In my session, I talked about how, thanks in large part to the emergence of cloud computing, enterprises are moving towards a borderless IT infrastructure that is going to change how security is done. The traditional mechanisms of security that are built on topology are going to have to be replaced by a security architecture built on the constant that can actually flow across domain boundaries – identity.

Yoda himself made an appearance to make the point.

My presentation was divided into a few parts:

• I revisited the issue of security in cloud computing, in particular highlighting specific areas that need to be addressed.
• I talked about the foundational elements to building an identity-based security model for your cloud environment, and how to evolve that into a full-fledged platform for your cloud applications.
• I also talked about the products and capabilities available in the Oracle Identity Management 11g suite, and some of our future plans aimed at specifically addressing the cloud.

You can check out the presentation below (I hope to add the session audio to it at some point).

Tags: Cloud Computing, Cloud Identity Model, Cloud Security, OOW10, OpenWorld, Oracle Identity Management, Oracle OpenWorld

Oracle Security Governor for Healthcare is a governance solution that is aimed specifically at healthcare organizations, where the introductions of various regulations globally and the transformation of healthcare IT has created a number of challenges in the area of patient confidentiality that need to be addressed.

• VIP record snooping
• Medical identity theft and fraud
• Healthcare data theft and fraud
• Coworker, family member and neighbor record snooping

Oracle Security Governor for Healthcare addresses these concerns by providing a solution that helps proactively protect and prevent privacy and security breaches, insider snooping and medical identity theft in an organization. The solution is based on some key features:

• Rapid Incident Detection: Criteria based automated reporting functionality that allows rapid incident detection, case management and investigations.
• Automated Privacy Audits: Allows audits on activities of various entities accessing the applications and reports suspicious activities.
• Accelerated Enterprise-wide Data Retrieval: Allows rapid integration with existing systems.

Architecture

Oracle Security Governor is built on some key products in Oracle’s portfolio, enhanced with some healthcare specific intelligence and artifacts.

Oracle Security Governor for Healthcare Architecture

• Oracle Security Governor for Healthcare leverages the Oracle SOA Suite Adapters (like Database, Log and HL7 adapters) to pull data in from virtually any data source into a central data warehouse.
• In-database data mining and predictive analytics built using Oracle Data Mining is used to detect anomalies and suspicious activity that may have taken place in the past.
• The solution also uses an advanced risk assessment engine (based on Oracle Adaptive Access Manager), which has been pre-loaded with healthcare specific risk and fraud rules to proactively detect incidents.
• Oracle Entitlement Server provides unique risk-aware fine grained authorization on record and data access, cutting down the possibility of unauthorized activity and fraud.
• Finally, Oracle Business Intelligence Publisher is used to provide insight into all of this through risk analytics, reports and alerts.

Benefits

Oracle Security Governor helps deliver significant benefits to a healthcare organization. Some of these benefits include:

• Historical Detection: that can be used as audit trails and for detection of suspicious activities related to access, privacy, fraud and security breaches, that have taken place in the past.
• Real Time Detection: Oracle Security Governor can also be used to detect suspicious and fraudulent activity, in the real time.
• Real Time Prevention: Oracle Security Governor can prevent suspicious activities, in the real time. The activities detected as anomalous or suspicious can either be completely blocked or the end-user can be alerted or required to meet additional security requirements, depending on the deployment needs.

Oracle Security Governor for Healthcare Benefits

Looking Ahead

Oracle Security Governor for Healthcare is just the beginning. In the future, Oracle hopes to use the Oracle Security Governor framework to build more solutions that address challenges faced in other verticals besides healthcare. But that doesn’t mean you have to wait – you can leverage the products mentioned above to build your own security and privacy solutions. Just ask us how.

You can find more information about Oracle Security Governor for Healthcare here on the product page.

