The new features enhance the continuous validation of access privileges, introduce a workflow design tool and integration gateway, and add report templates and connection wizards.
Oracle Identity Manager (OIM) 10 gR3 is part of the company's Fusion Middleware lineup and provides software to automate the addition, subtraction and updating of user accounts from applications and directories.
Oracle jumped into the identity market three years ago with the purchase of Thor Technologies, which forms the provisioning backbone of Oracle's identity technology. That acquisition was followed by acquisitions of Phaos in 2004 and Oblix in 2005 to support federation and access management and OctetString in 2005 to add virtual directory technology.
Oracle said updates to the platform center on auditing, including enhancements to its capabilities to review at set intervals that access policies are providing users only the privileges for which they are authorized.
"Proving control polices are working correctly and that you are doing a periodic review of who has access to what and that they should indeed have that access is something that costs people lots of money," said Amit Jasuja, Oracle's vice president of development for security and identity management.
In addition, Oracle has added 19 new compliance and operational report templates to support the audit process, such as tracking down rogue accounts, detailing who authorized access rights for particular users, and documenting exceptions to access policies.
The suite now has a new designer for creating provisioning and approval workflows that hides development work behind a Web-based GUI interface. Also new is an inbound gateway based on WS-SPML 2.0 and a set of updated wizards to support integration with other provisioning platforms.
Learn more about this topicClear Choice Test: Oracle jumps to the forefront of ID-management market
01/22/07Gartner puts Oracle identity management in its Magic Quadrant