11 Setting Up Custom Fingerprinting

Oracle Adaptive Access Manager captures information about the devices that a user utilizes when accessing protected applications. This information consists of many different datapoints gathered through a variety of means. The data collected is encoded into a unique fingerprint for the device.

This chapter describes the initial steps you must perform to set up custom device fingerprinting.

This chapter contains the following sections:

• About Out of the Box Fingerprint Types

• Setting Up Custom Fingerprinting

11.1 About Out of the Box Fingerprint Types

There are two out of box fingerprint types available:

• Flash

• Applet

For most typical deployments, default OAAM fingerprinting satisfies client requirements, but you may want to set OAAM to perform custom fingerprinting. For information on setting up custom fingerprinting, see the section following.

11.2 Setting Up Custom Fingerprinting

This chapter provides information on how to create fingerprint types so that Oracle Adaptive Access Manager can capture information about the devices that a user utilizes when accessing protected applications. Fingerprint types are contained in the oaam_custom.properties. If you want fingerprint types that are not provided out of the box, you must modify your oaam_custom.properties file to include these types at the time of deployment.

1. Extract the oracle.oaam.extensions.war file into the work folder.

   In the oaam_extensions folder, you should see the following subfolders:

2. Open the oaam_custom.properties file in the WEB-INF/classes/bharosa_properties directory.

3. Add the enumeration for the fingerprint you want to capture.

   Examples of the fingerprint type enum are as follows:

   vcrypt.fingerprint.type.enum=Enum for fingerprint type
   vcrypt.fingerprint.type.enum.browser=1
   vcrypt.fingerprint.type.enum.browser.name=Browser
   vcrypt.fingerprint.type.enum.browser.description=Browser
   vcrypt.fingerprint.type.enum.browser.userAgent=userAgent
   vcrypt.fingerprint.type.enum.browser.locallang=localLang
   vcrypt.fingerprint.type.enum.browser.localcountry=localCountry
   vcrypt.fingerprint.type.enum.browser.localvariant=localVariant
   vcrypt.fingerprint.type.enum.browser.header_list=
          locallang,localcountry,localvariant,userAgent
   vcrypt.fingerprint.type.enum.browser.search_list=locallang,userAgent
   vcrypt.fingerprint.type.enum.browser.result_list=locallang,userAgent
   vcrypt.fingerprint.type.enum.browser.header_value_nv=t,true,f,false,en,English,
     es,Spanish,de,German,it,Italian,ja,Japanese,fr,French,ko,Korean,
     zh,Chinese,ar,Arabic,cs,Czech,da,Danish,nl,Dutch,fi,Finnish,el,Greek,
     iw,Hebrew,hu,Hungarian,no,Norwegian,pl,Polish,pt,Portuguese,ro,Romanian,
     ru,Russian,sk,Slovak,sv,Swedish,th,Thai,tr,Turkish,BR,Brazil
    
   vcrypt.fingerprint.type.enum.flash=2
   vcrypt.fingerprint.type.enum.flash.name=Flash
   vcrypt.fingerprint.type.enum.flash.description=Flash
   vcrypt.fingerprint.type.enum.flash.processor=
     com.bharosa.uio.processor.device.FlashDeviceIdentificationProcessor
   vcrypt.fingerprint.type.enum.flash.header_list=
   avd,acc,a,ae,ev,ime,mp3,pr,sb,sp,sa,sv,tls,ve,deb,l,lfd,m,os,ar,pt,col,dp,r,v
   vcrypt.fingerprint.type.enum.flash.search_list=deb,l,os,v
   vcrypt.fingerprint.type.enum.flash.result_list=deb,l,os,v
   vcrypt.fingerprint.type.enum.flash.header_name_nv=
      avd,Audio/Video disabled by user,
      acc,Has accessibility,a,Has audio,ae,Had audio encoder,ev,Embedded video, 
      ime, Has input method editor (IME) installed,mp3, Has MP3,  
      pr, Supports printer, sb, Supports screen broadcast applications,
      sp, Supports playback on screen broadcast applications,  
      sa, Supports streaming audio, sv, Supports streaming video, 
      tls, Supports native SSL, ve, Contains video encoder, 
      deb, Debug version, l, Language, lfd, Is local file read disabled,
      m, Manufacturer, os, Operating System, ar, Aspect ratio of screen, 
      pt, Player type, col, Is screen color, 
      dp, Dots-per-inch (DPI), r, Screen resolution, v, Flash version
   
