Skip Headers
Oracle® Adaptive Access Manager Administrator's Guide
Release 10
g
(10.1.4.5)
Part Number E12055-03
Home
Book List
Index
Contact Us
Next
View PDF
Contents
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New
New Features for Release 10.1.4.5
Part I Administration
1
Introduction
1.1
Concepts
1.2
Fraud Management Steps
1.2.1
Identify Fraud Scenarios and Derivatives
1.2.2
Define Parameters for Each Derivative Fraud Scenario
1.2.3
Group the Relevant Fraud Scenarios, or Derivatives, or Both
1.2.3.1
Grouping Derivatives into Models
1.2.3.2
Assigning Models to Policies
1.2.4
Map Parameters and Group Details into an Implementation Design
1.2.5
Use Mappings to Configure Oracle Adaptive Access Manager
1.3
Knowledge-Based Authentication
1.4
Reporting
2
Managing Groups
2.1
Organizing Users, Locations, and Devices into Groups
2.1.1
Creating User, Location, and Device Groups
2.1.1.1
Create a new group of user IDs
2.1.1.2
Create a group of cities
2.1.1.3
Create a group of states
2.1.1.4
Create a group of countries
2.1.1.5
Create a group of IP
2.1.1.6
Create a group of IP ranges
2.1.1.7
Create a group of devices
2.1.2
Creating a Group of Alerts or Actions
2.1.2.1
Create an action group
2.1.2.2
Create an alert group
2.1.3
Creating Groups of Networks, Service Providers, and Systems
2.1.4
Editing a Group
2.1.5
Updating a Group Directly
2.1.6
Exporting and Importing a Group
2.1.6.1
Export a group
2.1.6.2
Import a group
2.1.7
Viewing a List of Groups
2.1.8
Viewing Details about a Group
2.1.9
Caching Policy Options
3
Rules and Models
3.1
Creating and Editing Models
3.1.1
Creating Models
3.1.2
Editing a Model
3.1.3
Exporting and Importing a Model
3.1.3.1
Export a Model
3.1.3.2
Import a Model
3.1.4
Document Models
3.1.5
Policy Sets
3.1.5.1
View a list of policy sets
3.1.5.2
View and edit the policy set details
3.1.5.3
View and edit the policy details for a specific policy type
3.1.6
Action and Score Overrides
3.1.6.1
Create an action override
3.1.6.2
Create an score override
3.1.7
Adding a New Rule to a Model
3.1.8
Configuring a Rule Instance
3.1.9
Examples of Configured Rules to Initiate Action and/or Alert
3.1.9.1
User is accessing from more than x devices within the specified time
3.1.9.2
Number of users using this device exceeds x for the past x seconds
3.1.9.3
Number of login attempts with the given client exceeds x for the given time period
3.1.9.4
IP is in the given country group
3.1.10
Editing a Model's Links
3.1.11
Specifying the Scoring of Rule Return Combinations
3.1.11.1
Specify rule return combinations
3.1.11.2
Delete a rule return combination
3.1.11.3
Change the sequence of a rule return combination
3.1.12
Viewing a List of Models
3.1.13
Viewing and Changing Model Details
3.1.13.1
Modify details about a model
3.1.13.2
View details about the user groups linked to a model
3.1.13.3
View details about the rules contained in a model
3.1.14
Creating a Group of IP Ranges
3.1.15
Viewing a list of IP Ranges
3.1.15.1
View a list of IP ranges
3.1.15.2
View details about an IP range
3.1.16
Scenarios for Setting Up and Configuring Oracle Adaptive Risk Manager Online
3.1.16.1
Rule Triggers
3.1.16.2
Ask Challenge Question
3.1.16.3
Block Users
3.2
Best Practices for Adding or Adjusting Models/Rules When the Solution is Up and Running
3.3
How Models and Rules are Used to Enable Authenticators
3.3.1
Basic Pre-Auth Model
3.3.1.1
Basic Pre-Auth Model Rules
3.3.1.2
