Re: Question about IAS Identity management

From: HansF <News.Hans_at_telus.net>
Date: Mon, 06 Dec 2004 15:08:44 GMT
Message-Id: <pan.2004.12.06.15.09.07.681671@telus.net>

On Mon, 06 Dec 2004 03:36:35 -0800, xtanto wrote:

> Hi All,
>
> We want to develope J2ee(JSP) application and plan to deploy ino IAS
> 10g Java Edition.
>
> The application wil only be accessed with a company via internet.
>
> The question is :
> For security, should I use Verisign SSL or I can use IAS Identity
> management ?
>
> Thank you for any help,
> Krist

Since Oracle's 'Identity Management' includes any combination of

LDAP (Oracle internet Directory)
SSL (Oracle SSL = mod_ossl)
SSO (Oracle Single SIgn On)
DAS (Oracle Delegated Administration Services)
Generating certificates (Oracle Certificate Authority)
Storing/retrieving certificates (Oracle Wallet)

you should be able to use Oracle's identity management solution.

Your question implies that Verisign has SSL software. I was not aware that Verisign had anything related other than SSL _Certificates_ of varying strengths and these can be issued using Oracle's OCA as long as secondary verification of identity is not required.

I would normally use OCA in any situation where the issuing organization can, and is willing to, support their own certificate guarantor - for example, an IT manager could be responsible for issuing machine-based certs and an HR manager could be responsible for issuing employee certs at the same time as the employee ID and badges.

/Hans Received on Mon Dec 06 2004 - 09:08:44 CST