Contact B2B News. Click here.
Home      B2B Forum      B2B News Archives      Submit News |      Advertise



B2B News and the B2B Forum is read by over 60,000 B2B participants every week. Increase your B2B exposure by advertising on B2B News. Click here to find out more.

Oracle launches its Identity Governance Framework

Dec. 5, 2006

Oracle has launched its IGF (Identity Governance Framework), supported by such B2B and IT vendors as Computer Associates and Sun Microsystems, in an effort to promote better electronic security and identity processes.

Such B2B initiatives can often be hard to fathom or even explain in simple business, so we asked Amit Jasuja, VP of Development for Security and Identity Management for Oracle, to explain it as simply as he possibly could.

"Imagine that you're a bank with a mortgage banking application and also an investment banking solution," says Jasuja as an example. "You obviously gather a lot of information about your clients. Part of this information, like credit score and citizenship status, may need to be available to mortgage banking but not to investment banking."

This is a valid example because, when it comes to identity and security, our instinct is to think at the user rather than the application level. But, as Jasuja explains, in the end, businesses also need to think about how their applications finally interact with overall customer data.

Most obviously, this is because of regulatory issues -- e.g., privacy issues in mortgage banking might be different from privacy issues in investment banking, so the set of data available to the two applications might need to be separated.

But it's also an issue of preventing problems when it comes to basic management. Say you want to get a complete picture of what identity-related data (like a customer's Social Security Number) is currently available to which of your applications. Without something like IGF, this would be a "forensic exercise," Jasuja claims.

With Identity Governance Framework, a company is able "to go to one place to see where all the identity data is," according to Jasuja. "If you need to change a policy, it'll be a lot easier once you get this visibility."

At this point, it's also important to note what IGF isn't. It isn't a way of encrypting data itself (which can be done in an Oracle database or other system of record) and it isn't a way of presenting that data (which can be done in an existing portal). It is, rather, "the piece in the middle for governance and control," concludes Jasuja.

Source: Line 56





Home | B2B Forum | B2B News Archives | B2B News Search | Submit News | Advertise | Contact

       © B2B News. All rights reserved.