Pre-Auth Model KeyPad User Rule
3.3.1.3
Pre-Auth Model Registered User Rule
3.3.1.4
Pre-Auth Model Manual Overrides
3.3.2
Basic Post-Auth Model
3.3.2.1
Basic Post-Auth Model Rules
3.3.2.2
Post-Auth Model Question Registered Rule
3.3.2.3
Post-Auth Model Manual Overrides
3.3.3
Link Groups to Models
4
Rule Templates and Conditions
4.1
How Rule Templates and Conditions Work
4.2
Before You Begin
4.3
Managing Conditions
4.3.1
Viewing a List of Conditions
4.3.2
Viewing Details of a Condition
4.3.3
Exporting and Importing Conditions
4.3.4
Deleting a Condition
4.4
Managing Rule Templates
4.4.1
Viewing a List of Rule Templates in the System
4.4.2
Creating and Editing a Rule Template
4.4.3
Viewing Details of a Rule Template
4.4.4
Deleting a Condition Instance from a Rule Template
4.4.5
Deleting a Rule Template
4.4.6
Exporting and Importing a Rule Template
5
Configurable Actions
5.1
Before You Begin
5.2
Configuring a Configurable Action
5.3
Defining a New Action
5.4
Adding a Configurable Action to a Runtime
5.5
Viewing Configurable Actions
5.6
Editing an Existing Configurable Action
5.7
Deleting an Existing Configurable Action
5.8
Out-of-the-Box Configurable Actions
5.8.1
Defining CaseCreationAction
5.8.2
Defining EmailAction
5.8.3
Defining Add Item to List Action
6
Creating Runtimes
6.1
Creating a New Runtime
6.2
Modifying Properties of a Runtime
6.3
Creating a Runtime Example
7
Transaction Definitions
7.1
Prerequisites for Using Transactions
7.2
Configuring a Transaction Definition Overview
7.3
Creating an Entity
7.3.1
Initial Steps
7.3.2
Specifying what elements are part of the Entity
7.3.3
Selecting the elements that can be used to uniquely identify the Entity
7.3.4
Selecting the data elements that form the Entity data that can be displayed
7.3.5
Activating the Entity definition
7.4
Creating the Transaction Definition
7.4.1
Initial Steps
7.4.2
Adding Entities to the Transaction Definition
7.4.3
Adding the elements that need to be added directly to the Transaction Definition
7.4.4
Adding the source data elements to the Transaction Definition
7.4.5
Adding the mapping for the data elements
7.4.6
Adding the mapping for the Entity elements
7.4.7
Activating the Transaction Definition
7.5
Listing Entities
7.6
Listing Transactions
7.7
Exporting Entities
7.8
Exporting Transactions
7.9
Importing Entities
7.10
Importing Transactions
7.11
Modifying Entities
7.12
Modifying Transactions
7.13
Viewing the Transaction Data in Adaptive Risk Manager
8
Auto-learning and Patterns
8.1
Introduction and Concepts
8.1.1
About Patterns
8.1.2
About Auto-learning
8.1.3
About Buckets
8.2
Before You Begin
8.2.1
Import Default Entities
8.2.2
Enable Auto-learning properties
8.2.3
Configure Patterns
8.2.4
Use API for updateStatus
8.3
Using Patterns in Adaptive Risk Manager (Overview)
8.4
Creating a Pattern
8.5
Creating a Rule Template for Patterns
8.6
Creating a Model that Uses Patterns
8.7
Listing Patterns
8.8
Exporting Patterns
8.9
Importing Patterns
8.10
Deactivating/Activating Patterns
8.11
Deleting Patterns
8.12
Pattern Scenario
8.13
Troubleshooting
8.13.1
Ensure Default Entities are Set Up
8.13.2
Ensure properties settings are correct
Part II Knowledge-Base Authentication
9
KBA Challenge Questions
9.1
Using KBA Challenge Questions
9.1.1
Creating a New Question
9.1.2
Editing a Question
9.1.3
Viewing a List of All Questions
9.1.4
Viewing Categories of Questions
9.1.5
Importing Validations
9.1.6
Importing Questions
