This glossary contains terms that are specific to administering Oracle Privileged Account Manager.
Oracle Application Development Framework. An end-to-end development framework, built on top of the Enterprise Java platform, that provides integrated infrastructure solutions for the various layers of an application and an easy way to develop on top of those layers.
Accounts that applications use, at runtime, to connect to other software systems. These accounts are also known as application-to-application authentication.
Administrative role with privileges to configure and manage Oracle Privileged Account Manager servers.
A security provider that manages and enforces authentication rules.
For more detailed information, refer to "Configuring Authentication Providers" in the Oracle Fusion Middleware Securing Oracle WebLogic Server.
An Oracle reporting product that can create and manage formatted reports from different data sources.
A default administrator (weblogic user) who is a member of the Administrators group. This user can create and assign users to Oracle Privileged Account Manager Admin Roles and can map users from the domain identity store to Oracle Privileged Account Manager Common Admin Roles.
Refer to CSF.
Credential Store Framework. An OPSS component that primarily provides secure storage for credentials.
Identity Connector FrameWork. A component that provides basic provisioning, reconciliation, and other functions required by all Oracle Identity Manager and Oracle Waveset connectors.
Refer to ICF.
Process in which the OPSS Trust Service Asserter examines and validates a token, and then asserts that the identity performing a RESTful call against the Oracle Privileged Account Manager server is the one contained in the token.
JavaScript Object Notation. A lightweight, human-readable data format that is taken from JavaScript and used to exchange information between a browser and a server.
Oracle Internet Directory Data Migration Tool. Converts LDIF files output from other directories or application-specific repositories into a format recognized by Oracle Internet Directory.
A target type that does not interact with Oracle Privileged Account Manager, but still provides a secure mechanism for storing the passwords associated with privileged accounts in a deployment.
Oracle Privileged Account Manager client
Component that resides with the Oracle Privileged Account Manager target to provide passwords to the system for unattended connections.
Oracle Privileged Account Manager target
Component that has its privileged passwords managed by Oracle Privileged Account Manager.
Oracle Platform Security Services. A standards-based, portable, integrated, enterprise-grade security framework for Java Standard Edition (Java SE) and Java Enterprise Edition (Java EE) applications.
Oracle Application Development Framework
Refer to ADF.
Oracle Internet Directory Data Migration Tool
Refer to ldifmigrator tool.
Oracle Platform Security Services
Refer to OPSS.
Captures the password construction requirements enforced by a specific target on an associated privileged account. Administrators use this policy to construct the password value that Oracle Privileged Account Manager uses to reset a password on a privileged account. Every privileged account managed by Oracle Privileged Account Manager has an associated Password Policy.
Accounts on a target that are deemed "privileged" in a deployment and are under Oracle Privileged Account Manager's purview. Accounts are usually privileged when
They are associated with elevated privileges
They are used by multiple end-users on a task-by-task basis
Their use must be controlled and audited
Oracle Repository Creation Utility. An application that you can use to create a schema and load a repository into the database.
Representational State Transfer
Refer to REST.
Representational State Transfer. Software architecture style for distributed hypermedia systems like the World Wide Web. Conforming to REST constraints is otherwise known as being RESTful.
Location from where applications consume the passwords that are required for run-time authentication against other software systems.
Security Assertion Markup Language. An XML-based open standard product provided by the OASIS Security Services Technical Committee that enables the exchange of authentication and authorization data between security domains.
Security Assertion Markup Language
Refer to SAML
An account that Oracle Privileged Account Manager uses when it connects to a target system and to perform all Oracle Privileged Account Manager-related operations (such as discovering accounts, resetting passwords, and so forth) on that target system, Service accounts require some special privileges and properties. Service accounts are sometimes referred to as unattended accounts.
A software system that contains, uses, and relies on accounts (user, system, or application).
Refer to service account.