By Naresh Persaud-Oracle on Feb 19, 2012
Last week on February 16th we held a round table discussion on External Authorization in New York City. If you attended the event, many thanks for spending the time with us and participating in the discussion. There were a few take aways from the event that I thought were worth sharing.
- External Authorization does not require single sign-on: One of the most common mis-conceptions about external authorization is that it requires a customer to consolidate their authentication. The fact is that external authorization is a compliment to authentication and can be added despite multiple login credentials.
- External Authorization requires a centralized deployment model: The deployment model of external authorization can be very flexible with multiple policy repositories. The model is flexible to allow policy distribution to many enforcement points. This is key factor that makes external authorization so valuable in cloud environments. For more information on use cases reference this Kuppinger Cole paper linked here.
- External Authorization takes lots of staff to maintain: Because External Authorization solutions can be deployed in a platform as a service mode, a relatively small team of 3 can serve more than 100+ applications. This platform as a service model provides a simplified application security lifecycle while maximizing return on investment.
For more background on Oracle Entitlements Server see the webcast on OES 11g.
Below are the slides from the event.