9.1.7
Exporting Questions
9.1.8
Exporting a Delete Script
9.2
Answer Logic
9.2.1
Type of Answer Logic
9.2.2
Examples of Answer Logic Algorithms
9.2.2.1
Abbreviations
9.2.2.2
Phonetics
9.2.2.3
Keyboard Fat Fingering
9.3
KBA Validation Editor
9.3.1
Adding a New Validation
9.3.2
Editing Existing Validation
9.3.3
Importing Validations
9.3.4
Exporting Validations
9.3.5
Deleting Validations
9.4
Configuring the Registration Logic
9.5
Configuring the Answer Logic
9.5.1
Adjusting the Level of Answer Logic
9.5.2
Answer Logic Hints
9.6
KBA Security Solution Guidelines and Recommended Requirements
9.6.1
Questions Guidelines
9.6.2
Answer Guidelines
9.6.3
Business/Security Recommended Requirements
9.7
Questions about Collection and Challenge
9.8
Best Practices for Managing Challenge Questions
Part III Cases
10
Cases
10.1
Managing Cases
10.1.1
Searching Cases
10.1.2
Bulk Editing
10.1.3
Closing Multiple Cases
10.2
CSR Cases
10.2.1
Creating a New CSR Case
10.2.2
Actions
10.2.2.1
Changing a Case's Status
10.2.2.2
Adding a Note to a Case
10.2.2.3
Changing the Severity Level of a Case
10.2.2.4
Resetting a Customer's Personal Information (KBA)
10.2.2.5
Enabling a Temporary Allowance
10.2.2.6
Unregistering a Device
10.2.3
Case Activity Log
10.2.4
Customer's Logins
10.2.5
Case Details
10.2.5.1
CSR Case Details
10.2.5.2
Viewing Details about Logins and Actions
10.2.6
User ID Details
10.3
Agent Cases
10.3.1
Creating a New Agent Case
10.3.2
Agent Case Details
10.3.3
Link Sessions
10.3.4
Linked/Related
10.3.4.1
Linked Sessions
10.3.4.2
Related Data Types
10.3.4.3
Related Sessions
10.3.4.4
Related Cases
10.3.5
Log
10.3.6
Actions
10.3.6.1
Adding a Note to a Case
10.3.6.2
Changing the Severity Level of a Case
10.3.6.3
Changing the Status of a Case
Part IV Dashboard and Reporting
11
Using the Dashboard
11.1
Introduction
11.1.1
What is a Dashboard
11.1.2
Dashboard for Adaptive Risk Manager Online and Offline Applications
11.1.3
Common Terms and Definitions
11.2
Using the Dashboard in Adaptive Risk Manager Online
11.2.1
Performance
11.2.2
Summary
11.2.2.1
Data
11.2.2.2
Refresh
11.2.2.3
Range
11.2.3
Dashboards
11.3
Using the Dashboard in Adaptive Risk Manager Offline
12
Reporting
12.1
Queries in Adaptive Risk Manager
12.1.1
Running Queries in Adaptive Risk Manager
12.1.2
Login Session Details
12.1.3
Transaction Details
12.1.4
User Details
12.1.5
Device ID Details
12.1.6
Location Group Details
12.1.7
IP Address Details
12.1.8
Statistics about Adaptive Strong Authenticator Questions
12.2
Oracle Identity Management Business Intelligence Publisher Reports
12.2.1
Configuring a Report
12.2.2
Creating Reports
12.2.3
Viewing a Report
12.2.4
Scheduling a Report
12.3
Example Report Scenarios
12.3.1
Example General Nightly Report
12.3.1.1
User/Recent Logins
12.3.1.2
Device details
12.3.1.3
Device/Multiple Failures
12.3.1.4
User/Recent Logins
12.3.1.5
Location details
12.3.1.6
Location/Users by Location
12.3.2
Additional Sample Analyses
12.3.2.1
Here are some example values that could be used.
12.3.2.2
Device/ Users by Device
12.4
Best Practices for Creating Reports
Part V Using Adaptive Risk Manager Offline
13
Using Adaptive Risk Manager Offline
13.1
Concepts
13.2
Creating a New Database Configuration to Access Offline Data
13.2.1
Steps to Create the DB Configuration
13.2.2
Setting Properties to Load Data from an Adaptive Risk Manager Online Database
13.2.3
Setting Properties to Map the Table Name
13.2.4
