oracle a tbiz2011

<Insert Picture Here> <Insert Picture Here>

Oracle Security Solutions

Angelo Maria Bosis

Technology Sales Consultant Senior Manager

© 2011 Oracle Corporation – Proprietary and Confidential 2

Agenda

• Innovation & Constraints

• Oracle Enterprise Security • Oracle Identity Management

• Oracle DataBase Security

• Oracle Security beyond the Enterprise

• Summary


Threats

• Attacks

• Improper Access

• Infrastructure Scaling

Compliance

• Tougher Regulations

• Intrusive Audits

• Costly Burdensome Reporting

Opportunities

• Social Identity

• Mobile Access

• Cloud Computing

• Massive Web

What Keeps You up at Night?


Is it Possible?

How is it Possible?


Focus on Protecting Your Data,

Applications & Infrastructure

Applications & Middleware

Database

Infrastructure

End-users and access points

Firewall

Identity Management

Database Security

Infrastructure Security


Unified Administration

Access Management

Identity Administration

Oracle Identity Management 11g Complete and Integrated Suite

• Unified and Modern Web 2.0 based Admin Interface

• Unified Installation and Configuration

• Common Auditing and Logging

• Common Policy Framework

• Simplified Systems Management

• Shared Services for:

• Password Management

• Identity Administration

• Single Sign-On

• Strong Authentication

Directory Services


Platform Security Services

Access Management Identity Administration Directory Services

Access Manager

Identity Federation

Adaptive Access Manager

Enterprise Single Sign-On

Entitlements Server

Enterprise Gateway

Web Services Security

Identity Manager Unified Directory Server

Directory Server EE

Internet Directory

Virtual Directory

Identity Analytics

Management Pack For Identity Management

Operational Manageability

Identity & Access Governance

Oracle Identity Management Overview Complete, Hot-Pluggable, & Service-Oriented Security


Access: Authentication & Authorization


Focus on Protecting Your Data,

Applications & Infrastructure

Applications & Middleware

Database

Infrastructure

End-users and access points

Firewall

Identity Management

Database Security

Infrastructure Security


Database Firewall

Data Masking

TDE Tablespace Encryption

Audit Vault

Database Vault

Transparent Data Encryption (TDE)

Proxy Authentication

Fine Grained Auditing

Oracle Label Security

Enterprise User Security

Virtual Private Database (VPD)

Database Encryption API

Strong Authentication

Native Network Encryption

Database Auditing

Oracle Database Security Continuous Innovation

Oracle7

Oracle8i

Oracle Database 9i

Oracle Database 10g

Oracle Database 11g


Data

Database Security Defense-in-Depth

Prevent access by non-database users for

data at rest, in motion, and storage

Increase database user identity assurance

Strict access control to application data

even from privileged users

Enforce multi-factor authorization

Audit database activity, and create reports

Monitor database traffic and prevent threats

from reaching the database

Ensure database production environment is

secure and prevent drift

Mask sensitive data in non-production

environments


Database Defense-in-Depth

• Oracle Advanced Security

• Oracle Secure Backup

• Oracle Data Masking

Encryption and Masking


Access Control

• Oracle Database Vault

• Enterprise User Security

• Oracle Label Security







Access Control








Auditing and Monitoring

• Oracle Audit Vault

• Oracle Configuration Management

• Oracle Total Recall



Access Control








Auditing and Monitoring

• Oracle Audit Vault

• Oracle Configuration Management

• Oracle Total Recall

• Oracle Database Firewall

Blocking and Logging



Encryption & Masking

Access Control

Auditing

Monitoring & Blocking

• Database Vault

• Label Security


• Advanced Security

• Secure Backup

• Data Masking

Oracle Database Security Solutions

Complete Defense-in-Depth

• Audit Vault

• Total Recall

• Configuration Management

Encryption & Masking

Access

Control

Auditing

• Database Firewall

Monitoring & Blocking

• Comprehensive single vendor addresses all your requirements

• Transparent to existing applications or databases

• Easy to deploy point and click interfaces deliver value within hours

• Cost Effective integrated solutions reduce risk and lower TCO

• Proven #1 database vendor with over 30 years of security innovation!


Oracle Infrastructure for HealthCare

Complete

Open

Integrated

AND Secure!


• #1 database; in the cloud

• Rapid provisioning

• Simple pricing

• Easy to use and manage

• Rapid cloud-based application development

• Access using Java, RESTful Web Services and

Oracle APEX

• Packaged business productivity applications

Database Cloud Service Overview


• A key enabler and differentiator of Oracle

Public Cloud

• Single Sign On and Identity Federation

• Integration between Oracle Public Cloud & on-

premise identity management systems

• Fully delegated administration and dashboards

• Multi-factor authentication

• Use of standards for application

visibility into public identity profiles

• Built on Oracle Identity Management

Security & Identity Management

Service

A Leader in all Analyst Coverage

Magic Quadrant Disclaimer: The Magic Quadrant is copyrighted by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors

placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. The Magic Quadrant graphic was published by Gartner, Inc., as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is

available upon request from Oracle

2009 Magic Quadrant for

Web Access Management

2010 Magic Quadrant for

User Provisioning

As of Sept. 30th 2010 As of Nov. 12th 2009 As of Nov 30th 2009

2009 Forrester Wave for Identity & Access Mgmt


“Most DBMS vendors offer basic security features; Oracle’s offering is most comprehensive.”

- Noel Yuhanna

#1 Database and Most Secure

Source: Forrester Database Security Market Report, 2009


Oracle Security Customers in HC

Footprint in Healthcare with 4000+ Clients Worldwide


Customer Advisory Board Share, Communicate, & Partner


For More Information

oracle.com/security

search.oracle.com

or

security solutions