SCIENCE

Oracle announced Oracle Entitlements Server 11g. A key component of Oracle Fusion Middleware 11g, Oracle Entitlements Server 11g delivers a highly scalable, externalized authorization management solution for applications, middleware and databases and provides developers with shared services for fine-grained authorization to ensure quicker compliance and better business agility as policies can be quickly adapted as market, regulatory and business requirements change.

By externalizing authorizations and entitlements from applications, Oracle Entitlements Server 11g helps organizations centrally manage entitlements, provide a central view of access rights across applications in the enterprise and audit applications to track application access and use. When authorizations are externalized to a shared service, organizations can easily extend these benefits to both on-premise and private cloud applications.

Underscoring Oracle’s goal to deliver Service-Oriented Security, Oracle Entitlements Server 11g is integrated with Oracle Platform Security Services, the underlying security foundation for Oracle Fusion Middleware and Oracle Fusion Applications. With this integration, Oracle Entitlements Server becomes the strategic authorization solution for Oracle Fusion Middleware and Oracle Fusion Applications.

This latest release also extends Oracle’s comprehensive support for modern security standards including XACML, NIST RBAC, Enterprise RBAC, ABAC, OpenAZ and JAAS to provide greater customer choice and flexibility when it comes to enforcing granular security policies on the basis of user roles, run-time attributes or context-aware conditions.

New Capabilities Provide Tighter Integration, Superior Performance to Simplify Entitlements Management

Highlights of Oracle Entitlements Server 11g include:

Real-time External Authorization: Ensures extremely low latency for mission-critical applications that need to perform authorization checks in real-time. It has been designed to meet the requirements of very large deployments and scales to handle protected UI controls, web services, database records, and rich media for hundreds of millions of users and tens of thousands of roles.

Rapid Application Integration and Hot-Pluggable: Integrates with a broad category of platforms including various native, custom and third party applications, application servers, data persistence frameworks, directory servers, content management systems, SOA and cloud environments, web portals, XML gateways, development platforms and programming languages, to accelerate deployment and evolution of fine-grained security policies for applications.

Rich Policy Modeling: Enables security policy administrators to interactively perform modeling of complex entitlement scenarios including business processes. In addition to simplifying usability, this capability helps eliminate the risk of policy conflicts in production that can otherwise lead to unauthorized access and insider breaches.

Autonomous Security Module: Facilitates autonomous operation of policy agents ensuring maximum security for applications in DMZ environments.

Scalable Policy Stores: Supports multiple types of policy stores including extremely lightweight file based stores, lightweight databases, as well as enterprise grade relational databases for production scale deployments.