The company named authentication providers Authenex, Entrust, and Giesecke & Devrient; the enterprise single sign-on provider Passlogix; physical access provider Lenel Systems International; and network access providers F5 Networks, Identity Engines, and Layer 7 Technologies, as partners providing products that can be deployed to comply with its just-released ID Reference Architecture.
Oracle said most ID management infrastructure is delivered as two components that include a provisioning service and an authentication interface, usually integrated into the single sign-on desktop client itself. The reference architecture Oracle recommends ties the ID management services interface with an enterprise’s business infrastructure using a combination of proprietary APIs, as well as standards such as LDAP and SPML. Interfaces are typically exposed via SOAP over HTTPS, with a vendor-specific schema embedded in the SOAP message.
The provisioning server uses SPML where changes in user access rights occur as they relate to logical system access, or using vendor-specific APIs to note any changes in user access rights as they relate to physical security. All inbound connectivity from remote users is limited to HTTP and HTTPS.
Oracle also announced its Enterprise Single Sign-On Suite, which is built on technology provided by Passlogix, and ties into user-provisioning systems via SPML interfaces. The system is good for access of both web-based and non-web host or client-server-based applications.
The vendor is beginning to make a strong play with its identity and access-management system sets based around products picked up through the past acquisitions of Oblix, Thor Technologies, and OctetString. In February it formally announced its first ID management suite, which is a bundling of tools that while still separate are now linked.