Identity and Access Management, Identity Governance

OMSS  Oracle Mobile and Social Service What is Oracle OMSS? Oracle Mobile and Social Service also called Oracle M&S is the OAM 11gR2PS3 version.  Prior to version 11.1.2.3, Mobile and Social Services was named Mobile Services.   OMSS provides two things - Mobile Services and Social Identity services Mobile Services connects applications and devices to the enterprise Access Management and Identity Management services available in the Oracle Identity Access Management product suite. This makes it easy to utilize sophisticated authentication and authorization services functionality (such as mobile device and application registration, and device fingerprinting) to restrict access to authorized devices only. Client applications can also implement knowledge-based authentication, a powerful feature that goes beyond basic password-based authentication. Mobile Services can be configured to require a valid device and client credential and a User Token with each application token reques

Before you begin installation of Oracle IAM  - Oracle Access Manager, Oracle Identity Manager etc, always start with Certification matrix. Check the below certification matrix for your version Oracle IAM   Certification matrix for Oracle Identity and Access Management For 11.1.2.2        For 11.1.2.3 Oracle IAM has several components - OAM     -  Oracle Access Manager OIM       -  Oracle Identity Manager OAAM   -  Oracle Adaptive Access Manager OMSS    -  Oracle Mobile Security Suite OES        -  Oracle Entitlement Server OPAM    -   Oracle Privileged Account Manager Below are some good links to installation and configuration of Oracle IAM. Install and configure OAM 11.1.2.3 (Oracle docs) Quick installation guide for OAM 11.1.2.3 Installation of OAM 11.1.2.3  (provides all steps with screenshots) Installation of OIM 11.1.2.3

Pen Tests should be part of your SDLC. Not only does it help in finding bugs early on in the software development life cycle, it also helps in reducing cost of fixing bugs and vulns later in the software release cycle. Why Should You Make Penetration Testing a Part of the SDLC? (Original article from  https://www.stickman.com.au/why-penetration-testing-must-be-part-software-development-lifecycle/ ) Making penetration testing an integral part of your software development lifecycle ensures that the end product turns out to be safe and secure for your customers. What normally happens is that a product is first developed and then at the end, a security assessment is conducted to check for vulnerabilities. The issues are usually fixed with a patching software, but this turns out to be much more costly than addressing the real issue. If issues are fixed during the software development process, much of the costs can be reduced by avoiding multiple cycles of testing–patching–retesting

================================================================================ Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ================================================================================ ==========================

OAM Multi-Data Center configuration (and OIM Multi Data Cener configuration) MDC or Multi-Data Center configuration is supported in 11gR2 PS2 and PS3. It uses T2P tools and utilities to create OAM configurations in each Data Center, one being Master and other its clone. Policies need to be in synch between the two Data Centers. Chapter 7  Using Multi-Data Center in 11.1.2.2 Chapter 17.1 Introducing Multi-Data Center in 11.1.2.3 MDC is supported in 3 configurations Active - Active             Both Data Center are active and provide services to users Active - Hot Standby    Both Data center are active but user requests are not sent to the Hot standby site Active - Passive            Both Data Center are running but only Active site is servicing user requests while the Passive site services are not started. The services in the Passive site can be started in a reasonable amount of time in case the Primary Data Center goes down. Weblogic domains do not span across multi-da

Identity and Access Management Frederick Chong Microsoft Corporation July 2004 Summary:  Fredrick Chong discusses the principles and benefits of Service Oriented Architecture (SOA), specifically as they relate to the technical challenges in identity and access management, and secondarily, to help the reader gain an understanding of the commonly encountered issues in identity management. (20 printed pages) Contents Overview Introduction Anatomy of a Digital Identity Identity and Access Management Framework Challenges in Identity and Access Management Entitlement Management Auditing Conclusions References Overview To date, many technical decision makers in large IT environments have heard about the principles and benefits of Service Oriented Architecture (SOA). Despite this fact, very few IT organizations are yet able to translate the theoretical underpinnings of SOA into practical IT actions. Over the last year, a few individual solution architects on my team have atte

Load Balancer, High Availability, Fault tolerance, Failover capability LOAD BALANCER A Load Balancer is a network device. Load balancer refers to load sharing (i.e. share or distribute the user requests, connections), among individual servers or nodes in a cluster, typically in the same data center, LAN or across different data centers. Aim is to provide continuous services in case of failure of a node in a cluster, share and distribute load, connections between the nodes. So when referring to Load Balancer it could provide High Availability in the same LAN or data center or across different data centers. (See below note on Load Balancer in Oracle Identity Management components ) Typical use of Load Balancer is to front-end two or more servers where the Load Balancer device receives the initial request and sends the request to its pool of servers, and returns the server's response to the client. But why would one require to front-end servers with another device in the first p