The Preliminary Specification Part CCLXXIX (S&AC Part IX)
Today we look into the Oracle product classification of Access Management. This is part of our review of Oracle products for the Security & Access Control module of the Preliminary Specification. Included in the Access Management classification are the following products; Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server, Oracle Identity Federation and Oracle Enterprise Single Sign-On Suite. Each of these products will be included in the Preliminary Specification as they have components that are required for the day to day use by the users, producers and Joint Operating Committees.
One area that I was surprised to learn that Oracle had been working on was in the area of working with partners, vendors and suppliers. Within the Oracle Access Manager it is noted that they are able to provide “Building federated user communities that span company boundaries”. These are the beginning of both the pooling and Military Command & Control Metaphor (MCCM) that are critical to resolving so many of the big issues that the oil and gas industry faces.
On the heels of Oracle Access Manager is their Oracle Adaptive Access Manager which takes the concept of intra partner interactions further with “Oracle Adaptive Access Manager makes exposing sensitive data, transactions and business processes to consumers, remote employees or partners via your intranet and extranet safer.” This is the nature of business in the future. Working with your partners, as is done in the Joint Operating Committee, is an effective means of reducing costs and increasing innovation in any industry. It’s only reasonable that the technologies are beginning to emulate these needs. In addition Oracle Adaptive Access Manager takes the level of security and authentication to a higher level. As a result our demands regarding the pooling concept and the MCCM, I feel, will be less of a technical risk for the People, Ideas & Objects Preliminary Specification.
The next application is the Oracle Entitlement Server which provides a dynamic access control element to the applications that use the server. Instead of hard wiring access control privileges into each application and user you can dynamically generate them using the Oracle Entitlement Server. “The solution can manage complex entitlement policies with a standalone server or with a distributed approach that embeds information at the application level.” So when it needs to be determined if user x has access to Joint Operating Committee y, a decision from the entitlement server, based on criteria within the application, can be made. If this information changes then the user would be denied access. This provides greater security based on policies and reduces the amount of detailed specific software development that is difficult, time consuming, and costly to maintain.
Federated Identities are also a major part of how the pooling concept and MCCM are implemented in the Preliminary Specification. Oracle Identity Federation provides high levels (attribute federation) to the applications that use it. We have specified in many of the modules, such as the Resource Marketplace module, the use of Federated Identities. Situations like where the contact and other information is maintained by the vendor. That information is comprehensive in nature and includes key organizational contacts, calendars and scheduling information. Working with the partners in the Joint Operating Committee and the representatives of the service industry in this way will effectively mitigate many of the technical software development issues we have.
One area that we will continue to have difficulty however is in the Work Order. The ability to dynamically put together a working group to study some earth science or engineering research subject is critical to the innovative oil and gas producer. These are ad-hoc and made with partners that you may have no history with. Federated Identities will provide you with some of the information you need to form the partnership and grant application access, however, there is still the pooling of and sourcing of costs, and budgets which is the bureaucratic nightmare that mitigates and destroys the motivation for these working groups to form. We need to make sure these roadblocks do not get in the way.
The last thing we want our users to be involved in is some form of security access hell. Oracle Enterprise Single Sign-On Suite Plus promises to keep this from happening. Logging onto and off of systems as the user proceeds through the various modules and components of the applications is a must have. This product also promises the ability to provide this level of service on a remote basis. Much needed.
As we can see the technical risk associated with the Preliminary Specification dropped a few points today. I’m sure it will continue to do so. Tomorrow we will move onto the Oracle Identity Administration product.
For the industry to successfully provide for the consumers energy demands, it’s necessary to build the systems that identify and support the Joint Operating Committee. Building the Preliminary Specification is the focus of People, Ideas & Objects. Producers are encouraged to contact me in order to support our Revenue Model and begin their participation in these communities. Those individuals that are interested in joining People, Ideas & Objects can join me here and begin building the software necessary for the successful and innovative oil and gas industry.
Please note what Google+ provides us is the opportunity to prove that People, Ideas & Objects are committed to developing this community. That this is user developed software, not change that is driven from the top down. Join me on the People, Ideas & Objects Google+ Circle (private circle, accessible by members only) and begin building the community for the development of the Preliminary Specification.