Components of the Oracle Identity Management Infrastructure - Part 4

Dear Readers,

My name is Franz Devantier, creator of this blog.  I am an Oracle Certified Professional (OCP DBA 11g) Security DBA.  I will be sharing with you the basic duties of an Oracle DBA, and also some of the undocumented, and not so well known tasks. 

Components of the Oracle Identity Management Infrastructure  -  Part 4

The Oracle Identity Management Infrastructure includes the following:

·         Oracle Internet directory:  This is a scalable Lightweight Directory Access Protocol (LDAP), which is a compliant directory service that was implemented since the Oracle 9i Database server.

·         Oracle Directory Integration and Provisioning:  This enables synchronization between Oracle Internet Directory and other directory services and user repositories.  This service provides automatic provisioning for Oracle components and applications.  Through standard interfaces, automatic provisioning is also provided for third-party applications

·         Oracle Delegated Administration Service:  This provides a trusted and proxy-based administration of directory information by users and application administrators

·         Oracle Application Server Single Sign-On:  This is single sign on for Oracle web applications.  This service is also provided for third party web applications

·         Oracle Application Server Certificate Authority:  This service generates and publishes X.509 version 3 Public Key Infrastructure (PKI) certificates.  These PKI certificates are used to support strong authentication methods, such as secure messaging.

Oracle Identity Management uses Secure Socket Layer (SSL), Oracle Application Server containers for J2EE, and Oracle HTTP Server.  Oracle Identity Management Infrastructure has a built in reliance on OracleAS (Oracle Application Server), Single Sign-On, and Oracle Internet Directory.

When the OracleAS Certificate Authority is in use, each valid certificate is published in a directory entry for each distinguished name.  The certificate authority removes revoked and expired certificates from the directory on a regular basis.  Users who have been authenticated by the single sign-on server, and lack a certificate, can be quickly provisioned with one from the OracleAS Certificate authority.  Users can authenticate to any Oracle component or application that is configured to authenticate users with the single sign-on server.  The Single sign-on and other services can rely on the certificates in the Oracle Internet Directory.

In an enterprise application configuration; typically a single instance of Oracle Identity Management infrastructure is all that is needed to be deployed.  Such a deployment may consist of multiple server and component instances.  This configuration will then provide High Availability, information centralization, and delegated component administration.  In fact Oracle Identity Management will provide all of the needs discussed. 

Franz Devantier,

Need a database health check, or a security audit?

devantierf@gmail.com

Income stabilizer (win-win opportunity)

Join the carefully selected and tested cash-flow generating program below to potentially create a long-term residual or annuity type income enhancer for yourself.

Traffic Wave - Free Report:  The report will give you all the information you need to start making a nice long-term residual income stream for yourself.