Oracle's Service-Oriented Security encompasses four IT processes - development, deployment, administration and governance. To date, the company has delivered key milestones associated with each of these components including:

Development: Identity Governance Framework - a multi-vendor standard proposal, spearheaded by Oracle that provides a service-oriented, privacy-aware architecture for developers to access identity data while adhering to usage policies. Oracle, in conjunction with the Liberty Alliance, has delivered the first open source component of the proposed standard.

Deployment: General availability of Oracle(r) Role Manager - software, based on a service-enabled architecture that allows organizations to centrally model, define and manage a repository for business roles and relationships, which can then be used to drive role-based access control, provisioning and approvals across business applications.

Administration: Beta release of Oracle Fine Grained Authorization - software designed to externalize hard-coded authorization policies from heterogeneous enterprise applications. The controlled beta preview complements Oracle's comprehensive Identity and Access Management software that helps enable customers to administer the access rights of users as they interact with business applications today.

Governance: General availability of Oracle Application Access Controls Governor 8.0 - latest release of control monitoring software that leverages an externalized Service-Oriented approach to provide segregation of duties analysis and enforcement for heterogeneous enterprise application environments.

Historically, organizations "bolted" security solutions on to their enterprise applications, a strategy that often hindered business agility. With Service-Oriented Security, organizations can now centralize security solutions in more flexible security architecture.

Lalit Yadav, ITvoir Network