Oracle launches open identity protection plan

Oracle Corp., working with other technology vendors, has launched an open-framework initiative to develop software to protect identity-related employee, customer and partner information, the company said Wednesday.

Oracle is inviting technology vendors and customers to review plans for the Identity Governance Framework (IGF) and contribute to key draft specifications, the company said in a news release. Five technology vendors, including CA Inc., Sun Microsystems Inc. and Novell Inc., have already reviewed a draft of the framework and plan to work with Oracle to develop full specifications, Oracle said.

The project, based on XML (Extensible Markup Language), comes as security vendors look for ways to help businesses and government agencies avoid adding to a rash of security breaches during the past two years. Oracle rolled out a piece of its own identity management software suite, called Oracle Identity Manager 10g R3, in May.

IGF will be designed to protect identity information as it flows across several applications, the company said. Identity-related information is often embedded in numerous applications across organizations, placing the information at risk and creating potential privacy violations, Oracle said.

The goal of IGF will be to establish a standard way of defining organization-wide policies to share sensitive personal information securely between applications, Oracle said.

Oracle understands the challenges its customers face in trying to manage and secure identity-related information and knows that it is increasingly important to establish policies regarding such information, Hasan Rizvi, Oracle’s vice president of identity management and security products, said in a statement.

Vendors and customers can currently review four components of IGF:

— Client Attribute Requirement Markup Language (CARML), an XML-based declarative contract defined by application developers that informs deployment managers and service providers about the attribute usage requirements of an application;

— Attribute Authority Policy Markup Language (AAPML), a set of policy rules regarding the use of identity-related information from an identity source that allow these sources to specify constraints on use of provided data by applications;

— CARML API, an application programming interface that makes it easier for developers to write applications that consume and use identity-related data in a way that conforms to policies set around the use of such information;

— Identity Service, a policy-secured service for accessing identity-related data from multiple identity sources.

Oracle has the project’s specifications posted at the IGF Web site.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now