Oracle's access management layered on top of Oracle's directory services is a powerful combination that enables high performance single sign-on authentication and authorization for mobile applications (e.g. iOS and Android apps), web services, applications and even desktop applications.
Customer's concerned with protecting their digital assets such as identity data, intellectual property, and core data will be very interested in this new version. For example, one of the most recent emerging threats to companies is the BYOD revolution (or epidemic depending on your point of view). With the 11g R2 release, they will now for the first time have a comprehensive access management solution for protecting these assets regardless of the source of the end point device.
For example, with 11g R2, an employee can securely login via single-signon (SSO) from his iPhone, iPad or Android device to the companies various web sites and apps (e.g. CRM, phone book, expense reporting, ...) and flip between them without having to login to each one individually. But then, imagine that just a few minutes later, the same iPhone attempts to access one of these apps from an entirely different location because the iPhone was stolen. Adaptive Access detects the contextual change through it's context based risk scoring analysis and issues a challenge question before permitting the end user to use the App. If the thief cannot correctly answer the security question(s), then access to all of the corporate apps and web services could be suspended from that device. That is powerful!
This example can be extended further by looking at it from the perspective of someone attempting to login to one of the company's web services using valid (but stolen) privileged credentials via Web, REST, SOAP or other web service oriented protocols with nafarious intent. Contextual elements such as location, browser type and version, time of day, network address and many others would be used by Adaptive Access to determine if this really is who the user says they are. If any of these contextual elements are outside of the norm for the user then the risk scoring engine would challenge the user to answer security question(s) or perhaps just block access altogether.
As the mobile market momentum continues to build, I expect that interaction with identity data through ever expanding protocols such as Web, REST, SOAP, and LDAP is going to grow exponentially over time. This implies that you need to ensure that your access management and identity infrastructure will need to scale to meet the challenge but also to do it as securely as possible. Leveraging Oracle's 11g R2 access and identity management enables you not only to leverage identity data through these and other emerging protocols but it enables you to do so very securely.
Lastly, I have only mentioned a few of the features that 11g R2 represents. There are many other great things like unified coarse and fine grain policy management for all of your web service, app and desktop interactions. Read the announcement and then reach out to your local Oracle sales representative to learn more.
Brad
p.s. Disclaimer: I am an Oracle employee but one that is pumped about this new opportunity to help customers grow their business in a secure and scalable manner.
