management
 

Weitere ähnliche Inhalte

Was ist angesagt?

A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
SafeNet
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
OracleIDM
 
Slide 1 - Authenticated Reseller SSL Certificate Authority
Slide 1 - Authenticated Reseller SSL Certificate AuthoritySlide 1 - Authenticated Reseller SSL Certificate Authority
Slide 1 - Authenticated Reseller SSL Certificate Authority
webhostingguy
 
Declarative security-oes
Declarative security-oesDeclarative security-oes
Declarative security-oes
OracleIDM
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
OracleIDM
 
Single Sign On - Case Study
Single Sign On - Case StudySingle Sign On - Case Study
Single Sign On - Case Study
Ebizon
 
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
Atlanta Salesforce UG Meeting 2/23/2011 SymplifiedAtlanta Salesforce UG Meeting 2/23/2011 Symplified
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
vraopolisetti
 
Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4
OracleIDM
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
OracleIDM
 
Ioug webcast entitlements in check
Ioug webcast entitlements in checkIoug webcast entitlements in check
Ioug webcast entitlements in check
OracleIDM
 

Was ist angesagt? (19)

Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
 
Layer 7 SecureSpan Solution
Layer 7 SecureSpan SolutionLayer 7 SecureSpan Solution
Layer 7 SecureSpan Solution
 
Soa Security Testing
Soa Security TestingSoa Security Testing
Soa Security Testing
 
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based ApplicationSoa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
 
Slide 1 - Authenticated Reseller SSL Certificate Authority
Slide 1 - Authenticated Reseller SSL Certificate AuthoritySlide 1 - Authenticated Reseller SSL Certificate Authority
Slide 1 - Authenticated Reseller SSL Certificate Authority
 
Declarative security-oes
Declarative security-oesDeclarative security-oes
Declarative security-oes
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
 
Food and Beverage Automation with InduSoft Web Studio
Food and Beverage Automation with InduSoft Web StudioFood and Beverage Automation with InduSoft Web Studio
Food and Beverage Automation with InduSoft Web Studio
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
 
Single Sign On - Case Study
Single Sign On - Case StudySingle Sign On - Case Study
Single Sign On - Case Study
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
 
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
Atlanta Salesforce UG Meeting 2/23/2011 SymplifiedAtlanta Salesforce UG Meeting 2/23/2011 Symplified
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
 
Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
 
Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013Ranbijay Kumar - BlackBerry Jam Americas 2013
Ranbijay Kumar - BlackBerry Jam Americas 2013
 
SAML and Liferay
SAML and LiferaySAML and Liferay
SAML and Liferay
 
Ioug webcast entitlements in check
Ioug webcast entitlements in checkIoug webcast entitlements in check
Ioug webcast entitlements in check
 

Andere mochten auch

OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
webhostingguy
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
CA API Management
 
Bridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapBridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On Gap
OracleIDM
 

Andere mochten auch (7)

OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConference
 
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
 
Con8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalCon8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - final
 
Bridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapBridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On Gap
 

Ähnlich wie Oracle 4월 20일

Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
deimos
 
Application Services On The Web Sales Forcecom
Application Services On The Web Sales ForcecomApplication Services On The Web Sales Forcecom
Application Services On The Web Sales Forcecom
QConLondon2008
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
guest536dd0e
 
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
Markus Eisele
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
wardell henley
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the Enterprise
Akana
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement Management
Noam Bunder
 

Ähnlich wie Oracle 4월 20일 (20)

Layer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanLayer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpan
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
 
SANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements ServerSANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements Server
 
Application Services On The Web Sales Forcecom
Application Services On The Web Sales ForcecomApplication Services On The Web Sales Forcecom
Application Services On The Web Sales Forcecom
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
What is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign OnWhat is SSO? An introduction to Single Sign On
What is SSO? An introduction to Single Sign On
 
WSO2 Identity Server - Product Overview
WSO2 Identity Server - Product OverviewWSO2 Identity Server - Product Overview
WSO2 Identity Server - Product Overview
 
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
 
Fine Grained Authorization: Technical Insights for Using Oracle Entitlements ...
Fine Grained Authorization: Technical Insights for Using Oracle Entitlements ...Fine Grained Authorization: Technical Insights for Using Oracle Entitlements ...
Fine Grained Authorization: Technical Insights for Using Oracle Entitlements ...
 
