Upload
oracleidm
View
466
Download
0
Tags:
Embed Size (px)
Citation preview
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 121
Attract New Customers and Users by Leveraging Bring Your Own Identity (BYOI)
Forest Yin – Product Management, Oracle Vikas Mahajan – Director, AARPArnaud Robert – CTO, BeachBody
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 123
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 124
Program Agenda
Introduction to Bring Your Own Identity (BYOI)
Oracle Solution
Customer Case Studies– AARP
– BeachBody
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 125
Social CRM
MobileBanking
ManufacturingServices
BusinessTransformation
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.5
Citizen Services
MobileWorkforce
OnlineHealthcare
Social Retail
CloudServices
MOST SIGNIFICANTRE-ARCHITECTURE
IN 20 YEARS
Subscription-basedContent Services
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 126
What’s Business Transformation?
BYOD complicates privacy
Enterprise and personal data
Poor device, app and data security
Unified approach iOS, Android, ?
On premise, private, public apps
Identity for SaaS apps
Cloud-based access portals
Fragments identity
Users want to use social ID
Simplify registration and marketing
Trust is difficult
OAuth & OpenID leading to other IdPs
Mobile Cloud Social
Identity is core across these transformations
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 127
Social Commerce
– FaceBook 1+ billion users
– Preferences and interests
– Friends and relationships
Social Workplace
– Social while working
– Working while social
Trend – Social Identity Transforming Business
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 128
Insert Picture Here
SOCIAL MEDIA MERGES WORK & PLAY
Plan to social enable applications in the near future 44%
Source: Enterprise strategy group 2012
Of the world reached by social media sites82%ComScore Datamine Jan 2012
Trend – Social Identity Transforming Business
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 129
Service providers rely on existing IdP
Partners leverage existing enterprise
identity
Trend – Federated Identity Enabling Cloud
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1210
Better user experience
More effective marketing
Lower TCO
Why BYOI?
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1211
How to enable it for your business?
Is it secure enough?
What if you need higher level of trust
and security?
Challenges of BYOI
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1212
Introducing Oracle Access Management Reference Architecture
• Complete
• Modernized
• Simplified
• Innovative
• Scalable
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1213
Oracle Access Management 11gR2Simplified and Innovative
Converged Services– Authentication and SSO– Federated SSO – Mobile & Social– Security Token Service
Innovation– Mobile Security– Social Identity– REST Services– Identity Context
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1214
Select Login Authorize
Oracle Access Management Social Identity Social Sign On
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1215
Oracle Access Management Social IdentityFor Mobile Authentication
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1216
Oracle Access Management Social IdentityOverview
Enable applications to consume Social Identities
Enable customers to federate with social networking sites
Support standard protocols like OAUTH and OpenID
Easily add to existing OAM sites
Add Social Identity Personalization and Federation Options to Mobile Applications, Websites, and resources protected by Oracle Access Manager and Oracle Entitlements Server
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1217
When You Need Higher Level of Trust
Will you let a customer using FaceBook identity for – Online banking transactions?– Buying products from your online stores?– Accessing company intellectual properties (IP)
Higher risk transactions demand higher level of trust and security
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1218
Securely Enable BYOI for Your Business
Require an intelligent access platform that understands context and risk
– Identity context, device context, resource context, transaction context, etc
– Weighted risk based on real-time context
Take actions based on context and risk
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1219
Oracle Access Management Social Identity Step Up Trust and Security
Linking BYOI to local accounts– A simple step for user to link social identity with existing local
account– Only required initially
Register for new local account– Simplified registration process– Pre-populated profile info for registration
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1220
Oracle Access ManagementAccess Intelligence
LOW
MED-LOW
HIGH
MED-HIGH
RESPONSE
ALLOW DENY
If the risk is low: Social Identity
If the risk is medium:Local account/ SAML Federated accounts
If the risk is high:KBA or OTP
If the risk is very high:Deny access and alert the security team
RIS
K
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1221 Copyright © 2013, Oracle and/or its affiliates. All right
Oracle Identity Federation - Identity Provider and Service Provider
Oracle Access Management
Protected Resources
Federated Identity – Identity Provider B2B
Partner ResourceService Provider
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1222 Copyright © 2013, Oracle and/or its affiliates. All right
Oracle Identity Federation - Identity Provider and Service Provider
Oracle Access Management
Protected Resources
Federated identity – Identity Provider SaaS
Partner ResourceService Provider
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1223
Oracle Access Management Identity Federation
• Converged services• Admin, server and data
• Protocol Support• SAML 2.0, SAML 1.1, OpenID 2.0
and WSFed
• IdP/SP – initiated SSO, Logout
• Session Attributes support•SAML attributes in response headers
•SAML attributes in authorization policy
•Attribute mapping
Identity ProviderEstablish Identity
Filter attributes
Assert Identity
Maintain session
Service Provider
Map Attributes
Link Identities
Pass Identity Attributes to Apps
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1224
Oracle Access ManagementSummary
Enables business to leverage BYOI
– Social and federated identity
Enhances security & improves user experience
– Intelligent flexible trust model
Lowers Total Cost of Ownership (TCO)
– Complete, simplified and scalable solution
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1225
Customer Case Studies
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1226
Helping PeopleGet More Out of Life
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1227
Employees Enable BYOD Support Cloud/SaaS/Mobile
Social Mission & Volunteers Empower Them with Tools & Technology Collaborate Adapt Quickly to Changing Needs
The Business Needs
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1228
The Technology Issues Defense-In-Depth Trust Scalability Cost & Manageability
And Don’t Forget… Applications (are they mobile/social ready?)
The Technology Issues
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1229
Conceptual Access Mgmt Architecture
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1230
“help people achieve their goals and enjoy a healthy, fulfilling life”.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1231
multi-products
fitness nutrition beauty
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1232
multi-channel
infomercial
MLM certificationonline &mobile
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1233
multi-profiles
consumers
trainers
customersof coaches
coaches
club members
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1234
Don’t miss these IDM Sessions
CON8817 Tuesday 09/24, 5:15PM
Moscone West, Room 2018
API Management: Enable Your Infrastructure for Secure Mobile and Cloud Use
Ganesh Kirti, Oracle
CON8823 Wednesday 09/25, 5:00PM
Moscone West, Room 2018
Access Management for the Internet of Things Kanishk Mahajan, Oracle
CON8902 Thursday, 09/26 2:00PM
Marriot Marquis – Golden Gate C3
Developing Secure Mobile Applications Mark Wilcox, Oracle
CON8837 Wednesday 09/25, 11:45AM
Moscone West, Room 2018
Leverage Authorization to Monetize Content and Media Subscriptions
Roger Wigenstam, Oracle
CON9024 Thursday 09/26, 2:00PM
Moscone West, Room 2018
Next Generation Optimized Directory - Oracle Unified Directory
Etienne Remillon, Oracle
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1235
Oracle Fusion MiddlewareBusiness Innovation Platform for the Enterprise and Cloud
Complete and Integrated
Best-in-class
Open standards
On-premise and Cloud Foundation for Oracle Fusion
Applications and Oracle Cloud
User Engagement
Identity Management
Business Process
Management
Content Management
Business Intelligence
Service Integration Data Integration
Development Tools
Cloud Application Foundation
Enterprise Management
Web Social Mobile
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1236
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1237