Oracle rolled out an ambitious strategy aimed at achieving more consistent security in large organizations, along with the first four software components of its new "Service-Oriented Security" architecture. But given all of Oracle's software acquisitions in recent years, how well will the new security model support Oracle's entire customer base?
Essentially, the new architecture is designed to replace hard-coded security features in individual applications with reusable Web services, officials said in making the announcement at the RSA Conference in Redwood Shores, CA. It also adds role management technology -- garnered through Oracle's buyout of Bridgestream last fall -- to Oracle's existing offerings in access management and user provisioning.
Still in beta testing is an administrative component of Service-Oriented Security, known as Oracle Fine Grained Authorization.
Three other components are already in general release: Oracle Role Manager, for deploying role-based access control, provisioning and approvals; Oracle Application Access Controls Governor 8.0, for access control monitoring; and the first open source component of the new Identity Governance Framework.
Oracle developed the development framework component together with the Liberty Alliance, an industry group working on interoperable identity standards.
Today's security launch by Oracle follows the announcement last week of Oracle Authentication Services for Operating Systems. Like Role Manager, for example, Oracle Authentication Services for OS is an offering within Oracle Identity Management.
Oracle, Security, Software, Enterprise Security