[Log In] []

Exploring the science and magic of Identity and Access Management
Saturday, November 18, 2017

Oracle White Paper: Helping Address GDPR Compliance

Information Security, Oracle, Privacy
Author: Mark Dixon
Thursday, July 27, 2017
12:00 pm

GDPR

May 25, 2018 is bearing down on us like a proverbial freight train. That is the date when the European Union General Data Protection Regulation (GDPR) becomes binding law on all companies who store or use personal information related to EU citizens. (Check out the count down clock on the GDPR website).

Last week, Oracle published a new white paper, “Helping Address GDPR Compliance Using Oracle Security Solutions.”

Leveraging our experience built over the years and our technological capabilities, Oracle is committed to help customers implement a strategy designed to address GDPR security compliance. This whitepaper explains how Oracle Security solutions can be used to help implement a security framework that addresses GDPR.

GDPR is primarily focused on protecting fundamental privacy rights for individuals. By necessity, protection of personal information requires good data security. As stated in the white paper, 

The protection of the individuals whose personal data is being collected and processed is a fundamental right that necessarily incorporates IT security.

In modern society, IT systems are ubiquitous and GDPR requirements call for good IT security. In particular, to protect and secure personal data it is, among other things, necessary to:

  • Know where the data resides (data inventory)
  • Understand risk exposure (risk awareness)
  • Review and, where necessary, modify existing applications (application modification)
  • Integrate security into IT architecture (architecture integration)

Oracle proposes the following framework to 

… help address GDPR requirements that impact data inventory, risk awareness, application modification, and architecture integration. The following diagram provides a high-level representation of Oracle’s security solutions framework, which includes a wide range of products and cloud services.

OracleGDPR SecuritySolutions july17

 

The paper primarily focuses on the “Enforcement” portion of this model, postposing that:

… four security requirements are a part of many global regulatory requirements and well-known security best practices (i.e. ISO 27000 family of standards, NIST 800-53, PCI-DSS 3.2, OWASP and CIS Controls).

Enforcement

In conclusion, the paper states:

The path towards GDPR compliance includes a coordinated strategy involving different organizational entities including legal, human resources, marketing, security, IT and others. Organizations should therefore have a clear strategy and action plan to address the GDPR requirements with an eye towards the 25 May, 2018 deadline.

Based on our experience and technological capabilities, Oracle is committed to help customers with a strategy designed to achieve GDPR security compliance.

 

May 25, 2018 is less than ten short months away.  We all have a lot of work to do.

 

 

 

Comments Off on Oracle White Paper: Helping Address GDPR Compliance . Permalink . Trackback URL
WordPress Tags: , , ,
 

Meeting in the Insane Asylum

History, Oracle
Author: Mark Dixon
Wednesday, July 12, 2017
11:39 am

Lots of nostalgia this week … yesterday and today, my meetings have been on the Oracle Santa Clara Campus. It is always enjoyable to come here and remember the many meetings I attended here prior to the Oracle acquisition of Sun Microsystems in 2010 and with Oracle colleagues since then.

It is fun to meet in the grand old buildings on this campus, which were first built as part of the Agnews Development Center, originally known as “The Great Asylum for the Insane.” Commentary on the present occupants? You decide.

IMG 3010

Comments Off on Meeting in the Insane Asylum . Permalink . Trackback URL
WordPress Tags: , ,
 

Oracle Identity Cloud Service

Cloud Services, Identity, Information Security
Author: Mark Dixon
Tuesday, October 18, 2016
10:28 am

This morning, I watched the launch webcast for the Oracle Identity Cloud Service  a cloud native security and identity management platform designed to be an integral part of the enterprise security fabric.

This short video, shown on the webcast, provides a brief introduction:

 

Comments Off on Oracle Identity Cloud Service . Permalink . Trackback URL
WordPress Tags: ,
 

My 11 Years Blogging on Identity

Blogging, Identity
Author: Mark Dixon
Friday, May 13, 2016
3:00 pm

Eleven

Eleven years ago today, on May 13, 2005, also Friday the 13th, I wrote my first post for this Discovering Identity blog, then hosted on the Sun Microsystems blog server.  In my maiden post, entitled Sun-Microsoft Interoperability – Focus on Identity Management, I wrote about Scott McNealy and Steve Ballmer speaking about enabling interoperability between Microsoft and Sun platforms.  

In line with my focus on Identity Management, I commented:

Identity Management is the key to enabling interoperability. It is the pivot about which the Microsoft/Sun relationship turns. Why – because Identity, by its very nature, transcends platforms. Regardless of which application or platform is being used, a user’s basic identity doesn’t change. So, in a naturally heterogenous world, an ability to rise above the differences between computer platforms is necessary if companies are to reach goals of efficiency and connectivity they require for business success.