Password Express - Data Sheet
Password Express - Data SheetPassword Express - Data Sheet
Password Express - Data Sheet
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
 
Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel Oleson
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the Enterprise
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the Enterprise
 
Intro to Identity Management
Intro to Identity ManagementIntro to Identity Management
Intro to Identity Management
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement Management
 
Layer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and ComplexityLayer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and Complexity
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
 
eMAS Indentity and Access Management
eMAS Indentity and Access ManagementeMAS Indentity and Access Management
eMAS Indentity and Access Management
 

Mehr von Cana Ko

북Tv365_쓰고 상상하고 실행하라_문준호_111207
북Tv365_쓰고 상상하고 실행하라_문준호_111207북Tv365_쓰고 상상하고 실행하라_문준호_111207
북Tv365_쓰고 상상하고 실행하라_문준호_111207
Cana Ko
 
북Tv365 나는 영화가 좋다 이창세_111130
북Tv365 나는 영화가 좋다 이창세_111130북Tv365 나는 영화가 좋다 이창세_111130
북Tv365 나는 영화가 좋다 이창세_111130
Cana Ko
 
북Tv365_10년의 기다림 김창수_111123
북Tv365_10년의 기다림 김창수_111123북Tv365_10년의 기다림 김창수_111123
북Tv365_10년의 기다림 김창수_111123
Cana Ko
 
북Tv365 서른 life 사전 이재은_111116
북Tv365 서른 life 사전 이재은_111116북Tv365 서른 life 사전 이재은_111116
북Tv365 서른 life 사전 이재은_111116
Cana Ko
 
북Tv365_책에 미친 청춘_김애리_111102
북Tv365_책에 미친 청춘_김애리_111102북Tv365_책에 미친 청춘_김애리_111102
북Tv365_책에 미친 청춘_김애리_111102
Cana Ko
 
북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102
Cana Ko
 
북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102
Cana Ko
 
Talk IT_Oracle AP_이진호 부장_111102
Talk IT_Oracle AP_이진호 부장_111102 Talk IT_Oracle AP_이진호 부장_111102
Talk IT_Oracle AP_이진호 부장_111102
Cana Ko
 
Talk IT_CA_정성엽_111028
Talk IT_CA_정성엽_111028Talk IT_CA_정성엽_111028
Talk IT_CA_정성엽_111028
Cana Ko
 
북포럼 227회 재즈스타일 전진용 111026
북포럼 227회 재즈스타일 전진용 111026북포럼 227회 재즈스타일 전진용 111026
북포럼 227회 재즈스타일 전진용 111026
Cana Ko
 
Talk IT_ IBM_나병준_111025_Session2
Talk IT_ IBM_나병준_111025_Session2Talk IT_ IBM_나병준_111025_Session2
Talk IT_ IBM_나병준_111025_Session2
Cana Ko
 
111025 session 1
111025 session 1111025 session 1
111025 session 1
Cana Ko
 
Talk IT_ Oracle_정봉기_111025
Talk IT_ Oracle_정봉기_111025Talk IT_ Oracle_정봉기_111025
Talk IT_ Oracle_정봉기_111025
Cana Ko
 
북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019
북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019
북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019
Cana Ko
 
북포럼_고민이 없다면 20대가 아니다_고영혁_111012
북포럼_고민이 없다면 20대가 아니다_고영혁_111012북포럼_고민이 없다면 20대가 아니다_고영혁_111012
북포럼_고민이 없다면 20대가 아니다_고영혁_111012
Cana Ko
 
Talk IT_ Oracle_최대진_111012
Talk IT_ Oracle_최대진_111012Talk IT_ Oracle_최대진_111012
Talk IT_ Oracle_최대진_111012
Cana Ko
 
