OOW Session: Applying Authorization to Solve the Right Problems
By B Shashikumar on Sep 07, 2011
Identity Management has undergone quite an evolution over the last decade or so. Directory Servers solved the problem of externalizing identity data and attributes from applications by centralizing them in standards-based repositories. Next we saw Web Access Management (WAM) solutions emerge and externalize authentication from applications via Single Sign-On technology. While many WAM solutions can enforce coarse grained (URL-based) authorization, enforcement of granular access privileges demands fine-grained authorization. But fine-grained authorization logic has been historically embedded inside applications as many authorization decisions are typically enforced at application run-time.
Oracle recently announced Oracle Entitlements Server (OES) 11g. OES 11g externalizes authorization policies from applications eliminating the complexity of building authorization inside applications. By decoupling authorization policy evolution from the application lifecycle, OES does for authorization what Single Sign-On did for authentication. The benefit for developers is in faster development cycles and the benefit for IT is in consistent security policies, reduced costs and better IT efficiency.
OES 11g introduced several breakthroughs in Externalized Authorization Management.
- Real-time External Authorization ensures minimal latencies in mission-critical deployments for applications making a massive number of authorization checks
- Comprehensive Standards Support for a broad spectrum of authorization standards including XACML, NIST RBAC, Enterprise RBAC, ABAC, JAAS and OpenAZ. This gives customers plenty of choices, and flexibility of deployment.
- Rapid Application Integration accelerates integration with a broad spectrum of application platforms.
You don't want to miss Roger Wigenstam- Senior Director of Product Management at Oracle, and Subbu Devulapalli, Principal Product Manager at Oracle, discuss various fine-grained authorization use cases on Tuesday October 4th at 1:15p in Moscone West 3022. Join us for this session to understand why OES 11g sets the new bar for externalized authorization management.
For a complete schedule of Identity Management session see the Identity Management Focus On.