No Where to Go but Up: Extending the Benefits of Accelerated IAM by Nish Patel (Accenture)

For a number of years the innovation for corporate applications revolved around functionality drivers such as better user interfaces, interoperability with legacy systems, and web enablement.  The next wave of innovation is being driven by enhancing the customer experience, data analytics, business responsiveness, and the integration of systems in the company’s business ecosystem.  All of this is occurring in a demanding economic climate—where speed is of the essence to help meet revenue and profitability targets— with an ever-demanding and  increasingly sophisticated user base.

What does the changing face of corporate applications look like and how does security play a role?  You can start by looking at Oracle’s own strategy with Fusion Applications.  The Fusion Apps integrate business processes, complex workflows, web services, business intelligence, and analytics.  This amalgamation has seemingly endless data points and touch points utilized by an ecosystem of users, consumers, providers, and so on.  This is all secured using Oracle’s own IAM stack.  Hence, the Fusion Apps security model is a very different approach from the old E-Business, PeopleSoft, and JD Edwards security models.  This adds security complexity, yet also adds security value.  However, to obtain the value, you have to understand how to take a highly flexible solution and cater it to your business’s needs.  So how do you configure it the right way quickly?  We’ll get to that later.

What other corporate application changes are we seeing?  We’re all aware that over the last 5 years there has been a significant and growing shift in the consumerization of technology in the work place.  The bring-your-own-device or BYOD trend began shortly after the auspicious availability of the original iPhone in June of 2007 and has hit substantial strides in subsequent years with the introduction of the iPad and Android devices.  The portability and ease of use—and let’s face it, the “coolness” factor—have driven demand for applications to be readily available outside the standard company walls and desktop/laptop confines.

Looking at a graph of the pace and demand for mobile applications brings to mind Mt. Everest:  it’s steep, scary, and without the right Sherpa, you might just freeze to death from the challenge.  As the sophistication of mobile applications has improved to meet business demand, one of those Everest-like challenges is how to secure the ever increasing amount of sensitive and critical information that goes with it.

For example, we are seeing clients take applications that were typically considered “back office” and using them as a strategic driver, such as mobilizing purchasing data to provide valuable insight to buyers in the field making decisions.  We are seeing banks now allowing check deposits via mobile devices to increase customer satisfaction and decrease in-person service times and overhead.

Information that was typically within the four walls is now zipping around wherever there is a cell signal.  It is being consumed on devices that are easily passed around, shared, and lost.  It is being consumed by customers, employees, company partners, and vendors.  How do you ensure that only the right consumer, in the right context, in the right scenario, on the right device is accessing valuable company data?  Additionally, how do you rapidly secure applications to quicken deployment cycles and cut costs?

One of the common ways IT departments approach security is to take each application and bolt on its own security framework for mobility.   An example would be adding on a Spring Security framework for authentication and authorization.  Sometimes this involves a duplication of already existing authentication and authorization mechanisms in place.  If you take this approach for each application you “mobilize”, you can see how it can quickly become an administrative nightmare.  From having to provision users manually to each application, to de-provisioning for terminations or job role changes, to password management, to troubleshooting, and so on, this approach is duplicative and wasteful. 

So how do you address security adequately and rapidly across the situations and scenarios we’ve described?  Accenture utilizes Oracle’s IAM suite of products to enable security across the spectrum of our client’s needs.  For example, for mobilization of applications, we utilize Oracle’s Mobile and Social Access as part of the access management solution.  We utilize Oracle API Gateway’s numerous features for web services security.  We’ve also built many of our own proprietary Accenture Software solutions on the 11g platform, leveraging the Oracle security stack to employ a common security framework to simplify development and deployment. Furthermore, we leverage our Accenture Foundation Platform for Oracle (AFPO) to accelerate and reduce costs.
Accenture Foundation Platform for Oracle

AFPO is a reference architecture, reference implementation and a set of associated assets that provide a generic and common foundational platform based on Oracle Fusion Middleware 11g Technology.  AFPO is a jumpstart kit for Oracle IAM that accelerates delivery.  It is aligned with Oracle’s Fusion Reference Architecture (OFRA) and was built with feedback and reviews from Oracle Product Management. It’s also a combination of Oracle products & guidance with Accenture intellectual property based on project experience.

When we speak of acceleration, we are talking install: day 1; customize and integrate: day 2!  Fast enough for you? Clients have been able to trim as much as 30% off of implementation costs utilizing AFPO.  At an educational non-profit we rapidly deployed an Oracle IAM foundation leveraging AFPO to meet tight timelines required for the upcoming school year. Our client’s Release 1 deployment scope included building, testing, and deploying 5 Oracle IAM products in 5 months.  Our client’s development team needed a way to quickly learn the products in order to rapidly build extensions and customizations for these products.  AFPO provided a testing ground for rapid design prototyping and gave developers the quick, hands-on experience needed to transition to building the new infrastructure.

To learn more about Accenture, our AFPO platform, how we can help you with your security strategy and implementation, please contact


Post a Comment:
  • HTML Syntax: NOT allowed

Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.


« July 2016