Tags: Healthcare IT, Healthcare Security, Identity Analytics, Identity Governance, OOW10, Oracle Identity Management, Oracle OpenWorld, Oracle Security Governor, Oracle Security Governor for Healthcare, Privacy

It’s that time of year again – when my blog goes silent because I have been heads down preparing for Oracle’s event of the year. And this year’s OpenWorld is jam packed with all sorts of goodness. The lineup in the Identity Management track is loaded with information, especially for anyone looking to learn more about the recent 11g release – you can see the full list of IdM sessions here.

I’ll be following up on my session last year with another one on the topic of Cloud and Identity Management. In my session on “Building a Strong Foundation for Your Cloud with Identity Management“, I’ll describe how enterprises can maximize the security and benefits of their cloud investment by putting in place a comprehensive cloud identity management practice. Identity is the central component not only in securing access to services in the cloud but also in accelerating the adoption of cloud computing and maximizing business agility in leveraging cloud services. I’ll talk about some common cloud identity use cases and describe solutions, tools, and best practices that can help strengthen and future-proof your cloud strategy. Come by if you’re planning to be at OpenWorld next week.

• Session ID: S317276
• Date: Wednesday, September 22 2010
• Time: 1:00 – 2:00 pm
• Room: Moscone South 309

And for a surprise bonus, come by the same room (Moscone South 309) on Monday, September 20 at 11am for the session “Oracle Identity Management 11g Update and Overview“. I’m not going to give away anything, but there will be some pretty cool tech on display.

To my fellow Twitterati, if you can’t make it to OpenWorld, or if you will be there and want to be more involved, use and monitor the hashtags #OOW10 and #IDM for insight and to discuss with folks from the IdM team. And if you are around at OpenWorld and want to meet up the old fashioned way (aka “in person”), feel free to reach out to me on Twitter. It’s going to be an extremely busy show, but I would love to meet up.

Tags: Cloud Computing, Identity Management, OOW10, Oracle Identity Management, Oracle OpenWorld

The session had a nice flow to it, starting with a vendor presentation (Oracle, of course), followed by an analyst presentation (Bob Blakley and Lori Rowland from the Burton Group) and concluding with a customer presentation (our old friend Ramin Safai from Barclays Capital). Getting to discuss identity management from all points of view was quite a valuable exercise, and I gleaned lots of useful nuggets.

Security Inside Out

Amit Jasuja (who heads up the Identity Management team at Oracle) kicked off the day by talking about “Security Inside Out“, Oracle’s new message on putting together a complete security practice by bringing together Database Security, Identity Management and Information Rights Management. Weaving all of these elements together allows an enterprise to get a complete handle on the nature of their security risk across all tiers – database, middleware and application – and in all contexts – data at rest or in motion, internal users vs. external users, and so on. This led to a lot of discussion on moving towards risk-based identity management, which can be more adaptive to an enterprise’s needs and allow identity management to be a business enabler, not a hindrance.

One of the concepts I particularly liked was using identity management to enable “Break The Glass” scenarios that allow for contextual security decisions. In such a scenario, a user who ordinarily does not have access is allowed to get access but with added controls (like heightened audit, approval and attestation) to address the unique, emergency-like situation that presents itself. Being able to adapt to sensitive contextual situations without sacrificing on security and compliance is a powerful message that resonates in the enterprise world. Another topic that proved fertile for conversation was for risk-based IdM to leverage One-Time Passwords delivered via SMS or over land-line phones in order to implement higher levels of identity assurance (LOA). As two-factor authentication goes, enterprises increasingly view this as an attractive way to increase levels of assurance without having to invest in tokens and biometrics.

Complete Security

The Burton Group team talked about the state of identity management in the market today, especially emerging trends and hot-button topics. Lori validated my observation that cloud computing is going to have a huge impact on the future of identity management, and gave a nice shout out to my OpenWorld session on the topic. One of the interesting takeaways from their talk was this point that Bob made about achieving complete security: An enterprise needs to have preventive controls that allow business to be conducted as usual but flush the bad guys into the open, where detective controls can identify them and their activities, which would then allow responsive controls (aka the cops) to take action.

