Oracle has announced a suite of access management tools including a new server that provides controls to fine-tune user privileges.
The Oracle Access Management Suite is a bundle of software the company has collected from the acquisitions of Oblix, Bharosa and BEA. The suite provides users with a range of authentication and authorisation technologies to support web application single sign-on (SSO), strong authentication, fraud protection and cross enterprise federation and SSO.
In addition, Oracle released what it calls the Entitlements Server, which is a rebranding of the former BEA AquaLogic Enterprise Security software. The server relies on policies and user attributes such as title or location to craft sophisticated access controls around any network resource including documents.
The Entitlements Server supports Extensible Access Control Markup Language (XACML) for policy interoperability.
The other servers in the suite are the Adaptive Access Manager for strong authentication and fraud protection, Access Manager for web SSO, and Identity Federation for cross domain access controls.
Oracle will continue to sell the pieces separately.
The suite also integrates with middleware including Oracle Fusion, Oracle applications, Office SharePoint Server, IBM WebSphere and BEA Weblogic.
Oracle officials say they have done integration and certification around the products to ensure that they work together, but clearly the company has work ahead of it to mould the four pieces into a cohesive unit.
"It is relatively easy to put together a strategy and vision for all of this, but the engineering work is going to be significant for them," says Gerry Gebel, an analyst with the Burton Group. But Gebel says the move toward entitlement management is a good one for Oracle, which has been buying up companies to gain its foothold in the identity market.
"The entitlement management market is one that is really immature," Gebel says. "But Oracle has one of the better products and they are in a good position."
The Entitlements Server, Access Manager and Identity Federation are all deployed behind the firewall, while the Adaptive Access Manager installs as a proxy protecting the web infrastructure. The servers can be integrated with corporate directories that support the Lightweight Directory Access Protocol.
"The thing we saw over the last two to three years was that customers were piecing all these elements together as they built a comprehensive strategy," says Amit Jasuja, vice president for identity management at Oracle. "They were dealing with all the integration, certification, patching."
Jasuja says Oracle expects the new suite to compete with offerings from IBM, Sun and CA.
The Oracle Access Management Suite is priced at $45 (£22) per internal user and $12 per external user.