Talk IT_ Oracle_전태준_111012
Talk IT_ Oracle_전태준_111012Talk IT_ Oracle_전태준_111012
Talk IT_ Oracle_전태준_111012
Cana Ko
 
Talk IT_ Agilent_최석근_111007
Talk IT_ Agilent_최석근_111007Talk IT_ Agilent_최석근_111007
Talk IT_ Agilent_최석근_111007
Cana Ko
 
북포럼_1초에 가슴을 울려라_ 최병광_111005
북포럼_1초에 가슴을 울려라_ 최병광_111005북포럼_1초에 가슴을 울려라_ 최병광_111005
북포럼_1초에 가슴을 울려라_ 최병광_111005
Cana Ko
 
Talk IT_ CA_조상원_110930
Talk IT_ CA_조상원_110930Talk IT_ CA_조상원_110930
Talk IT_ CA_조상원_110930
Cana Ko
 

Mehr von Cana Ko (20)

북Tv365_쓰고 상상하고 실행하라_문준호_111207
북Tv365_쓰고 상상하고 실행하라_문준호_111207북Tv365_쓰고 상상하고 실행하라_문준호_111207
북Tv365_쓰고 상상하고 실행하라_문준호_111207
 
북Tv365 나는 영화가 좋다 이창세_111130
북Tv365 나는 영화가 좋다 이창세_111130북Tv365 나는 영화가 좋다 이창세_111130
북Tv365 나는 영화가 좋다 이창세_111130
 
북Tv365_10년의 기다림 김창수_111123
북Tv365_10년의 기다림 김창수_111123북Tv365_10년의 기다림 김창수_111123
북Tv365_10년의 기다림 김창수_111123
 
북Tv365 서른 life 사전 이재은_111116
북Tv365 서른 life 사전 이재은_111116북Tv365 서른 life 사전 이재은_111116
북Tv365 서른 life 사전 이재은_111116
 
북Tv365_책에 미친 청춘_김애리_111102
북Tv365_책에 미친 청춘_김애리_111102북Tv365_책에 미친 청춘_김애리_111102
북Tv365_책에 미친 청춘_김애리_111102
 
북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102
 
북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102북Tv365 책에 미친 청춘 김애리_111102
북Tv365 책에 미친 청춘 김애리_111102
 
Talk IT_Oracle AP_이진호 부장_111102
Talk IT_Oracle AP_이진호 부장_111102 Talk IT_Oracle AP_이진호 부장_111102
Talk IT_Oracle AP_이진호 부장_111102
 
Talk IT_CA_정성엽_111028
Talk IT_CA_정성엽_111028Talk IT_CA_정성엽_111028
Talk IT_CA_정성엽_111028
 
북포럼 227회 재즈스타일 전진용 111026
북포럼 227회 재즈스타일 전진용 111026북포럼 227회 재즈스타일 전진용 111026
북포럼 227회 재즈스타일 전진용 111026
 
Talk IT_ IBM_나병준_111025_Session2
Talk IT_ IBM_나병준_111025_Session2Talk IT_ IBM_나병준_111025_Session2
Talk IT_ IBM_나병준_111025_Session2
 
111025 session 1
111025 session 1111025 session 1
111025 session 1
 
Talk IT_ Oracle_정봉기_111025
Talk IT_ Oracle_정봉기_111025Talk IT_ Oracle_정봉기_111025
Talk IT_ Oracle_정봉기_111025
 
북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019
북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019
북포럼_화난 원숭이들은 모두 어디로 갔을까_ 송인혁_ 111019
 
북포럼_고민이 없다면 20대가 아니다_고영혁_111012
북포럼_고민이 없다면 20대가 아니다_고영혁_111012북포럼_고민이 없다면 20대가 아니다_고영혁_111012
북포럼_고민이 없다면 20대가 아니다_고영혁_111012
 
Talk IT_ Oracle_최대진_111012
Talk IT_ Oracle_최대진_111012Talk IT_ Oracle_최대진_111012
Talk IT_ Oracle_최대진_111012
 
