Oracle Magazine - September/October 2007 - Marcelo Machado

Recommendations

Info

“Our authentication portal has multiple levels of trust associated with different levels of authentication. We think that this is really important.” —William Barnes, Manager of Identity Services, Pfizer cate. Alternatively, a mobile user accessing the system from a kiosk might use a secure ID one-time passwordtype device such as RSA’s SecurID or the standardized, open source Open Authentication (OATH) secure token. “The hope is that by allowing users to select what they want to use, it gives them the greatest control over the experience they intend to have,” explains Barnes. “One of the major business benefits of this approach is allowing people to use a credential they may already have.” According to Burton Group’s Henry, having a centralized facility to enforce and support access management policies throughout multiple applications is a fairly popular approach. “The idea is that no matter what application a user is accessing, the organization can rely on the same types of authentication framework,” says Henry. “That reduces the management burdens and helps to eliminate potential mistakes that might occur.” CENTRALIZING AUTHENTICATION With its centralized authentication service, Pfizer has taken the authentication process out of each application and put it in the hands of the end user. And in the future, Pfizer can immediately take advantage of any new authentication methods that it wants to deploy, such as biometric or fingerprint-type authentication options. “Authentication is probably one of the hottest areas in technology today, so we’re not prescriptive on exactly what forms we will leverage,” says Pfizer’s Barnes. “But as new ones emerge, we see this as the single place where we can make them available.” Of course, another important aspect of access management for Pfizer is being able to manage risk better by ensuring that the proper level of authentication is required for specific applications. For example, some applications might have a low risk associated with access to their data, while others might require very high data integrity. “Our authentication portal has multiple levels of trust associated with different levels of authentication,” Barnes says. “We think that this is really important. Going forward, it will allow application developers either to lower or raise the bar required to get access to information and protect the integrity of the data.” Eventually, using this framework, Pfizer expects that it could leverage the use of national IDs, which might be issued through the European Union or by individual countries. “As national and international identity providers emerge, we see this framework as giving us the ability to link directly to them,” adds Barnes. “And we will continue to work with Oracle to enhance the native capabilities of Oracle Audit Vault and Oracle Database Vault In addition to providing authentication and identity management, organizations must provide data security that addresses growing privacy and regulatory considerations. For example, compliance and auditing requirements have become a fact of life for most organizations. Beyond ensuring that the proper regulatory or industry requirements are followed, organizations also need to collect and analyze audit data to keep track of the activities within their systems. And because audit data can be distributed across many systems and stored in many databases, securing it and ensuring that it hasn’t been tampered with can be difficult. “Oracle Audit Vault provides the ability to consolidate audit data from different database sources into one secure and scalable repository, and then view all the audit trail data, from all those sources, in one report,” explains Tammy Bednar, senior principal product manager, database security, Oracle. “Oracle Audit Vault provides a consolidated view of all audit operations, making it easier to see the activities of your privileged users across all your databases and raise alerts on any suspicious activities.” Securing the data in the database from highly privileged users, Oracle Database Vault helps to ensure database security by protecting against insider threats and addressing regulatory compliance needs. It can also transparently enforce specific operational policies or fine-grained security requirements as specified by the auditors. “Oracle Database Vault helps companies implement separation of duties—managers might not want even powerful administrators to be able to look at important financial data, for example,” says Vipin Samar, vice president, database security, Oracle. “With Oracle Database Vault, organizations can increase the security level of an existing application without changing the application, which improves security throughout the enterprise and helps reduce risks posed by insider threats.” ORACLE MAGAZINE SEPTEMBER/OCTOBER 2007 55
