Oracle offers ID management for database, app server

It's designed to work with directory and access management products from other vendors

Oracle Corp. announced new identity management features for its database and application server products today, giving network administrators the ability to centrally manage user authentication and control access to disparate network resources. The features also work in grid computing environments, the company said.

Oracle Identity Management will ship with Oracle's database and application server products and offer Web single sign-on, provisioning of network resources and delegated administration, which allows users and managers to assume certain administrative responsibilities, according to John Heimann, director of security product management in Oracle's server platform technology group.

The identity management offering also includes a built-in public-key certificate authority and public-key infrastructure services so Oracle customers can issue and deploy their own digital certificates for intranet users. That will save organizations the cost of having to rely on public certificate authorities such as VeriSign Inc. for non-public-facing services, Heimann said.

The identity management focus comes as companies struggle with management and security issues accompanying efforts to open network resources to remote workers, business partners and customers. Much of that effort comes from managing user log-in and password changes for multiple network services and applications, Oracle said.

According to a Meta Group Inc. study, a company with 10,000 employees can save $648,000 per year by automating password administration, Oracle said.

The identity management features are also well suited to companies deploying grid computing systems that harness computing resources from many low-cost machines, said Mary Ann Davidson, Oracle's chief security officer. Oracle customers can use Oracle Identity Management to centrally administer users and services across grid resources, rather than managing resources on each grid system separately, she said.

The product is designed to work with directory and access management products from other vendors, meaning it can be used with non-Oracle applications, the company said. Some of the capabilities are already being used by Oracle's customers, and the complete offering will be included with Oracle's 10g products when they're released later this year.

While Oracle will continue to partner with identity management software providers like Netegrity Inc., Oblix Inc. and RSA Security Inc., the company also hopes to attract customers interested in large-scale deployments and security-conscious code, according to Heimann.

James Niccolai in San Francisco contributed to this report.

Copyright © 2003 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon