Securing an Oracle Identity Manager deployment is achieved through authorization and hardening. Authorization controls the access to various components. Hardening secures the components from potential security threats.
Table 34-1 lists the various topics that you can refer for information about securing an Oracle Identity Manager deployment:
Table 34-1 Securing a Deployment
| Topic | Topic Type | Information Covered |
|---|---|---|
|
Hardening |
Scheduled tasks and scheduled jobs. Ensure that only required scheduled tasks are enabled. |
|
|
Hardening |
System properties related to system behavior. Ensure that password policies and challenge questions and answers are defined. |
|
|
Hardening |
Specific permissions required to install connectors. |
|
|
Hardening |
Enabling Oracle Identity Manager to work over SSL. |
|
|
"Enabling SSL Between Identity Store Service and the Directory Server" in the Oracle Fusion Middleware Integration Guide for Oracle Identity Management Suite |
Hardening |
Instructions specific to Microsoft Active Directory, iPlanet Directory Server, and Oracle Internet Directory for Identity Store Service |
|
"Configuring LDAP Authentication When LDAP Synchronization is Enabled" in the Oracle Fusion Middleware Integration Guide for Oracle Identity Management Suite |
Hardening |
Enabling LDAP authentication. |
|
Hardening |
Steps to make the corresponding changes in Oracle Identity Manager and Oracle WebLogic configuration for any change in the integrated and dependent applications |
|
|
Hardening |
Steps to make the changes to the password in Oracle Identity Manger and Oracle WebLogic configuration for any change in the dependent or integrated products. |
|
|
Hardening |
Securing Oracle Identity Manager by configuring SSL. |
|
|
Hardening |
Password policy configuration. |
|
|
Hardening |
Remote Manager SSL configuration. |
|
|
"Configuring the Remote Manager by Using Your Own Certificate" |
Hardening |
Remote Manager configuration by using your own certificate instead of the default Oracle Identity Manager certificate. |
|
"Security Architecture" in the Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager |
Authorization |
Authorization and security model in Oracle Identity Manager |
|
"Check Permissions for Roles" in the Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager |
Authorization |
Permissions for role while importing and exporting roles. Check for any errors in setting data object permissions if data object is missing. |
See Also:
Oracle Fusion Middleware Installation Guide for Oracle Identity Management and Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management for information about Oracle Identity Management software integrations and related security aspects