Setting Properties to Map Fields
13.2.5
Setting Properties to Load Data Without Running Rules
13.2.6
Configuring Worker/Writer Threads
13.2.7
Setting Throttle Size
13.3
Data Loaders
13.3.1
Quality of Input Data
13.3.2
Configuring Device Data
13.3.3
Setting Properties to Load Data from a Custom Database
13.4
Creating a New Run Configuration
13.5
Creating Session Sets
13.5.1
Creating an Auto Increments Session Set
13.5.2
Creating a Date Range Session Set
13.6
Enabling Adaptive Risk Manager Functionality
13.6.1
Auto-learning
13.6.2
Rule Logging
13.6.3
Configurable Actions
13.7
Loading and Running Data for Offline Evaluation
13.7.1
Loading Data
13.7.2
Running Data
13.7.3
Re-loading and Re-running the Same Data
13.7.4
Re-running the Same Session Set
13.8
Controlling Adaptive Risk Manager Offline
13.8.1
Stop
13.8.2
Pause
13.9
Monitoring Adaptive Risk Manager Offline
13.9.1
Using Dashboard to Monitor the Loader Process
13.9.2
Oracle Adaptive Access Manager Server Logs
13.9.3
More Logs
13.9.4
Database Tuning
13.10
Examining Reports for Verification
13.11
Creating New Models and Rules
13.12
Viewing Configurations, Loads, Runs, and Tasks
13.12.1
Viewing a List of Database Configurations
13.12.2
Viewing a List of Session Sets
13.12.3
Viewing a List of Loads
13.12.4
Viewing a List of Scheduled Tasks
13.12.5
Viewing a List of Runs
13.13
Troubleshooting
13.13.1
During Load: An Out of Memory Error Occurs When Loading Data From a Microsoft SQL Server
13.13.2
During Load: No Records are Loaded and the Status is Complete
13.13.3
During Load: No Records are Loaded and the Status is Error
Part VI Troubleshooting
14
Troubleshooting
14.1
Adaptive Risk Manager
14.1.1
Oracle Adaptive Access Manager is Slow to Respond
14.1.2
SOAP Service Calls Throws Exceptions
14.1.3
Adaptive Risk Manager Online Is Not Accessible
14.1.4
Rule Execution Logs Do Not Appear in Session Details
14.1.5
Unable to Login Into Adaptive Risk Manager
14.1.6
Adaptive Risk Manager Online Is Accessible But Queries Return Database Errors
14.1.7
Adaptive Risk Manager Online Application Throws Timeout Errors
14.1.8
Unable To See All The Menus In Adaptive Risk Manager Online
14.1.9
Rule Conditions Import Causes weblogic.jdbc.wrapper.Clob_oracle_sql_CLOB Exception
14.1.10
Import Fails in Adaptive Risk Manager Deployed in WebLogic
14.1.11
Unable To Reset All User Information From Adaptive Risk Manager Online Customer Care
14.1.12
Adaptive Risk Manager Offline Application Server Fails with OutOfMemory Error During Data Load
14.1.13
Encounter Errors While Trying To Connect To Oracle Database
14.2
Adaptive Strong Authenticator
14.2.1
Server, URL, and Port Problems
14.2.2
Adaptive Strong Authenticator Key Pad Troubleshooting
14.2.3
Change Password Feature Does Not Work
14.2.4
Authorization Failure for SOAP Request by Adaptive Strong Authenticator
Part VII Appendices
A
Conditions Reference
A.1
Descriptions
A.1.1
DEVICE Conditions
A.1.1.1
DEVICE: Browser header substring
A.1.1.2
DEVICE: Device firsttime for user
A.1.1.3
DEVICE: In Group
A.1.1.4
DEVICE: Excessive Use
A.1.1.5
DEVICE: Is registered
A.1.1.6
DEVICE: User count
A.1.1.7
DEVICE: Timed not status
A.1.1.8
DEVICE: Used count for User
A.1.1.9
DEVICE: Velocity from last login
A.1.2
Auto-learning Conditions
A.1.2.1
ENTITY: Entity is member of pattern bucket for firsttime in certain time period
A.1.2.2
ENTITY: Entity is member of pattern less than some percent times in given time period.
