• Find us:
    +1-669-900-5138   |   +44-203-372-5553
  • Free Newsletter

    Get Latest Updates

  • Make Training Enquiry


  • Categories

  • Archive

  • Oracle Adaptive Access Manager – Strong Authentication Overview

    Posted by "" in "idm, oaam" on 2008-08-09

    Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInEmail this to someone

    Virtual Keyborad from entrust

    While accessing my Bank Account (Indian bank ICICI) over Internet,  I noticed Virtual Key Board from Entrustto enter password (good feature but what if by mistake (via phishing email) I land on Phishing Website (duplicate fake ICICI website) with fake Virtual Key Board).

         I wish I could configure virtual keyboard on my ICICI bank website to identify that I am on genuine website with genuine Virtual Keypad. 
      Is this option available in virtual keypad/keyboard from Entrust ? Well… I started hunting for such a product from Oracle’s rich Identity Management Suite and after two days of extensive research I found Bharosa (Trust) now called as Oracle Adaptive Access Manager.

     I looked at Oracle’s Virtual Keyboard device and found feature I was behind (something I can configure with my password and can recognize later that Virtual key board belong to me)

    Virtual Keyboard Oracle

    Did you notice background on keyboard and word “nice cars” on bottom right ?? 
    What is significance of background and word in Virtual Keyboard ?? 

                            Yes, background & keyword on bottom right are configurable option which can help you to identify if Website where you are going to enter your bank details (including virtual key board) is right or not.

     Oracle Adaptive Access Manager is NOT limited to Strong Authentication, there is one more product called Adaptive Risk Manager (I am going to cover on Adaptive Risk Manager later).


    Overview of Oracle Adaptive Access Manager

    • Two Component of Oracle Adaptive Access Manager
      Oracle Adaptive Strong Authenticator
      Oracle Adaptive Risk Manager
    • Adaptive Access Manager is product from company called Bharosa (founded in 2003)acquired by Oracle in Oct 2007.
    • Bharosa is hindi word meaning Trust
    • Other vendors in Strong Authentication are RSA (EMC) and Entrust
    • Two components of Oracle Adaptive Access Manager (Strong Authenticator and Risk Manager) can be implemented independently.
    • OAAM (Oracle Adaptive Access Manager) is under Oracle Identity Management suite which is part of Oracle Fusion Middleware Family.  


    Various Tools/Devices for Strong Authentication

    i) KeyPad- virtual keyboard for passwords, credit card number…Protect against Trojan or key board logging
    ii) CheckPad or DocPad – Extra check to view sensitive information
    iii) Slider(For Mission Critical Applications) – can protect against mouse logging, screen scaping, over-the-shoulder snoop, camera snoop
    iv) TextPad – personalized device for entering PIN

    You can find Oracle Adaptive Access Manager Documentation here

    More on Oracle Adaptive Access Manager including Online & Offline Adaptive Risk Manager coming soon …

    5 Responses to “Oracle Adaptive Access Manager – Strong Authentication Overview”

    1. rajesh.chaware says:

      Thanks, Atul.

      Good contents. It would be great if you could add OAAM process flow architecture with steps explained.



    2. rajesh.chaware says:

      Hi, Atul.

      Can you please let me know if OIF_SP does not have federated user’s data in it’s repository, what are the steps to get attributes in SAML 2.0 mapped to the users data in IdM store at OIF_SP? If it is at all required to have federated users’ data in OIF_SP IdM store then how it is created and used in federation scenario? Pl. let me know, it’s very urgent.



    3. msmitechy says:

      I am looking for a OAAM expert in the US, if there is anyone interested consulting please let me know

      contact me on mike.ramon@knacksystems.com

    4. Is this for the MDEE job…:)

    5. siva pokuri says:

      Hi Atul,

      Nice Post.

      Quick Question: Most of the clients they prefer to use pass phrases as their password which includes spaces in password. Is it possible to include space bar in virtual key pad?


      Siva Pokuri.

    Leave a Reply

  • K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.

    K21 Technologies
    8 Magnolia Place, Harrow,
    London, HA2 6DS

    UK: +44(0)7476444481
    USA: +1-888-414-1821

  • 2014, K21 Technologies. All rights reserved DMCA.com
  • TOP