Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Oracle SaaS and PaaS with Oracle Identity Cloud Service

Published byAmberlynn Reynolds Modified over 7 years ago

Similar presentations

Presentation on theme: "Secure Oracle SaaS and PaaS with Oracle Identity Cloud Service"— Presentation transcript:

1 Secure Oracle SaaS and PaaS with Oracle Identity Cloud Service
This is a Branded Title Slide with Event Look and Feel slide ideal for including a brief title, subtitle and presenter information. Do not customize this slide with your own picture. To reuse this branded background in another presentation on PC Locate and open the presentation where you will be placing this artwork. Click New Slide from the Home tab's Slides group and select Reuse Slides. Click Browse in the Reuse Slides panel and select Browse Files. Double-click the PowerPoint presentation that contains the background you wish to copy. Check Keep Source Formatting and click the slide that contains the background you want. Click the left-hand slide preview to which you wish to apply the new master layout. Apply New Layout (Important): Right-click any selected slide, point to Layout, and click the slide containing the desired layout from the layout gallery. Delete any unwanted slides or duplicates. To reuse this branded background in another presentation on Mac Locate and open the presentation where you will be placing this artwork. Click New Slide from the Home tab's Slides group and select Insert Slides from Other Presentation… Navigate to the PowerPoint presentation file that contains the background you wish to copy. Double-click or press Insert. This prompts the Slide Finder dialogue box. Make sure Keep design of original slides is unchecked and click the slide(s) that contains the background you want. Hold Shift key to select multiple slides. Apply New Layout (Important): Click Layout from the Home tab's Slides group, and click the slide containing the desired layout from the layout gallery. Anand Murugesan Principal Product Manager Cloud Identity and Access Sep 22, 2016 Confidential – Oracle Internal/Restricted/Highly Restricted

2 This is a Safe Harbor Front slide, one of two Safe Harbor Statement slides included in this template. One of the Safe Harbor slides must be used if your presentation covers material affected by Oracle’s Revenue Recognition Policy To learn more about this policy, For internal communication, Safe Harbor Statements are not required. However, there is an applicable disclaimer (Exhibit E) that should be used, found in the Oracle Revenue Recognition Policy for Future Product Communications. Copy and paste this link into a web browser, to find out more information.   For all external communications such as press release, roadmaps, PowerPoint presentations, Safe Harbor Statements are required. You can refer to the link mentioned above to find out additional information/disclaimers required depending on your audience. Confidential – Oracle Internal/Restricted/Highly Restricted

3 Program Agenda Introduction to IDCS Use Cases Premium Services 1 2 3 4
5 Confidential – Oracle Internal/Restricted/Highly Restricted

4 User Cases This is a Custom Section Header slide ideal for including a a brief title and optional subtitle. This slide can also be used as a Q and A slide. Do not customize this slide with your own picture. Subtitle Note: The speaker notes for this slide include information on how to use this Section Header slide. Tip! Remember to remove this text box. Confidential – Oracle Internal/Restricted/Highly Restricted

5 Identity Cloud Service
Next Generation Cloud IDM for Oracle, Partner, Customer Apps HOW? WHAT? WHO? OpenID Connect Authentication Service Who ? SAML / What ? OAuth 2.0 Authorization Service How ? SCIM User Mgmt. RBAC, Provisioning Service Authentication Provisioning Authorization Confidential – Oracle Internal/Restricted/Highly Restricted

6 Oracle Identity Cloud Services
Seamless User Experience Across Oracle, Partner and Customer applications HCM HCM Services HCM User Mgmt. Service (SCIM) Apps RBAC Service Federation Service (SAML) PaaS services Java/DB/BI/Docs Extend Oracle Saas applications, your applications and partner applications with PaaS services such as Java, Data Base, Mobile and BI Provided a seamless user experience to your customers SCIM based user management service to plugability of applications into user provisioning process RBAC Service to control access to applications SAML Service for seamless user experience across Oracle, customer and partner applications OAuth service for integrating and mobile enabling Oracle, customer and partner applications. Access Service for login controls and advance authentication needs Identity Event Service for integrating applications with Identity Life Cycle for business processes Cloud Directory Service is standards based and can scale to cloud demands Partner Apps OAuth Service Identity Service Platform HCM Apps HCM Access Service HCM Apps Identity Event Service HCM/CRM/Taleo/ CPQ etc. Cloud Directory Service Customer Apps

