• Find us:
    +1-669-900-5138   |   +44-203-372-5553
  • Free Newsletter

    Get Latest Updates

  • Make Training Enquiry


    Company

  • Categories

  • Archive

  • Topic 6 : Security in OIG and Delegated Admin : Certification Oracle Identity Governance Suite 11g Essentials Exam -1Z1-459

    Posted by "" in "Certification, identity_manager, idm, im" on 2013-01-11

    Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInEmail this to someone

    This post covers topic 6 of certification 1Z1-459 Oracle Identity Governance Suite 11g Essentials  i.e. Security

    Topic 6 Security of certification 1Z1-459 contains following sub topics
    6.1 Describe features of OES and how OIG leverages OES to create the security model
    6.2 Configure a Delegated Administration model

    1. Authentication : is the process of proving, you are who you say you are. Common method for Authentication in OIM are using username/password

    2. Authorization : defines permission or access rights assigned to a user. Authorization defines what a user can see/do in OIM.

    3. Role : Role are used to manage collection of users to whom you wish to permit same access rights or functionality. Role has a Category (collection of related roles in one category). By default there are two role category

    a) OIM Roles: All pre-defined roles in OIM are part of OIM Roles category

    b) Default:  This is the default Role Category, If during Role creation you don’t specify role category then category default is assigned to Role.

    4. OIM has authorisation engine, Oracle Entitlement Server (OES) embedded, that with help of authorisation policies in OIM controls what actions user can perform in OIM.

    Note: Oracle Entitlement Server (OES) is used to define the authorisation policies that controls the access rights users have.

    5. Authorization Policy : determine at runtime whether or not a particular action is allowed. Policies for OIM in 11gR2 version is defined in OES

    6. Authorization Policy in OIM 11gR2 are managed by OES Admin Console ( http://weblogic_host:admin_port/apm )

    7. There are three types of Administrative Roles in OIM like

    a) Administrator : This role manages entire life cycle of the entity
    b) Viewer : can see entity and request access for entity . If the viewer request entity then approval is required for viewer to view request
    c) Authorizer : can see entity and request access for entity . If the viewer request entity then approval is NOT required for viewer to view request (authorizer get access directly)

    8. Admin Roles that are assigned to Authorization Policy can be Global or Scoped

    a) Global : These roles can only be assigned at root of organisation (top organisation) and applicable to entire OIM system, example of global roles are System Administrator, Catalog Administrator, System Configurator etc
    b) Scoped : These roles can be assigned to top Organization or any other organisation that is under top Organization.

     

    Further Reading

     

    3 Responses to “Topic 6 : Security in OIG and Delegated Admin : Certification Oracle Identity Governance Suite 11g Essentials Exam -1Z1-459”

    1. […] 3. Branding and UI customizations 4. Catalog 5. Approval workflows and Requests Configuration 6. Security 7. Bulk Load and Postprocessing 8. Reconciliation and Postprocessing 9. Provisioning, Role Based […]

    2. Saurabh Gairola says:

      Hi Atul,

      i was working on a case study where i have created a role for a organization, now i need to assign this role as an Adminstrative role for that specific organization.

      Can you help on this please?

      OIM – 11.1.2.0

    3. carmel says:

      Hi Atul,

      will you please advice me about this question from exam:
      You are setting up an OIM authorization policy for delegate administration. Wich statements is true?

      a) If the delegated user is not in the hierarchy management of the administrator , explicit permission other organization users are required for the adminsitrator
      b) if the delageted user is in the hierarchy management of the administrator , explicit permission for the administrator are required for the subordinates users
      missing answer
      missing answer

    Leave a Reply



  • K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.
  • CONTACTS

    K21 Technologies
    8 Magnolia Place, Harrow,
    London, HA2 6DS

    UK: +44(0)7476444481
    USA: +1-888-414-1821

  • 2014, K21 Technologies. All rights reserved DMCA.com
  • TOP