A.1.2.3
ENTITY: Entity is member of pattern bucket less than some percent with all entities in picture
A.1.2.4
ENTITY: Entity is member of pattern N times
A.1.2.5
ENTITY Entity is member of bucket N times in a given time period
A.1.3
Location Conditions
A.1.3.1
LOCATION: ASN in group
A.1.3.2
LOCATION: IP in Range group
A.1.4
Transactions Conditions
A.1.4.1
TRANSACTION: Check Current Transaction Using Filter Condition
A.1.4.2
TRANSACTION: Check Transaction Count Using Filter Condition
A.1.4.3
TRANSACTION: Check Transaction Aggregrate And Count Using Filter
A.1.4.4
TRANSACTION: Check Count of any entity or element of a Transaction using filter conditions
A.1.4.5
TRANSACTION: Check if consecutive Transactions in given duration satisfy the filter conditions
A.1.4.6
TRANSACTION: Compare Transaction Aggregrates (Sum/Avg/Min/Max) across two different durations
A.1.4.7
TRANSACTION: Compare Transaction counts across two different durations
A.1.4.8
TRANSACTION: Compare Transaction Entity/Element counts across two different durations
A.2
Mapping for configuring 10.1.4.3 rules using 10.1.4.5.2 rule conditions
A.2.1
DEVICE: Transaction Entity Count within specified duration
A.2.2
LOCATION: Transaction Entity Count within specified duration
A.2.3
USER: Transaction Status Count within specified duration
A.2.4
USER: Transaction Total Amount within specified duration
A.2.5
USER: Transaction Data Count within specified duration
A.2.6
USER: Transaction amount more than specified on entity subtype between the time specified
A.2.7
USER: Transaction Count within specified duration
A.2.8
USER: Transaction Entity Profile Data Count in Seconds
A.2.9
USER: Transaction Profile Data Check Number Value
A.2.10
USER: Transaction Entity Id and Entity-Profile-Data in list
A.2.11
USER: Transaction Entity Count and Total Amount within specified duration
A.2.12
USER: Transaction Profile Data check
A.2.13
USER: Check Transaction Data Count within duration
A.2.14
USER: Transaction Profile Data Compare Values
A.2.15
USER: Transaction Data Count within specified duration with same data
A.2.16
USER: Transaction Entity Count and Total Amount within specified duration with specific profile data
A.2.17
USER: Transaction Entity and Entity-Profile-Data in lists
A.2.18
USER: Transaction Entity Profile Different Data Count in Seconds
A.2.19
USER: Transaction Entity Type Count within specified duration
A.2.20
USER: Transaction Status Count within specified duration in sequence
A.2.21
USER: Transaction Profile Data In List
A.2.22
USER: Transaction Entity Count Comparison within specified duration
A.2.23
USER: Transaction Count on an entity series within specified duration
A.2.24
USER: All Transaction Data Match Count Sum Of Amount And Time
A.2.25
USER: All Transaction Entry Data Match Count Sum Of Amount And Time
A.2.26
USER: All Transaction Entry Data Match Count Sum Of Amount And Time
A.2.27
USER: Transaction Data Match And Amount Exceeds
A.2.28
USER: Transaction Data Match And Amount Exceeds 2
A.2.29
USER: Transaction Entity Profile Data older than specified time
A.2.30
USER: Transaction Entity Profile Specified Data And Amount
A.2.31
Session: Transaction type in time and value more than
A.3
Mapping for configuring 10.1.4.5 rules using 10.1.4.5.2 rule conditions
A.3.1
TRANSACTION: Check Transaction Count for Current Entity
A.3.2
TRANSACTION: Is the entity date element between specified dates
A.3.3
TRANSACTION: Is the entity element in specified duration
A.3.4
TRANSACTION: Is the given entity element is in the given list
A.3.5
TRANSACTION: Is the entity numeric element is in the given numeric range
A.3.6
TRANSACTION: Is the given transaction data element is in the given list
A.3.7
TRANSACTION: Is the transaction date element between specified dates
A.3.8
TRANSACTION: Is the transaction date element in specified duration
A.3.9
TRANSACTION: Is the transaction numeric data in the given numeric range
A.3.10
TRANSACTION: Check Transaction Count with specified count based on All of Current Entity Data Match
A.3.11
TRANSACTION: Check Transaction Count based on Current Entity Element Match with the specified count
A.3.12
TRANSACTION: Check Transaction Count with Specified Count based on Current Transaction Data Element Match
A.3.13
TRANSACTION: Check Transaction Count with Specified Count based on All of Current Transaction Data Match
A.3.14
TRANSACTION: Check Transaction Count based on Entity Element Match In List values with the specified count
A.3.15
TRANSACTION: Check Transaction Count based on Entity Element Match with the specified count
A.3.16
TRANSACTION: Check Transaction Count with Specified Count based on Transaction Data Element Match In List values
A.3.17
TRANSACTION: Check Transaction Count with Specified Count based on Transaction Data Element Match
A.3.18
TRANSACTION: Check Transaction Count From Current Transactions' IPAddress with Specified Count
A.3.19
TRANSACTION: Check Transaction Count From IPAddress with Specified Count
A.3.20
TRANSACTION: Check Transaction Count with the specified count value
A.3.21
TRANSACTION: Check Transaction Data Numeric Element Aggregrate with the Specified Value
A.3.22
TRANSACTION: Check Transaction Entity Numeric Element Aggregrate with the specified value
A.3.23
TRANSACTION: Check Unique Transaction Entity Count with the specified count
B
Oracle Adaptive Access Manager Reports
C
Universal Installation Option Actions
D
Account Statuses
E
Authentication Statuses
Glossary
Index