7 IDCS Simplicity Onboarding, configuration, access and reporting 1 2 3
4 5 6 ID Bridge CRM/CQP/Mobile Purchase Services Pick Service Associations Bring your users from on-premise Manage Application Access User Access Dashboard & Reports Confidential – Oracle Internal/Restricted/Highly Restricted

8 Oracle Identity Cloud Services
Fusion DB Mobile Java Pre-configured Integrations Enterprise ID store Connectivity Group to SaaS Account mapping Automated Provisioning & De-provisioning User Self Service and Management Automated Password Reset

9 Oracle Identity Cloud Services
Access Fusion Taleo Fix the format Mobile RightNow Single Sign-On to Oracle Applications Enterprise Identity Provider Integration Advanced Login Controls

10 Oracle Identity Cloud Services
Administration & Self Service User Portal Admin Dashboards Monitoring & Activity Reports Password Policy Configuration & Customization REST API’s for Programmatic Control

11 Microservices Architecture
Elastic Scalability and Zero Downtime Patching

12 SCIM for Identity Management
Identity Integration Hub Oracle Public Cloud IETF Standard for User/Role REST API Identity Bridge for automated sync from on-premise Active Directory Automation Options for Directories beyond AD Bulk Import Bulk API SCIM API LDAP Bridge FA SCIM JCS SCIM Right Now SCIM DCS SCIM Taleo SCIM Identity Provider On-premise, 3rd party PCS SCIM SCIM Authenticate IdP SP SAML2 SCIM Service SAML Service Identities Synchronize Identity Store Identity Bridge SCIM SCIM

13 OAuth2 for Service Authorization
Modern Token-based Security for Web Services Oracle Public Cloud Mobile & Desktop Apps FA JCS Right Now Browser Apps DCS Taleo PCS Web Server & Infrastructure Apps OAuth2 Service Identity Store End Users Applications

14 OAUTH2 for Service-to-Service Authorization
Scalable Token-based Trust Model based on Service ID and/or User ID JCS JCS DCS FA DCS FA OAUTH Right Now Right Now PCS PCS Taleo Taleo Centralized Trust Model N client connections Peer-to-Peer Trust Model N2 client connections

15 Bring your Application to the Cloud (BYOA)
Integrate applications in minutes Your apps and other cloud services Open-standards integration OAuth + OpenID Connect + SCIM + SAML Leverage native integration with OPC Synergy, segregation of concerts, cost saving Focus on core business And leverage IDaaS provided by Oracle Atul >> We will be highlighting in this session how you can build your own application in Oracle Public Cloud, secure it and integrate with other cloud services in minutes. How your applications can leverage IDCS’s Open-standards integration protocols that works independent of hosting, development platform, or language. How you can leverage oracle for doing end to end management of your service from development to hosting and how you can take advantage of Oracle’s build in security engine. And by off-loading security to Oracle IDCS, you can focus on your core business and focus on delivering the best value for your application. Now let me hand over to my friend Frederico who will guide us with the lab scenario and execution instructions. Confidential – Oracle Internal/Restricted/Highly Restricted

16 OAuth Flow Abstract flow 2-Legged 3-Legged Consent Support
Federated SSO Support SIM OAuth Relay obsoleted Authorization Request Client Resource Owner Authorization Grant Authorization Grant Authorization Server Authorization Code Grant Web Applications Implicit Grant Brower JavaScript Clients Client Credential Grant / Trusted Client Flow OPC applications Mobile Applications Access Token ( & Refresh Token) Access Token Resource Server Protected Resource

