Have been a bit busy and so blogging has been slow - but I recently came across this blog entry and I thought it would be worth clarifying about the relationship between OPSS and OWSM.
OPSS - Oracle Platform Security Services - provides a security framework and acts as the underlying security layer that addresses both FMW security requirements as well as the base for all the Identity and Access Management products.
Details can be found here.
There is a nice white paper accompanying the recent IDM 11gR2 release - that describes the foundational nature of OPSS. (Yet more material on IDM 11gR2 can be found here.)
The primary security services provided by OPSS include:
a) Authentication Services via Login Modules
b) Keystore Service
c) Credential Store Service - used for storing secrets like passwords (credentials).
d) Audit service
OWSM is primarily focused on security for Web Services and provides a policy based security model. OWSM implements the various WS-* standards and leverages OPSS authentication service, Keystore service, Audit service, credential store service, authorization service, etc.