oracle a tbiz2011
DESCRIPTION
TRANSCRIPT
<Insert Picture Here> <Insert Picture Here>
Oracle Security Solutions
Angelo Maria Bosis
Technology Sales Consultant Senior Manager
© 2011 Oracle Corporation – Proprietary and Confidential 2
Agenda
• Innovation & Constraints
• Oracle Enterprise Security • Oracle Identity Management
• Oracle DataBase Security
• Oracle Security beyond the Enterprise
• Summary
© 2011 Oracle Corporation – Proprietary and Confidential 3
Threats
• Attacks
• Improper Access
• Infrastructure Scaling
Compliance
• Tougher Regulations
• Intrusive Audits
• Costly Burdensome Reporting
Opportunities
• Social Identity
• Mobile Access
• Cloud Computing
• Massive Web
What Keeps You up at Night?
© 2011 Oracle Corporation – Proprietary and Confidential 4
Is it Possible?
How is it Possible?
© 2011 Oracle Corporation – Proprietary and Confidential 5
Focus on Protecting Your Data,
Applications & Infrastructure
Applications & Middleware
Database
Infrastructure
End-users and access points
Firewall
Identity Management
Database Security
Infrastructure Security
© 2011 Oracle Corporation – Proprietary and Confidential 6
Unified Administration
Access Management
Identity Administration
Oracle Identity Management 11g Complete and Integrated Suite
• Unified and Modern Web 2.0 based Admin Interface
• Unified Installation and Configuration
• Common Auditing and Logging
• Common Policy Framework
• Simplified Systems Management
• Shared Services for:
• Password Management
• Identity Administration
• Single Sign-On
• Strong Authentication
Directory Services
© 2011 Oracle Corporation – Proprietary and Confidential 7
Platform Security Services
Access Management Identity Administration Directory Services
Access Manager
Identity Federation
Adaptive Access Manager
Enterprise Single Sign-On
Entitlements Server
Enterprise Gateway
Web Services Security
Identity Manager Unified Directory Server
Directory Server EE
Internet Directory
Virtual Directory
Identity Analytics
Management Pack For Identity Management
Operational Manageability
Identity & Access Governance
Oracle Identity Management Overview Complete, Hot-Pluggable, & Service-Oriented Security
© 2011 Oracle Corporation – Proprietary and Confidential 8
Access: Authentication & Authorization
© 2011 Oracle Corporation – Proprietary and Confidential 9
Focus on Protecting Your Data,
Applications & Infrastructure
Applications & Middleware
Database
Infrastructure
End-users and access points
Firewall
Identity Management
Database Security
Infrastructure Security
© 2011 Oracle Corporation – Proprietary and Confidential 10
Database Firewall
Data Masking
TDE Tablespace Encryption
Audit Vault
Database Vault
Transparent Data Encryption (TDE)
Proxy Authentication
Fine Grained Auditing
Oracle Label Security
Enterprise User Security
Virtual Private Database (VPD)
Database Encryption API
Strong Authentication
Native Network Encryption
Database Auditing
Oracle Database Security Continuous Innovation
Oracle7
Oracle8i
Oracle Database 9i
Oracle Database 10g
Oracle Database 11g
© 2011 Oracle Corporation – Proprietary and Confidential 11
Data
Database Security Defense-in-Depth
Prevent access by non-database users for
data at rest, in motion, and storage
Increase database user identity assurance
Strict access control to application data
even from privileged users
Enforce multi-factor authorization
Audit database activity, and create reports
Monitor database traffic and prevent threats
from reaching the database
Ensure database production environment is
secure and prevent drift
Mask sensitive data in non-production
environments
© 2011 Oracle Corporation – Proprietary and Confidential 12
Database Defense-in-Depth
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
© 2011 Oracle Corporation – Proprietary and Confidential 13
Access Control
• Oracle Database Vault
• Enterprise User Security
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Database Defense-in-Depth
© 2011 Oracle Corporation – Proprietary and Confidential 14
Access Control
• Oracle Database Vault
• Enterprise User Security
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
Database Defense-in-Depth
© 2011 Oracle Corporation – Proprietary and Confidential 15
Access Control
• Oracle Database Vault
• Enterprise User Security
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
• Oracle Database Firewall
Blocking and Logging
Database Defense-in-Depth
© 2011 Oracle Corporation – Proprietary and Confidential 16
Encryption & Masking
Access Control
Auditing
Monitoring & Blocking
• Database Vault
• Label Security
• Enterprise User Security
• Advanced Security
• Secure Backup
• Data Masking
Oracle Database Security Solutions
Complete Defense-in-Depth
• Audit Vault
• Total Recall
• Configuration Management
Encryption & Masking
Access
Control
Auditing
• Database Firewall
Monitoring & Blocking
• Comprehensive single vendor addresses all your requirements
• Transparent to existing applications or databases
• Easy to deploy point and click interfaces deliver value within hours
• Cost Effective integrated solutions reduce risk and lower TCO
• Proven #1 database vendor with over 30 years of security innovation!
© 2011 Oracle Corporation – Proprietary and Confidential 17
Oracle Infrastructure for HealthCare
Complete
Open
Integrated
AND Secure!
18 Copyright © 2010, Oracle. All rights reserved
© 2011 Oracle Corporation – Proprietary and Confidential 19
• #1 database; in the cloud
• Rapid provisioning
• Simple pricing
• Easy to use and manage
• Rapid cloud-based application development
• Access using Java, RESTful Web Services and
Oracle APEX
• Packaged business productivity applications
Database Cloud Service Overview
© 2011 Oracle Corporation – Proprietary and Confidential 20
• A key enabler and differentiator of Oracle
Public Cloud
• Single Sign On and Identity Federation
• Integration between Oracle Public Cloud & on-
premise identity management systems
• Fully delegated administration and dashboards
• Multi-factor authentication
• Use of standards for application
visibility into public identity profiles
• Built on Oracle Identity Management
Security & Identity Management
Service
A Leader in all Analyst Coverage
Magic Quadrant Disclaimer: The Magic Quadrant is copyrighted by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors
placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. The Magic Quadrant graphic was published by Gartner, Inc., as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is
available upon request from Oracle
2009 Magic Quadrant for
Web Access Management
2010 Magic Quadrant for
User Provisioning
As of Sept. 30th 2010 As of Nov. 12th 2009 As of Nov 30th 2009
2009 Forrester Wave for Identity & Access Mgmt
© 2011 Oracle Corporation – Proprietary and Confidential 22
“Most DBMS vendors offer basic security features; Oracle’s offering is most comprehensive.”
- Noel Yuhanna
#1 Database and Most Secure
Source: Forrester Database Security Market Report, 2009
© 2011 Oracle Corporation – Proprietary and Confidential 23
Oracle Security Customers in HC
Footprint in Healthcare with 4000+ Clients Worldwide
© 2011 Oracle Corporation – Proprietary and Confidential 24
Customer Advisory Board Share, Communicate, & Partner
© 2011 Oracle Corporation – Proprietary and Confidential 25
For More Information
oracle.com/security
search.oracle.com
or
security solutions
© 2011 Oracle Corporation – Proprietary and Confidential 26