Down In The Trenches

Ramin then gave a customers perspective on implementing identity management – from “down in the trenches”, as he called it. There were a lot of good lessons in his talk – about scoping the project correctly and dividing it into small, achievable mini projects that demonstrate ROI, about the processes and architecture they put in place to ensure success of the project, and some of the achievements they had with their IdM implementation, especially when Barclays acquired Lehman Brothers. One of the major points made in the room during discussion was that security within the enterprise needs to be driven top down by an “Executive Governance Board” in order to achieve  consistency and completeness. It cannot be done piecemeal at the IT level.

I love taking part in sessions like these, as it is great to be able to hear so many different perspectives. And thanks to Greg Belanger from the Apollo Group for giving me a shout out during the analyst discussion on Oracle’s differentiators in the identity management area. The point he was making about Oracle demonstrating vision in IdM is an important one that we are very serious about here, and I am glad to be a small part of that.

Tags: Identity Assurance, Identity Controls, OOW09, Oracle OpenWorld, Risk Management

Unfortunate coincidences on the title aside, the overall response to my session was quite positive, especially from folks whose opinions I really respect like Bob Blakley and Lori Rowland from the Burton Group. There was general agreement that widespread adoption of Cloud Computing is going to be a major disruption on the existing evolutionary path that Identity Management has been following. And adoption of the Identity Services model is a major component to readying IdM for the Cloud.

Check out the screencast (slides with audio of the session) of my session below. Registered attendees of OpenWorld can download the presentation itself and the MP3 audio recording of the session from OpenWorld On-Demand (just login with the Username and Password you created during your OOW registration).

The audio includes the questions that were asked of me, and turns out that the questions didn’t record well and I forgot to repeat them. Hopefully my answers are cogent enough that you get an idea of what questions were asked. I did want to follow up here on this blog post a few of those answers:

• A question came up regarding the licensing terms for Oracle IdM products when they are being used in a cloud environment (specifically, by organizations that are going to be Cloud Providers of Identity Services). The biggest challenge for such organizations is that they cannot accurately estimate the number of users, or other such variables licensing is typically based on, beforehand, which creates uncertainty for them as to the cost they will have to bear. After the session, I confirmed with our PM team that there is special licensing available for ISVs. Talk to your Oracle sales rep about this if interested.
• Another question came up regarding the impact of all this on standards like SPML. I believe my answer covered my opinion on the greater emphasis the cloud identity model will put on the evolution of these standards, especially SPML, which has been languishing. Follow up conversations with some of the original architects of the SPML standard and others involved in standards efforts brought up that the communities responsible for these standards are looking at this very hard and are gearing up efforts to address this. So stay tuned for more on that.
• A question was asked regarding Just-In-Time Deprovisioning of access to cloud-based assets. This is something I discussed quite a bit in a blog conversation with folks like Ian Glazer and Pam Dingle a while back. So check out that post and the related thread.

Tags: Cloud Computing, Cloud Identity Model, Identity Services, OOW09, Oracle OpenWorld, Oracle_IDM

• Session ID: S309525
• Location: Moscone South Room 308
• Date and Time: 10/12/2009 | 11:30am-12:30pm

Below is the abstract for the session, in which I plan on expanding a great deal on the presentation I did in the webinar with KuppingerCole:

Cloud computing is about to revolutionize enterprise IT and architecture. But leading industry analysts see security as a gating factor preventing enterprise adoption of cloud solutions, as enterprises grapple with the unique characteristics of cloud security and the challenges of compliance and governance. This session outlines key identity management considerations for evaluating a move to the cloud. It discusses how enterprises can leverage their existing identity and access management infrastructure and the principles of service-oriented security and standards-based interactions to secure their assets in the cloud. It also looks at the prospects for identity management as a service and how it will affect cloud computing’s future.

As I prepare for my talk, I found myself revisiting some of the previous talks I gave at OpenWorld the last few years. It was very interesting to see how my vision for Identity Services has evolved over that time. I found it a most amusing exercise, so I thought I would extend the courtesy to my readers. To that end, I have uploaded my previous OpenWorld presentations to my Slideshare page (you can also get to them from the links on my Speaking page). I can’t believe I thought the Love Guru angle was a good one to take for a tech talk

If you are going to be attending OpenWorld, you can pre-register for my session using the Schedule Builder tool for OpenWorld attendees. And as always, ping me on email/LinkedIn/Twitter if you want to meet up that week. Look forward to seeing you there.

