• Web Based Authentication: Oracle Utilities Work and Asset Management provides a default method, using a traditional challenge and response mechanism, to authenticate users.

• Support for Oracle WebLogic security: Oracle WebLogic can integrate into several internal and external security stores to provide authentication services. Oracle Utilities Work and Asset Management can use those configurations, to liaise via Oracle WebLogic, to authenticate users for online and Web Services based security.

• Operating System Security: For non-online and non-web service-based channels, Oracle Utilities Work and Asset Management utilizes the operating system security (including any additional products used to enhance the base operating system security).

• Non-Cookie based security: After authentication the user's credentials form part of each transaction call to correctly identify the user to the internal authorization model to ensure the user is only performing permitted actions. This support is not browser cookie-based.

• Secure Transport Support: Transmission of data across the network can utilize the secure encryption methods supported for the infrastructure.

• Inter-component security: Calls within Oracle Utilities Work and Asset Management and across the tiers are subject to security controls to ensure only valid authenticated and authorized users using Java Authentication and Authorization Services (JAAS).

• Inbuilt Authorization Model: Once a user is authenticated then the internal authorization model is used to determine the functions and data the user has access to within Oracle Utilities Work and Asset Management.

• Native Web Services Security: Web Services available from Oracle Utilities Work and Asset Management are natively available from Oracle WebLogic. A wide range of security policies are available.

• Keystore Support: Keys for encryption can be externalized in JCEKS based keystore.

• Integration with other security products: Implementation of security varies from customer to customer, so Oracle Utilities Work and Asset Management allows integration of other security products to offer enhanced security implementations, either directly or indirectly.