control de acceso (securityday bilbao)
TRANSCRIPT
![Page 1: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/1.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 1
![Page 2: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/2.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 2
The following is intended to outline our general product direction. It
is intended for information purposes only, and may not be
incorporated into any contract.
It is not a commitment to deliver any material, code, or functionality,
and should not be relied upon in making purchasing decisions. The
development, release, and timing of any features or functionality
described for Oracle’s products remains at the sole discretion of
Oracle.
![Page 3: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/3.jpg)
Control de acceso y movilidad
Juan Carlos Diaz
Principal Sales Consultant
![Page 4: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/4.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 5
Agenda
Introducción
Control de acceso
Dispositivos móviles y redes sociales
Control de acceso basado en el riesgo
Conclusiones
![Page 5: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/5.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 6
La
“Experiencia ”
Dispositivos
móviles
Redes
sociales
Cloud
![Page 6: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/6.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 7
Anywhere, anytime, any device
90% de las compañías
proveerán aplicaciones
móviles en 2014
62% de las compañías
utilizarán redes sociales
para conectar con clientes
![Page 7: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/7.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 8
Es necesario adaptarse
76% Aplicaciones móviles
guardan el usuario como
texto y 10% la password
en texto sin cifrar
58% Construyendo app stores
corporativas
Source: Information week Aug 2011
Partnerpedia Survey Aug 2011
![Page 8: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/8.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 9
Oracle Access Management
• Crear aplicaciones para nuevos usuarios
• Simplificar y securizar el Acceso
• Autorización en tiempo real basada en el
contexto para reducir el fraude
• Escalabilidad masiva
![Page 9: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/9.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 10
Agenda
Introducción
Control de acceso
Dispositivos móviles y redes sociales
Control de acceso basado en el riesgo
Conclusiones
![Page 10: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/10.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 11
El “control” de acceso a aplicaciones Silos de seguridad
aperez/******
ana.perez/******
aperez01/******
ana.perez/******
![Page 11: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/11.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 12
Simplificando el control de acceso ... Unicidad de usuario/contraseña …
ana.perez/****** ana.perez/****** ana.perez/****** ana.perez/******
![Page 12: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/12.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 13
Oracle Directory Services Plus
Oracle Directory Server Enterprise Edition (ODSEE)
Oracle Virtual Directory (OVD)
Oracle Internet
Directory (OID)
Oracle Unified Directory (OUD)
ODS Plus
![Page 13: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/13.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 14
Control de acceso centralizado a aplicaciones … Control de acceso centralizado y Single Sign-On …
ana.perez/******
![Page 14: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/14.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 21
Hoy: el control de acceso a aplicaciones Movilidad, dispositivos, redes sociles, la nube, …
![Page 15: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/15.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 22
Interfaces
RESTful
SSO para aplicaciones
móviles
Sign-On con redes sociales
Soporte a estándares
Oracle Access Management Mobile & Social
![Page 16: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/16.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 23
Control de acceso según el contexto
Servidor Web
WEB SSO
Servidor de
aplicaciones
Application
Portal
Capa de
servicios
Web Services
EJBs
Databases
Directories
Identity
Federation
SOA
Service Bus
Risk / Adaptive
Authentication
2. Publica, propaga y evalúa los atributos en todas las capas
1. R
ecole
cta
atr
ibuto
s
Contexto
Dispositivo
Smartphone
Tablet
Laptop
Server
Enterprise / Work
Social / Life
Mobile / Presence
OES Authorization OES
Authorization
• Recolección en tiempo real, análisis de riesgos, autenticación y autorización, segundo factor, OTP
![Page 17: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/17.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 24
SSO en dispositivos móviles
Navegador nativo del
dispositivo móvil
Aplicaciones clientes del
dispositivo móvil actuando
como navegador
Aplicaciones clientes del
dispositivo móvil conectando
a aplicaciones o gateways
![Page 18: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/18.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 25
Seguimiento de los dispositivos móviles
![Page 19: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/19.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 26
Selección de la red Login Autorización
Single Sign-On con redes sociales
![Page 20: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/20.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 27
DEMO: MOBILE SIGN-ON
![Page 21: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/21.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 28
Demo Mobile&Social
Aplicación web
de préstamos
Autenticación: REST
Au
ten
ticació
n
Autenticación
Oracle Access
Management Suite
Nicole Smith
Tom Dole
![Page 22: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/22.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 32
Conclusiones
Plataforma de acceso completa e integrada
– Identifica, autentica, federa, y autoriza
– Autorización según el contexto
– Acceso basado en el riesgo
– Soporte a aplicaciones Oracle, de
terceros y custom
Escalabilidad probada para las necesidades
actuales
– Aplicaciones web, dispositivos móviles,
redes sociales, …
Solución de control de acceso completa y escalable
![Page 23: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/23.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 33
www.facebook.com/OracleIDM
www.twitter.com/OracleIDM
blogs.oracle.com/OracleIDM
www.oracle.com/Identity
![Page 24: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/24.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 34
![Page 25: Control de Acceso (Securityday Bilbao)](https://reader033.vdocuments.us/reader033/viewer/2022042700/557a3c67d8b42a32248b4ebd/html5/thumbnails/25.jpg)
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 35