Talk IT_ Oracle_전태준_111012
Talk IT_ Oracle_전태준_111012Talk IT_ Oracle_전태준_111012
Talk IT_ Oracle_전태준_111012
 
Talk IT_ Agilent_최석근_111007
Talk IT_ Agilent_최석근_111007Talk IT_ Agilent_최석근_111007
Talk IT_ Agilent_최석근_111007
 
북포럼_1초에 가슴을 울려라_ 최병광_111005
북포럼_1초에 가슴을 울려라_ 최병광_111005북포럼_1초에 가슴을 울려라_ 최병광_111005
북포럼_1초에 가슴을 울려라_ 최병광_111005
 
Talk IT_ CA_조상원_110930
Talk IT_ CA_조상원_110930Talk IT_ CA_조상원_110930
Talk IT_ CA_조상원_110930
 

Kürzlich hochgeladen

Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Kürzlich hochgeladen (20)

This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 

Oracle 4월 20일

  • 1. <Insert Picture Here> Protecting Cloud Applications with Enterprise Single Sign On 임기성, Principal Sales Consultant
  • 2. Enterprise Application Goals Fast, Secure Access To Systems and Applications is Critical To Accomplishing Your Business Objectives Operational Security & Efficiency Compliance Operating Risk Costs
  • 3. The Business Problem • Bad password management reduces security • Weak passwords are easy to guess or hack • Strong passwords get written down and our vulnerable • Password synchronization results in “Keys to the Kingdom” • Employees Lose Productivity managing passwords • Complex userid’s and passwords are hard to remember • Employees get locked out of applications resulting in helpdesk calls • Assure GRC Policies are Met (Compliance) • HIPAA 164, PCI, SOX 404, HSPD – 12 • All Compliance initiatives are driven around • Assuring only the appropriate people have access to applications • Auditing when and by whom that application was accessed
  • 4. Enterprise Access Challenges • Users have too many ID’s & passwords • Need Access from anywhere Sign-on • Hard to know who has • Users forget Windows access to what passwords • Secure delivery of • Strong authentication application credentials is too complex and to end users expensive to deploy
  • 5. Cloud applications are proliferating • More services being offered in a hosted manner – CRM – Personal Productivity Products – Business Intelligence • Provide many benefits to the organization – No need to procure large and complex infrastructure – No deployment or maintenance costs associated – Provides easy access to information from anywhere
  • 6. Drawbacks of cloud applications • Add another set of credentials for users to maintain • Securing access to those applications • Controlling access to only those who need it – Changing roles – Termination • Auditing access to the application
  • 7. Oracle ESSO: Solves Access Challenges Cumulative # of Licenses Sold • Established track record – Passlogix Founded in 1996 – Proven history of success as Oracle OEM provider since 2006 – Oracle Acquires Passlogix in Oct 2010 • Market-leading – 20 million+ licenses sold – 1,500+ enterprise customers – 10,000’s of applications – Customers with millions of employees • Patented technology – Provides fast deployment, quick ROI – 2 US patents and 7 foreign, additional pending
  • 8. Recognized Leadership “Passlogix has been very successful early on in the IAM market with its Enterprise SSO. Passlogix [has] a solid reputation and name recognition not typically realized by a company of its size.” “Passlogix has some highly functional ESSO technology … they often pioneer in the market…” “Passlogix provides an excellent, lightweight, low maintenance SSO solution, suitable for deployments of any scale … and it is seen as a “best of breed” enterprise SSO product – the general good opinion in which it is held …” 100% of customers would buy it again 100% of customers would recommend it to a peer 100% of customers said Passlogix keeps all promises 71% ranked Passlogix as their Best or 2nd Best Vendor “The company goes around a problem .... It is far different from thinking out of the box. It's refusing to acknowledge that the box exists in the first place.”
  • 9. Deployed by Leading Customers Financial Healthcare / Pharmaceuticals Licenses: 1.6 million + Licenses: 600,000+ Energy Government Licenses: 500,000+ Licenses: 700,000+