Tags: Cloud Computing, Identity Services, OpenWorld, Oracle OpenWorld

So what exactly is Identity Assurance? Simplistically, Identity Assurance is the ability to determine, with some level of certainty, that the person (identity) presenting themselves in an identity transaction is who they are claiming to be. The level of certainty one can have about the presented identity is what is referred to as the “Assurance Level”. Identity Proofing is another term that is used in this context (and that I have used in the past), though it is more commonly associated with the verification of ones real world identity during the registration process.

So what are these two initiatives, and how are they related?

Identity Assurance Framework – Think TRUSTe for IdPs

The IAF is coming at the Identity Assurance discussion purely from the authentication angle, especially within federation contexts. It is based, in part, on the Electronic Authentication Partnership Trust Framework and the US E-Authentication Federation Credential Assessment Framework, initiatives designed for the sole purpose of enabling interoperability among electronic authentication systems. As such, it attempts to define a trust framework around the quality of claims issued by an IdP based on language, business rules, assessment criteria and certifications.

The IAF has published a standard set of assurance levels regarding the authentication of the user (Level 1 means low assurance, Level 2 means medium assurance, and so on. As of today, there are only 4 levels of assurance, Level 4 being the highest level). When a digital token is issued, it states the level of assurance at which the user was authenticated – Level 1 through Level 4.

The IAF defines a certification process through which an independent auditor assesses whether the issuers interpretation of Level 1-4 meets a standard assessment criteria established by IAF. So one issuer may have used a RSA SecureID token in combination with Username-Password to issue a Level 2 token, while a second issuer may have used a biometric challenge in addition to a UserID-PIN to issue a Level 2 token. The RP receiving the token from both issuers simply knows that both tokens are Level 2, and doesn’t know/need to know what the actual mechanics were, simply that an audit process certified that the mechanism for generating the token meets the criteria laid out by Liberty IAF.

The IAF is NOT defining any technology or standard protocols. In this sense, the IAF is trying to set up something analogous to the way TRUSTe verifies and asserts through their web seal that an eCommerce site is trustworthy.

Oracle Identity Assurance Partner Alliance – Tools of the Assurance Trade

Oracle IAPA aims at extending Oracle’s Identity Management Suite with partner technologies that offer capabilities such as identity proofing, internet geolocation, multi-factor authentication, out-of-band authentication, endpoint security and secure remote access. As such, its charter is pretty broad in combating identity fraud and providing context-aware security, and this encompasses identity assurance.

The solutions in the IAPA can provide the underlying mechanism by which an IdP can support the main tenet in the IAF, wherein an assertion can be trusted (at varying levels of assurance) to really belong to the entity represented. The IAPA steps in as a way for Oracle IAM to leverage technologies that enhance an authentication process with additional “challenges” that up-level the authentication assurance to the appropriate level – whether it be by using a biometric challenge, a voice challenge, a knowledge challenge based on external data aggregators, etc. So Oracle IAM + IAPA is positioned nicely to be the execution/implementation arm of an IdPs IAF compliance efforts.

Looking To Tie Them Together

One thing I will be exploring is the possibility of having the IAPA stack go through the Liberty IAF audit process. Then any customer deploying Oracle Access Management in conjunction with one of our partners would immediately know the IAF assurance levels of the authentication tokens being issued. Conversely, a customer that is targeting being able to issue credentials of certain assurance levels will be able to identify the solutions that will meet their need.

Tags: Digital ID World, Identity Assurance, Identity Assurance Framework, Identity Assurance Partner Alliance, Oracle OpenWorld

It was interesting to see the amount of discussion going on around the topic of Identity Services. At DIDW, there were a number of different sessions that looked at different parts of the Identity Services challenge. Kim Cameron talked about claims-based identity transactions in his keynote. All the different discussions on Liberty’s Identity Assurance Framework were trying to deal with improvements needed in the authentication service. Some of the necessary standards discussions came up in the session on “Bootstrapping Identity Protocols”. And of course Jamie Lewis talked about it in his keynote.