   #vcrypt.fingerprint.type.enum.flash.header_value_nv=t,true,f,false
   vcrypt.fingerprint.type.enum.flash.header_value_nv=
      t,true,f,false,en,English,es,Spanish,de,German,it,Italian,
      ja,Japanese,fr,French,ko,Korean,zh,Chinese,ar,Arabic,
      cs,Czech,da,Danish,nl,Dutch,fi,Finnish,el,Greek,
      iw,Hebrew,hu,Hungarian,no,Norwegian,pl,Polish,pt,Portuguese,ro,Romanian,
      ru,Russian,sk,Slovak,sv,Swedish,th,Thai,tr,Turkish,BR,Brazil
    
   vcrypt.fingerprint.type.enum.flash.avd=Audio/Video disabled by user
   vcrypt.fingerprint.type.enum.flash.acc=Has accessibility
   vcrypt.fingerprint.type.enum.flash.a=Has audio
   vcrypt.fingerprint.type.enum.flash.ae=Had audio encoder
   vcrypt.fingerprint.type.enum.flash.ev=Embedded video
   vcrypt.fingerprint.type.enum.flash.ime= Has input method editor (IME) installed
   vcrypt.fingerprint.type.enum.flash.mp3= Has MP3
   vcrypt.fingerprint.type.enum.flash.pr= Supports printer
   vcrypt.fingerprint.type.enum.flash.sb= Supports screen broadcast applications
   vcrypt.fingerprint.type.enum.flash.sp= 
       Supports playback on screen broadcast applications
   vcrypt.fingerprint.type.enum.flash.sa= Supports streaming audio
   vcrypt.fingerprint.type.enum.flash.sv= Supports streaming video
   vcrypt.fingerprint.type.enum.flash.tls= Supports native SSL
   vcrypt.fingerprint.type.enum.flash.ve= Contains video encoder
   vcrypt.fingerprint.type.enum.flash.deb= Debug version
   vcrypt.fingerprint.type.enum.flash.l= Language
   vcrypt.fingerprint.type.enum.flash.lfd= Is local file read disabled
   vcrypt.fingerprint.type.enum.flash.m= Manufacturer
   vcrypt.fingerprint.type.enum.flash.os= Operating System
   vcrypt.fingerprint.type.enum.flash.ar= Aspect ratio of screen
   vcrypt.fingerprint.type.enum.flash.pt= Player type
   vcrypt.fingerprint.type.enum.flash.col= Is screen color
   vcrypt.fingerprint.type.enum.flash.dp= Dots-per-inch (DPI)
   vcrypt.fingerprint.type.enum.flash.r= Screen resolution
   vcrypt.fingerprint.type.enum.flash.v= Flash version
    
   vcrypt.fingerprint.type.enum.monitordata=3
   vcrypt.fingerprint.type.enum.monitordata.name=MonitorData
   vcrypt.fingerprint.type.enum.monitordata.description=Monitor Data
    
   vcrypt.fingerprint.type.enum.applet=999
   vcrypt.fingerprint.type.enum.applet.name=Applet
   vcrypt.fingerprint.type.enum.applet.description=Applet
   vcrypt.fingerprint.type.enum.applet.processor=
       com.bharosa.uio.processor.device.AppletDeviceIdentificationProcessor
   vcrypt.fingerprint.type.enum.applet.header_list=
       java.version,java.vendor,os.name,os.arch,os.version
   vcrypt.fingerprint.type.enum.applet.header_name_nv=
       java.version,Java Version,
       java.vendor,Java Vendor Name,os.name,Operating System Name,
       os.arch,Operating System Architecture,
       os.version,Operating System Version
    
   vcrypt.fingerprint.type.enum.applet.header_value_nv=t,true,f,false
   vcrypt.fingerprint.type.enum.native_mobile=900
   vcrypt.fingerprint.type.enum.native_mobile.name=Native Mobile
   vcrypt.fingerprint.type.enum.native_mobile.description=
       Native Mobile implementation using OIC
   vcrypt.fingerprint.type.enum.native_mobile.processor=
     com.bharosa.uio.processor.device.NativeMobileDeviceIdentificationProcessor
   vcrypt.fingerprint.type.enum.native_mobile.header_list=
     os.type,os.version,hw.imei,hw.mac_addr
   vcrypt.fingerprint.type.enum.native_mobile.header_name_nv=
     os.type,Operating System Type,os.version,Operating System Version,
     hw.imei,Hardware IMEI Number,hw.mac_addr,Hardware Mac Address
   vcrypt.fingerprint.type.enum.native_mobile.header_value_nv=t,true,f,false
   

4. Set the property bharosa.uio.default.device.identification.scheme to the type of fingerprint you want to capture.

   For example, the vcrypt.fingerprint.type.enum elementId for digital device fingerprinting is:

   bharosa.uio.default.device.identification.scheme=flash