  • 10. Oracle ESSO Value Proposition Complex Reduced Growing Helpdesk Compliance Employee Security Nightmare Environment Productivity Risks Assure 80% Call Quicker Simplified GRC Volume Application Secure Policies Reduction Access Access Avoid Fines, No Strong Auth Enforce Litigation, Downtime to Ensure Strong Loss of with Acct Identity Policies Revenue Lockouts
  • 11. Oracle ESSO Suite Plus ESSO Logon Manager ESSO Anywhere Sign-On ESSO Kiosk Manager Sign-on ESSO Provisioning ESSO Password Reset Gateway ESSO Logon Manager ESSO Authentication Manager
  • 12. ESSO Logon Manager Overview
  • 13. ESSO Logon Manager (ESSO-LM) ESSO Admin Console Directory, Domain, Windows Database Password Audit, Web Sites Reporting Synch PKI API Mainframes (OS390, AS400) Credential & Profile Store Java Biometrics ESSO AM ESSO Logon Extranet & Manager Portal Token/ Smart card User Authentication User’s Desktop Application Sign-On
  • 14. ESSO LM Provides Efficient Security • Enforces strong password policies Manage • Optionally can generate random passwords not known by Passwords users • Leverage corporate strong authentication deployment Integrate • Challenge for re-authentication prior to providing credentials Strong Auth to the application • All logon events are audited and associated to an enterprise Ensure user name Compliance • Track all password change events to comply with security
  • 16. ESSO creates Strong Passwords Randomly Generated Password look like this:
  • 17. Controlling User’s Access • More challenging then conventional applications – Hosted applications can be accessed from anywhere – Disabling network ID does not terminate application access • ESSO LM does not allow user’s to reveal passwords • This allows easy removal of access – Disable windows account – Remove SSO password through ESSO Provisioning Gateway
  • 18. Access the cloud anytime, from anywhere Cloud Application
  • 19. ESSO from Anywhere Cloud Applications Remote PC ESSO-LM Agent
  • 20. How It Works 1. User logs on to portal with SSL VPN 2. ESSO-LM downloads, runs ESSO-LM 3. ESSO-LM authenticates to corporate directory ESSO-LM Corporate Directory 4. ESSO-LM retrieves credentials ESSO-LM 5. User launches application (e.g. SAAS CRM) automatically signed on by ESSO-LM 6. User signs off, credentials and ESSO-LM deleted
  • 21. ESSO Provisioning Gateway Provisioning Oracle Identity Manager Applications & Custom Programs Data file and Manual Entry Sources Connectors Oracle Windows ESSO PG SPML Password Server Web Sites Mainframes PKI Directory, (OS390, AS400) Domain, Database Java Provisioning Credentials Biometrics Instructions Extranet & ESSO Logon Manger Portal Token/ Smart card User Auth User’s Desktop Application Sign-On
  • 22. ESSO-KM Architecture eSSO Admin Console Define kiosk policies and settings AD, LDAP, SQL Retrieves policies and settings Windows Events Monitor App. Shutdown Web, Extranet, LDAP Logon Sign-off Portal - time out - keystroke xmit - card removal - closure request Java - tap out - process terminate Session Actions Mainframes initiate, suspend, screen saver, terminate (OS390, AS400)
  • 23. ESSO Password Reset Architecture ESSO Reset Reset Server Windows Logon Audit, Reporting Domain Admin ESSO PR Console
  • 24. ESSO-UAM General Architecture Key Innovations • Simplicity over security ESSO-LM • Natively designed for all methods Admin Console • Client-side architecture Active Directory • No proprietary database •Card serial #, PIN •User Windows id, password •Policies (e.g. PIN length) •Settings (e.g. force user enrollment) Card serial # ESSO-UAM User enrollment Actual authentication PIN reset Cache - disconnected use PIN
  • 25. For More Information search.oracle.com Identity management or oracle.com/identity
  • 26. Summary • Simplify access to cloud applications through ESSO • Increase security by maintaining user’s password for them • Audit all access to the application for Regulatory Compliance • Enforce all policies from any computer with internet access