- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
The new features enhance the continuous validation of access privileges, introduce a workflow design tool and integration gateway, and add report templates and connection wizards.
Oracle Identity Manager (OIM) 10 gR3 is part of the company's Fusion Middleware lineup and provides software to automate the addition, subtraction and updating of user accounts from applications and directories.
Oracle jumped into the identity market three years ago with the purchase of Thor Technologies, which forms the provisioning backbone of Oracle's identity technology. That acquisition was followed by acquisitions of Phaos in 2004 and Oblix in 2005 to support federation and access management and OctetString in 2005 to add virtual directory technology.
Oracle said updates to the platform center on auditing, including enhancements to its capabilities to review at set intervals that access policies are providing users only the privileges for which they are authorized.
"Proving control polices are working correctly and that you are doing a periodic review of who has access to what and that they should indeed have that access is something that costs people lots of money," said Amit Jasuja, Oracle's vice president of development for security and identity management.
In addition, Oracle has added 19 new compliance and operational report templates to support the audit process, such as tracking down rogue accounts, detailing who authorized access rights for particular users, and documenting exceptions to access policies.
The suite now has a new designer for creating provisioning and approval workflows that hides development work behind a Web-based GUI interface. Also new is an inbound gateway based on WS-SPML 2.0 and a set of updated wizards to support integration with other provisioning platforms.
Read more about security in Network World's Security section.