1 Introduction

This chapter introduces basic Oracle Fusion Middleware integration concepts. It contains these topics:

1.1 About Oracle Identity Management

Oracle Identity Management provides customers with a path to meet compliance efficiently, secure critical applications and sensitive data, and lower operational costs. Using the most complete and best-in-class suite of IdM solutions, enterprises can manage the end-to-end lifecycle of user identities across all enterprise resources both within and beyond the firewall.

Through its foundation for service-oriented security, Oracle Identity Management 11g delivers enhanced security by automating provisioning of user accounts, dramatically reducing help desk calls, streamlining compliance audit and reporting, consolidating identity silos, enabling rapid integration with enterprise applications, and more.

Successful integration with identity management technologies is key to the secure operation of today's enterprise applications. This document will enable you to assess the tools and techniques that Oracle IdM provides to enable you to run secure enterprise operations.

1.2 Objectives of Integration

Components of Oracle Identity Management typically integrate with the existing infrastructure and applications in the enterprise. Some examples:

  • A directory service may provide a centralized user store for existing applications that are LDAP-enabled.

  • An access management solution may provide single sign-on and web authorization for existing Web applications in concert with the application servers deployed in the enterprise.

  • A provisioning solution may streamline the onboarding procedure by orchestrating the various entities and accounts that need to be created across multiple systems when a new employee is hired.

  • A role management solution may provide the necessary scoping to enforce audit rules.

Designed to help you respond and adapt to the needs of your enterprise, Oracle Identity Management presents a highly heterogeneous solution that gives you many different options to enhance security in your existing environment. Understanding the business requirements and implementing the right level of integration is the key to a successful identity management deployment.

Based on functional areas, this document provides a high-level guide to the types of integration available in each Oracle Identity Management product.

Its objective is to enable you to easily identify the capabilities and integrations available for your current enterprise deployment and to plan its future road map.

1.3 Types of Integration

This section explains the different types of possible IdM integrations:

1.3.1 Integration Among Oracle Identity Management Components

Many Oracle Identity Management components can integrate and interoperate with each other. For example, Oracle Access Manager can provide single sign-on for products such as Oracle Identity Manager and Oracle Identity Analytics.

This book covers the range of Oracle Identity Management component integrations.

1.3.2 Integration for other Oracle products

Oracle products cover a large spectrum of the technology stack, with products in all of these areas:

  • operating systems

  • virtual machines

  • databases

  • middleware

  • applications

Oracle Identity Management is well equipped to handle many of the security requirements in each of these areas. Depending on your requirements, Oracle Identity Management can integrate with many products from the rest of the Oracle technology stack to provide additional security and identity management-related features to these products.

For example, Oracle Identity Manager provides user account management and provisioning support for Oracle E-Business Suite and Oracle PeopleSoft. This book will also cover those integration scenarios.

1.3.3 Integration for Third-Party products

For customers with non-Oracle products in their enterprise deployment, Oracle Identity Management can also integrate with many third-party products to strengthen and satisfy your business requirements.

For example, many of our LDAP-enabled products can be readily integrated with Microsoft Active Directory. You can use Oracle Access Manager, for example, to support Windows Native Authentication for web applications by integrating with a Microsoft Windows domain.

Where relevant, this book covers security integration scenarios between Oracle Identity Management and third-party products.

1.4 Key Integration Scenarios

Table 1-1 lists some key areas of integration in the identity management suite, and the components/products involved in each area.

Table 1-1 Key Integration Scenarios

Objective Description Components

Web Access Management

Centralized access management, single sign-on, fine-grained authentication and entitlement control.

Oracle Access Manager

Oracle Identity Manager

Oracle Adaptive Access Manager

Oracle Entitlements Server

Federation

Authentication and single sign-on across security domains.

Oracle Identity Federation

Oracle HTTP Server

Oracle Access Manager

Oracle Internet Directory

Oracle Directory Server Enterprise Edition

Third-party Directories

Enterprise Single Sign-On

Enable single sign-on in a distributed enterprise and through a variety of sign-on interfaces.

Oracle Access Manager

Oracle Enterprise Single Sign-On

Oracle Identity Manager

Oracle Waveset

IBM Tivoli Identity Manager

Risk Management

Protect your exposed Web applications, services, and end-users from online threats and insider fraud.

Oracle Adaptive Access Manager

User, Account, and Entitlement Provisioning

Provision users, accounts, and entitlements for your enterprise applications.

Oracle Identity Manager

Password Management

Options for integrating password management solutions into the enterprise.

Oracle Access Manager

Oracle Adaptive Access Manager

Oracle Identity Manager

Identity Governance

Intelligent controls to enable sustainable risk and compliance management.

Oracle E-Business Suite Oracle Application Access Controls Governor SAP GRC

Database Security

Advanced database security features and integration of IdM with Oracle and third-party directory environments.

Oracle Internet Directory

Oracle Virtual Directory

Oracle Directory Server Enterprise Edition

Microsoft Active Directory

Fine-Grained Access Control

Fine-grained entitlement management solution to secure critical applications.

Oracle Entitlements Server


1.5 How to Use this Book

Use this book to understand the major integration options available to meet your site's requirements. Use the references provided with each topic to learn more about each option, including specific prerequisites, installation, and post-install configuration.

The book contains a comprehensive cross-product index that you can use to quickly locate a topic of interest. Each integration topic is indexed twice, once for each component/product in the integration. For example, the Oracle Identity Manager connector for Microsoft Exchange is indexed under both Microsoft Exchange and Oracle Identity Manager. This allows you to see what types of integration are available for any particular Oracle Identity Management component. It also allows you to see all the relevant integration options Oracle Identity Management supports for a particular Oracle product or third-party product from the reverse angle, that is, from the latter perspective.