“The idea is that no matter what application a user is accessing, the organization can rely on the same types of authentication framework.” —Trent Henry, Senior Analyst, Burton Group Oracle Access Manager and Oracle Virtual Directory to provide the functionality of the logon.pfizer.com authentication portal.” THE EVOLUTION OF ACCESS MANAGEMENT Access management has come a long way in the past few years. But as organizations struggle to meet new compliance and security requirements and to reach out to partners and customers in a secure and manageable way, access management seems poised to play an even greater role in the corporate IT infrastructure. “Over the past few years, the adoption of federation technologies has become much more prevalent,” says Eric Leach, senior group product manager, access management, Oracle. “That means that organizations can use their baseline Web access management deployments and layer on standards-based federation products that can greatly simplify the integration of business partners.” For many companies, the need to interact efficiently with more organizations—whether it’s suppliers, outsourcers, partners, customers, or someone else—will only increase. At the same time, organizations need to increase their agility and keep pace with changing business environments. JULY/AUGUST 2006 ORACLE.COM/ORACLEMAGAZINE Oracle Enterprise Manager Brings Order to Your Grid GROWING RETAIL BUSINESSES /44 ID MANAGEMENT OPENS DOORS /49 ARCHIVING XML /73 56 SEPTEMBER/OCTOBER 2007 ORACLE.COM/ORACLEMAGAZINE “A lot of new requirements have come in since most organizations originally adopted access management,” Leach adds. “From compliance and auditing requirements to federation needs to stronger authentication requirements, now is the time for organizations to reconsider their access management solutions and opportunities in a broader context.” � David A. Kelly (dkelly@upsideresearch.com) is a business, technology, and travel writer who lives in West Newton, Massachusetts. READ more about Oracle Identity Management oracle.com/identity Oracle Audit Vault oracle.com/goto/auditvault Oracle Database Vault oracle.com/goto/databasevault Security Solutions from Oracle oracle.com/security Oracle Magazine Readers Close Deals Six Times Larger Than Nonreaders! Internal Oracle research has found that readers of Oracle Magazine are responsible for expenditures with Oracle that are six times larger than customers who don’t read the magazine. These readers spend a combined total of more than US$11 billion annually on IT! JULY/AUGUST 2005 ORACLE.COM/ORACLEMAGAZINE GREAT EXPECTATIONS BIG TECHNOLOGY THAT GROWS WITH YOUR SMALL BUSINESS IN THIS ISSUE: LINUX FOR DATA WAREHOUSES •• PHP AND ORACLE XML DB • • TUNING UNDO TABLESPACE Oracle Magazine exists to drive Oracle customers your way. Utilize our programs and make our best customers your best customers. For detailed information on how your company will benefit from our print and interactive go-to-market programs, contact your local representative. Northeast U.S./Canada David and Ann Schissler +1.508.394.4026 Schissler@comcast.net Mid-Atlantic/Southeast Dawn Becker +1.732.772.0160 dbeck71@optonline.com Northwest/Central Tom Cometa +1.415.206.9855 Thomas.cometa@sbcglobal.net Southwest/LAD Shaun Mehr +1.949.923.1660 shaun@sprocketmedia.com EMEA/APAC Mark Makinney +44 0 1273 774341 mark.makinney@oracle.com Associate Publisher Kyle Walkenhorst +1.323.340.8585 kyle@sprocketmedia.com
Page 1 and 2:
��
Page 3 and 4:
www.prodesign.de Best-in-class arch
Page 6 and 7:
Revealed They tried so hard to conc
Page 8 and 9: FEATURES Cover by Richard Merchán
Page 11 and 12: Unlock the Grid. Storage solutions
Page 13 and 14: what if EVERYTHING WENT 5X FASTER?
Page 15 and 16: Your corrections, your opinions, an
Page 17: Innovation Matters Oracle Database
Page 20 and 21: Oracle OpenWorld 2007 Special Secti
Page 22 and 23: at OracleOTN BULLETIN Crash into Or
Page 24 and 25: elease includes an automatic synchr
Page 26 and 27: BOB ADLER at OracleINTERVIEW Change
Page 28 and 29: ��
Page 30 and 31: ��
Page 32 and 33: PARTNER SPOTLIGHT Partners Support
Page 34 and 35: SPECIAL ADVERTISING SECTION An Ounc
Page 36 and 37: “We assume that everything is goi
Page 38 and 39: New Database Vault The only databas
Page 40 and 41: DATABASE 11g RICHARD MERCHÁN ORACL
Page 42 and 43: BOB ADLER technology. After beta te
Page 44 and 45: amount of time we spend on tuning t
Page 46 and 47: CHARITY DEMEER and related informat
Page 48 and 49: ORACLE DATABASE 11g Special Adverti
Page 50 and 51: “ It’s a fact that no one vendo
Page 52 and 53: “ We’ve seen features in Oracle
Page 54 and 55: Akey Oracle partner in the developm
Page 56 and 57: DAVE BRADLEY OPEN BY DAVID A. KELLY
Page 60 and 61: Fastest Growing Middleware Oracle F
Page 62 and 63: ER WITHIN technology at the edge of
Page 64 and 65: ANDREA MANDEL “Oracle is clearly
Page 66 and 67: developerFRAMEWORKS BY STEVE MUENCH
Page 68 and 69: ees in the current department (excl
Page 70 and 71: developerBROWSER-BASED Express Web
Page 72 and 73: Add Use PL/SQL Developer to at work
Page 74 and 75: developerPL/SQL PRACTICES BY STEVEN
Page 76 and 77: TIM WEBB technologyPARTITIONING Mor
Page 78 and 79: id column with partitions defined o
Page 80 and 81: JOSEF GAST technologySTORAGE BY JON
Page 82 and 83: DROP TABLE article_draft; RENAME ar
Page 84 and 85: technologySQL DEVELOPER BY SUE HARP
Page 86 and 87: tables after they have been capture
Page 88 and 89: technologyASK TOM On Oracle Databas
Page 90 and 91: this case, if the table T is modifi
Page 92 and 93: Do you belong in the Oracle communi
Page 94 and 95: COMPANY NAME URL COMPANY NAME URL N
Page 96 and 97: commentALL SECURE Automating Securi
Page 98 and 99: Oracle Database Get Better Results
Page 100: Sometimes what’s slowing you down
show all

Oracle Magazine - September/October 2007 - Marcelo Machado

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?