Although I might now change a word or two in that paragraph, the essence of the statement still holds true –  Identity is definitely a key enabler for digital interactions among people, systems, applications and devices.

As a novice blogger, I also commented about my excitement in joining Sun the previous October:

I’m delighted to be here, on the front lines of a market with high customer demand, multiple business benefits, interesting innovation, strong competition and real-world results.

It turned out that publishing my blog was the single most beneficial thing I did for my career at Sun. It opened doors, solidified my credibility, triggered new opportunities and launched new friendships with people all over the world.

A lot of water has passed under the proverbial bridge in the last eleven years. Just think – my blog is older than the iPhone and almost as old as Facebook!  Once a formidable giant, Sun Microsystems is no more. Interesting terms like the “Internet of Things” and “selfie” hadn’t yet been invented when this blog was launched. The number of channels for sharing information on the Internet has skyrocketed exponentially since then. But the content of this blog still hangs around. 

Although the frequency of my posts diminished dramatically after joining Oracle six years ago, and my blog’s popularity in the IAM industry certainly waned, I still find it enjoyable to make my little contribution to the blogosphere every now and then.

It makes me wonder, what will the next eleven years bring?

Comments Off on My 11 Years Blogging on Identity . Permalink . Trackback URL
 

Enabling Digital Transformation with REST API

Identity
Author: Mark Dixon
Friday, September 4, 2015
3:39 pm

I was recently introduced to a powerful new tool created by the folks at Persistent Systems, a long time Oracle development and systems integrator partner. The Oracle Identity and Access Management platform has a very rich set of Java APIs that enable developers to access nearly all of the functionality this platform from external applications.  The challenge is not completeness, but complexity.  To take advantage of this rich API set, external developers have to know much about the internal workings of the IAM products and the intricacies of writing the Java code to access the APIs.

The Persistent Systems engineers have developed a REST API on top of the Oracle Identity Governance Java API that exposes OIG capabilities in a much simpler, more “process friendly” way. For example, a few services available are:

  • User Access Request
  • Get User’s Provisioned Roles
  • Acting on Pending Authorizations
  • Authenticate User
  • Authorize User

… and the list goes on.

How would you like to translate those “business level” requests into Java API calls?

To demonstrate the capability of the REST API, a developer at Persistent Systems created the application shown in the image below, with a clean, easy-to use interface for OIG approvals and certifications – all without being an expert in Java or the detailed processes within OIG.  The iPhone and Apple watch images include screen shots from my phone and watch.  It really does work!

The most important thing to consider is not the neat user interface – although it has some cool features – it is how an intelligently constructed REST API can provide development agility, application flexibility and rapid deployment, all essential enablers for digital transformation.

Persistent Systems

 Leonardo Da Vinci has been credited with the wise statement, “Simplicity is the ultimate sophistication.”  I think Leonardo would like this approach.

Comments Off on Enabling Digital Transformation with REST API . Permalink . Trackback URL
WordPress Tags: , ,
 

#YJJ Architecture: Oracle #IoT Platform

Internet of Things, Yellow Jeep Journey, YJJ Architecture
Author: Mark Dixon
Saturday, March 22, 2014
8:06 am

As a starting point to explore how to implement the YJJ Architecture, let’s take a look at the Oracle Internet of Things platform. The following diagram highlights what parts of the Oracle reference architecture would be installed in the Jeep and which would be in the Yellow Jeep Cloud.

OracleIoT2

The Oracle architecture is built end-to-end on Java.  At the device and gateway end, Oracle Java ME Embedded can e leveraged in the sensor devices. Oracle Java SE Embedded would be used in the Gateway device that ties multiple sensor subsystems together and communicates wirelessly to the Yellow Jeep Cloud in a data center.

In the Yellow Jeep Cloud, a variety of Oracle middleware and application products, also implemented in Java, can be leveraged, based on the specific application. 

In future posts, I will drive to a deeper level of detail on both the Jeep and cloud sides of the architecture to examine how this reference architecture can be applied to equip my Yellow Jeep for its journey.

Comments Off on #YJJ Architecture: Oracle #IoT Platform . Permalink . Trackback URL
WordPress Tags: ,
 

Oracle Identity Management 11g R2: Securing the New Digital Experience

Identity
Author: Mark Dixon
Thursday, July 19, 2012
9:15 pm

Today, the 11g R2 version of the Oracle Identity and Access Management platform was formally announced, with the tagline, “Optimized to Secure the New Digital Experience.”

We in the information security organizations of Oracle have been waiting anxiously for this announcement.  This week, the North American Sales and Sales Consulting organizations gathered in Santa Clara, CA, to be training in this exciting new set of products.

There are three major reasons why I believe this announcement is a big step forward for our customers.

