Oracle IDCS: A Hybrid Identity Cloud Platform at Work
Oracle’s Access Management platform provides innovative services that complement traditional access management capabilities. In particular, it can be easily integrated with the Oracle Identity Cloud Service to support hybrid access management capabilities that can help customers seamlessly protect on-premise and cloud applications and workloads. This is what Ronald van Luttikhuizen, Oracle ACE Director & eProseed Partner and Fabien Henriet, Technical Director at eProseed, showed the participants to the first edition of eProceed’s TechForum.
Identity and Access Management (IAM) can be roughly defined as the security discipline that enables the right individuals to access the right resources at the right times for the right reasons. In more specific terms, IAM addresses the mission-critical need to ensure appropriate access to resources across more and more demanding heterogeneous technology environments and to meet increasingly demanding compliance requirements.
Today, this security practice is a crucial undertaking for any enterprise. As trust is essential for the success of digital business, IAM is rapidly becoming a key differentiator in the enablement of innovative digital services. As such, it must encompass all of the entities that participate in business initiatives, their relationships, their interactions and everything that brokers those relationships and interactions.
Systems used for identity and access management include single sign-on systems, multifactor authentication and access management. These technologies also provide the ability to securely store identity and profile data as well as data governance functions to ensure that only data that is necessary and relevant is shared, which is particularly valuable when it comes to meeting regulatory constraints such as those introduced by the new European data protection framework, GDPR.
“Although many organizations still have on-premise Identity and Access Management platforms, enterprises are more and more looking at IAM solutions in the Cloud to support them in having a single-source of truth for digital identities, to be able to manage access to APIs and data in the Cloud, and to provide self-service profile management, while fully benefiting from market-standards such as OAuth and OpenID”, Ronald van Luttikhuizen told the audience attending eProseed’s TechForum.
“Organizations that have a lot of on-premise IT resources tend to build a Chinese wall around them and keep the inbound traffic to a minimum. But this approach is no longer sustainable”, he said. “Today companies have good reasons to move to the cloud - and particularly to PaaS - for IAM. The advantages include speed of provisioning, support of new standards such as OAuth 2.0, OpenID Connect and SCIM, high level of self-service, and valuable insight on the data as well as automated tools to clean up unnecessary or inappropriate data, notably with regard to governance and regulatory constraints.”
Oracle Identity Cloud Service (IDCS) is a cloud-native comprehensive security and identity management platform. IDCS provides a set of hybrid identity features to maintain a single identity for each user across their on-premise and in the cloud services.
“IDCS is a full construct for managing users and roles within an organization. It is a 100% open and standards-based solution that allows for a unified approach to complete identity governance. IDCS encompasses self-service, compliance, identity intelligence, and privileged access. It is based on four pillars: self-service, compliance, identity intelligence and privileged access”, explained Fabien Henriet.
After having presented in greater detail some key features of IDSC, Fabien Henriet summarized the main benefits brought by Oracle’s hybrid access management platform. “IDCS is a complete suite that embeds numerous components for managing user identities and entitlements, supporting authentication and authorization mechanisms. One of the main strengths of IDCS lies in its centralized identity management capabilities. IT organizations can apply it to any type of topology, be it on-premises applications or using code from any third party vendor. IDSC maximizes the integrations between heterogeneous systems as it’s based on SCIM and leverages 100% open standards-based protocols. With IDCS, there is no need to enforce the security with the related security framework in each application, but simply to integrate the applications with the existing suite. Although a lot of components are provided with IDCS, they can all be managed in the Cloud, reducing complexity and allowing for fast provisioning”.
Ronald van Luttikhuizen further underlined that eProseed was the first Oracle partner who had implemented Oracle API Platform Cloud Service, including IDCS and OAuth 2.0. The company has also developed one of the first pilots for Idensys, the new platform for online identification in the Netherlands, with Oracle’s Access Management suite. eProseed has designed the security architecture of one of the biggest municipalities in the Netherlands and is a member of the technical advisory board for government standards on secure message exchanges.