17 Data Model Users, Groups, Apps, App Roles Group Apps Apps User

18 Groups and Roles Infrastructure
A cross Section Application Security Repository User/Role Repository User (Business Role) Groups Application Role IT Role Privilege Duty Role Entitlements <App Roles> On Premise IDCS Apps AD / LDAP User/Groups/Roles

19 Identity Containers – Simple Case
Customers Name Space Compartments are interoperable : Is backed by Identity Container Has Service association capabilities enabled Production S4-FA Customer Account Notion of consistent identity across services S3- docs2 Service Type “DOCS” S1- docs1 S2 MCS Service Instance Environment / Compartment / Circle of Trust Namespace

20 Identity Containers for Environment Types
Customers Partitioned Name Space Test Production Stage S4-FA S4-FA S4-FA S3- docs2 S2 MCS S1- docs1 S2 MCS S2 MCS S2 MCS Service Instance Environment / Compartment / Circle of Trust Namespace

21 Global Identity Service
Customers Partitioned Name Space Across the Globe Production Stage Test S4-FA S4-FA S4-FA Amsterdam S3- docs2 S2 MCS S1- docs1 Ashburn S2 MCS S2 MCS S2 MCS Chicago Service Instance Environment / Compartment / Circle of Trust Namespace Data Center / Availability Domain / Regions

22 User Cases This is a Custom Section Header slide ideal for including a a brief title and optional subtitle. This slide can also be used as a Q and A slide. Do not customize this slide with your own picture. Subtitle Note: The speaker notes for this slide include information on how to use this Section Header slide. Tip! Remember to remove this text box. Confidential – Oracle Internal/Restricted/Highly Restricted

23 User Cases Hybrid Management of Identities: On-Premise & Cloud Apps
Seamless Access to OPC Properties: PAAS & SAAS Bring your own Apps Management of External Identities SaaS-PaaS Extensions SaaS-to-SaaS Integration Partner Integration Oracle Confidential – Internal/Restricted/Highly Restricted

24 Hybrid Management of Identities
One set of credentials User/Password Mgmt. Integration with On-premise ID store Reports Manage access to On-Premise & Cloud Apps Customers/ Partners HCM ID Bridge IDCS HCM HCM HCM Apps Apps Active Directory Partner Apps On Premise Apps HCM HCM HCM HCM Apps Apps Passwords Customer Apps Cloud On-premise Employees Oracle Confidential – Internal/Restricted/Highly Restricted

25 Hybrid Management of Identities (Contd..)
One set of credentials User/Password Mgmt. Integration with On-premise ID store Reports Manage access to On-Premise & Cloud Apps Customers/ Partners HCM ID Bridge IDCS HCM HCM HCM Apps Apps Oracle IAM Partner Apps On Premise Apps HCM HCM HCM HCM Apps Apps Passwords Customer Apps Cloud On-premise Employees Oracle Confidential – Internal/Restricted/Highly Restricted

26 Seamless access to OPC Properties
One set of credentials User/Password Mgmt. Integration with On-premise ID store Reports Manage access to OPC PAAS/SAAS Apps Customers/ Partners ID Bridge IDCS HCM HCM Services HCM Apps PaaS services Java/DB/BI/Docs ID Store- AD / Oracle IDM Partner Apps HCM Apps HCM HCM Passwords Apps SAAS Services HCM/CRM/Taleo/ CPQ etc. Customer Apps Cloud On-premise Employees Oracle Confidential – Internal/Restricted/Highly Restricted

27 Bring Your own Apps Secure & Manage Identities for Cloud-first Apps
IDCS Services Cloud Directory Web, Desktop or Mobile Apps Identities Your App Your App Your App Your App Oracle IDCS Passwords Oracle Confidential – Internal/Restricted/Highly Restricted