First, this release delivers advanced functionality that gives really compelling business reasons for existing Sun Identity Manager customers to migrate to the Oracle Platform. It is no longer an issue of “moving from point A to point A in functionality,” just to get on the Oracle platform before premium support expires for the Sun product.  It means moving to the Oracle platform to leverage really innovative capabilities that will accelerate business value..

Second, this platform brings to reality a dream we were promoting at Sun as part of Project Destination way back before the Oracle acquisition: integrating Identity and SOA technologies to deliver “highly personalized, identity-enabled, blended applications on mobile devices.”  The new Mobile and Social capabilities and Secure API functionality added to the Oracle Access Management platform, provide a fully-integrated platform to deliver such functionality more easily and more securely than ever before.  Back at Sun, many of our customers adopted the vision we espoused, but making it happen was pretty hard work.  Now, the Oracle Access Management platform does all the heavy lifting for us.

Third, this release shows continued, significant progress towards Oracle’s vision of a truly integrated, service-oriented architecture for Identity and Access Management.  No longer is the Oracle suite just a nice collection of acquired products.  From my perspective as an Enterprise Architect, it is great to see the convergence of data models, functionality, administration services and architectural components.  It is the simplification and streamlining of architecture that will ultimately solve the complexity our customers face.

So, it will be great to work with our customers to show how they can leverage this great platform to meet their business needs. Saddle up for a great ride!

Comments Off on Oracle Identity Management 11g R2: Securing the New Digital Experience . Permalink . Trackback URL
WordPress Tags:
 

Resurrecting Discovering Identity on Blogs.Oracle.Com

Identity
Author: Mark Dixon
Thursday, March 15, 2012
10:41 am

In response to requests that I refresh my Discovering Identity blog that has been lying dormant on blogs.oracle.com since February 2010, I have commenced today to satisfy that request.

Discovering Identity

I created this blog on blogs.sun.com in May 2005 and updated it regularly until Oracle acquired Sun in February 2010, at which time I switched to self-publishing the blog here at discoveringidentity.com.  The full archive of my posts from May 2005 to February 2010 is available on this site and also on the oracle.blogs.com site.  From now on, I will publish items of interest to the Oracle community on both sites and address issues beyond that scope on this discoveringidentity.com site.

If anyone has items you would like me to address specifically on the blogs.oracle.com site, please let me know.

Comments Off on Resurrecting Discovering Identity on Blogs.Oracle.Com . Permalink . Trackback URL
WordPress Tags: , ,
 

Solaris 11 is Coming!

Technology
Author: Mark Dixon
Thursday, October 27, 2011
6:19 pm

What are your plans for November 9th?  Why don’t you plan to join Mark Hurd, John Fowler and an elite cadre of Oracle folks at the Solaris 11 launch at Gotham Hall on Broadway in the Big Apple!

Wednesday, November 09, 2011

9:00 a.m. – 1:30 p.m. ET

Gotham Hall, 1356 Broadway at 36th Street, New York, NY 10018

You can register here for an in-person seat.

You’ll take away knowledge of how to build your infrastructure with Oracle Solaris 11 to accelerate internal, public, and hybrid cloud applications, optimize application deployment with built-in virtualization and achieve top performance and cost advantages with Oracle Solaris 11–based engineered systems.

 

Comments Off on Solaris 11 is Coming! . Permalink . Trackback URL
WordPress Tags: ,
 

Nostalgia Near the Clock Tower

General
Author: Mark Dixon
Thursday, July 14, 2011
9:53 pm

I have spent the week with my North American information security colleagues from Oracle, meeting on the historic Oracle/Sun Microsystems campus in Santa Clara, California.  What a delight it was to visit this beautiful campus once again as I mingled with so many friends and professional associates.  This business campus was built on the site of the former Agnews Insane Asylum.  Several of the elegant old buildings remain, suitably updated and equipped for modern use.  But I heard flitting comments today that some people think these buildings are haunted.

Back in the day, the Clock Tower building was known as the Treatment Center.  It makes you wonder what went on there … and what ghosts the “treatments” left behind.

Here are a couple of photos I took of the Clock Tower building with my iPhone this week.

 

It was interesting that a Sun Microsystems sign/monument still occupies a prominent position in the rear of the Clock Tower building, near another smaller monument honoring a Sun Microsystems leader who perished in the 9/11 bombing in 2001. What irony!

All the other signs were brightly accented with bright Oracle red – a fitting reminder about whose campus this really is.

But it has been suitably nostalgic to visit this place today.  As I participated in an hour-long conference call while sitting on the concrete bench surrounding the beautiful fountain near the rear of the Clock Tower building today, I couldn’t help but think of the many, many hours I spent on this campus during my five years with Sun Microsystems, the wonderful colleagues I worked with, and the dreams we shared together.

Comments Off on Nostalgia Near the Clock Tower . Permalink . Trackback URL
 
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.