Enterprise software giant Oracle has announced a new identity management suite that incorporates some of the technology from its recent acquisition of Sun Microsystems in the service of application security. Oracle Identity Management 11g consists of as many as nine different
components that perform such tasks as identity management, access
management, single sign-on capability, fraud prevention and
administrator system management control. The suite works with Oracle
Fusion Middleware 11g, the company's application infrastructure
foundation product. Identity Management 11g has been developed in a service oriented architecture (SOA) design that provides developers with shared services for deploying various security features that simplify application security. Pricing information is not yet available.
Identity management technology is a critical component of Oracle's Fusion strategy, said Lori Rowland, vice president of identity and privacy strategies research at Gartner, who says that "over the past five years Oracle has been acquiring different identity management products and building their own and 11g reflects Oracle's efforts in integrating the suites more tightly and coming together with a more unified platform."
Among the new features in the identity management suite is the capability to cut off a user's access to an application if suspicious activity is detected. If an employee or group of employees is given access to a particular application, an administrator can monitor the session to see who's connected to it. If unusual activity is detected, such as a user moving a number of large files off the network, the administrator can terminate the session.
Another new feature, called Adaptive Access Manager, creates dynamic passcodes. If a user is attempting to access an application, the system will send that person a passcode via instant message, e-mail or a cellphone text message to gain access. This fraud prevention feature adds an extra layer of security in case a hacker has gained access to a network using someone else's identity. The Oracle Enterprise Manager Grid Control Management Pack also offers advanced monitoring, diagnostics and performance management for all identity management components. The suite incorporates technology from Sun Microsystems, which Oracle acquired in January. They include Oracle Identity Analytics, for monitoring compliance and governance issues, and a single sign-on Secure Token Service for identity propagation.
IT administrators often are concerned about vendor lock-in, acquiring too much of their IT from one company, which can make it difficult to add a product they want from another company. Oracle's Identity Management Suite 11g can be purchased as an end-to-end package or components can be purchased individually. Oracle's competitors, who offer a whole suite of identity management products, include IBM, Novell, CA and Siemens. But the company is also up against a number of smaller firms offering point solutions. Oracle is no different than many other tech companies that would like to be the preferred vendor, but is working toward interoperability of their products with others, said Gartner's Rowland.