28 Manage External Identities
Authentication Service User/Password Mgmt. Self-Service Bulk On-boarding Multi-channel Reports Customer Access HCM HCM Employee Identities on premise Apps IDCS Services Cloud Directory Customer Identities On-Prem IDM Customer Portal Directory Oracle IDCS Employee Apps HCM HCM Apps Passwords Passwords Cloud Employee Access Oracle Confidential – Internal/Restricted/Highly Restricted

29 Bespoke Application - JCS
SaaS-PaaS Extension HCM customer wants to extend their HCM application to allow scoring of objectives by managers. They are building this custom application in Java Cloud Service. Customer Access IDCS Services Cloud Directory Sales Cloud Customer Identities Oracle IDCS Bespoke Application - JCS Passwords

30 SaaS-to-SaaS Integration
We have embedded the CPQ Configure Quote functionality directly into Sales Cloud. With SSO, your sales team can now seamlessly move from managing their sales opportunities to configuring quotes for their customers right in the same UI. Customer Access IDCS Services Cloud Directory Sales Cloud Customer Identities Oracle IDCS CPQ Passwords

31 SaaS-to-SaaS Integration
Marketers want to create precise and granular market segments. SSO allows your marketing users to seamlessly incorporate their BlueKai data directly into their campaigns right on their Eloqua or Responsys campaign-builder canvas to achieve the desired level of precision. Customer Access IDCS Services Cloud Directory BlueKai Customer Identities Oracle IDCS Responsys Passwords Eloqua

32 Partner Integration Employees who login for compensation needs can check their eligibility for Insurance from 3rd party insurance provider using corporate credentials. Customer Access IDCS Services Cloud Directory HCM Customer Identities Oracle IDCS Passwords Insurance Provider

33 Premium Services Provisioning 3rd party SSO Risk CASB MFA

34 This is a Safe Harbor Front slide, one of two Safe Harbor Statement slides included in this template. One of the Safe Harbor slides must be used if your presentation covers material affected by Oracle’s Revenue Recognition Policy To learn more about this policy, For internal communication, Safe Harbor Statements are not required. However, there is an applicable disclaimer (Exhibit E) that should be used, found in the Oracle Revenue Recognition Policy for Future Product Communications. Copy and paste this link into a web browser, to find out more information.   For all external communications such as press release, roadmaps, PowerPoint presentations, Safe Harbor Statements are required. You can refer to the link mentioned above to find out additional information/disclaimers required depending on your audience. Confidential – Oracle Internal/Restricted/Highly Restricted

35 Confidential – Oracle Internal/Restricted/Highly Restricted

36

Download ppt "Secure Oracle SaaS and PaaS with Oracle Identity Cloud Service"

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
Confidential FullArmor Corp. 2015 Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.

Confidential FullArmor Corp Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.
Architecting a Complete Solution for the Cloud Economy Delivering Standards-Based Access Control Marc Chanliau Oracle Identity Management Bernard Diwakar.

Architecting a Complete Solution for the Cloud Economy Delivering Standards-Based Access Control Marc Chanliau Oracle Identity Management Bernard Diwakar.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Oracle Confidential – Internal/Restricted/Highly RestrictedCopyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle Identity Management.

Oracle Confidential – Internal/Restricted/Highly RestrictedCopyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle Identity Management.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows Infra @MaccaMSOz.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.
Identities and Azure AD Premium

Identities and Azure AD Premium
WSO2 Identity Server 4.0 Fall 2012. WSO2 Carbon Enterprise Middleware Platform 2.

WSO2 Identity Server 4.0 Fall WSO2 Carbon Enterprise Middleware Platform 2.
Secure Mobile Development with NetIQ Access Manager

Secure Mobile Development with NetIQ Access Manager
Productivity Architect Meet Chris Bortlik Author, Blogger, Speaker.

Productivity Architect Meet Chris Bortlik Author, Blogger, Speaker.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Oracle Java Cloud Service Oracle Develop July 2013.

Oracle Java Cloud Service Oracle Develop July 2013.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Enterprise Communications

Enterprise Communications

Similar presentations

Ads by Google