At OpenWorld I once again took on the task of trying to illuminate the masses on identity services. It isn’t a topic that usually gets a lot of interest at OpenWorld, since the attendees are mostly interested in figuring out real world implementation issues. So the sessions most attended were the ones that looked at best practices and customer case studies. Also, being scheduled for the first session of the day at 9am didn’t help drive up my attendance numbers.

But I did get a pretty decent crowd, all things considered, and got some good questions and very good feedback and validation on the content of my presentation. I did try to spice it up by throwing in a bit of humor centered around “The Love Guru” (since identity services is all about achieving identity nirvana); not sure if that helped or hurt. I wanted to post the presentation here for all of you, but OOW presentations are paid content controlled by Oracle, so I can’t. But I will be adapting that presentation for some talks I am giving to customers on the topic of Identity Services, and I will post that presentation, along with a discussion of how my architecture has evolved, in an upcoming blog post.

October is looking to be just as busy. Of course there is all the usual stuff going on at Oracle. Tomorrow I’ll be doing a quick dash across the border and back for the second all-day workshop of the ISWG. Then later this month I will be heading to Europe, where I will be meeting with some customers and attending Burton’s European edition of the Catalyst Conference. I will be part of a panel that includes other ISWG members from TD Bank, BT, Credit Suisse, IBM, Sun, Novell and, of course, Burton that will be talking about Identity Services and presenting some of the work we have done in the working group. Catalyst Europe is in Prague, which is a city I absolutely love, so I am pretty excited about that too. Should be a fun month.

Tags: Digital ID World, Identity Services, ISWG, Oracle OpenWorld

Oracle’s big shindig is the place to come to if you want to find out about all that is going on in the world of Oracle. And this year is no different. The conference is bigger than ever (I hear upwards of 43,000 will be attending), and there will be some big announcements at the keynotes. Oracle Identity Management will be well covered at the show, both on the demogrounds and in the many sessions, where IdM got its own track.

Not surprisingly, I will be speaking on the topic of Identity Services. My 3rd session on the topic continues the discussion I started 2 years ago in a session on application-centric identity management. If you are going to be at OpenWorld, then definitely come check out my session, as I delve into the practicalities of building an Identity Services Platform for your enterprise.

Session ID: S298923
Session Title: Building an Identity Services Layer with Oracle Identity Management
Venue: Marriott
Room: Golden Gate C3
Date: Wednesday, 24th September 2008
Start Time: 09:00 am

During the session, I will present how one can go about deploying identity management in a way that enables the development of identity-enabled applications. I will also discuss some of the things I have learnt from participating in Burton Group’s Identity Services Working Group, my many conversations with the identirati at Catalyst and DIDW this year, and from my continued involvement in Project Fusion, which lays down the architecture for the next generation enterprise application. Unfortunately I drew the short straw and got the 9am shift, so there are sure to be people who won’t make it as they recover from their shenanigans the previous night. Hopefully I will still be on East Coast time, and sufficiently caffeinated

And as always, I will be twittering my observations from OpenWorld in real-time, so be sure to follow me for the latest. I hear there will be a number of interesting announcements.

See you in San Francisco.

Tags: Oracle Identity Management, Oracle OpenWorld

As usual, OpenWorld was chaotic, massive and entirely overwhelming. Between the claustrophobia induced by the crowds crossing Howard Street or cramming into keynotes, the rush of standing in front of folks to talk about identity management in fusion architecture, the late, late evenings with customers and co-workers, and almost being trampled by a couple of OpenWorld revelers dancing a wild jig at Lefty O’Douls, it’s been a crazy couple of days. Oh, and the conference has been interesting too.

OpenWorld always has the production values of a rock concert, and one of the interesting things that the organizing team did this year was incorporate a form of user-generated content into the opening for the Keynotes. Before the keynotes would start, a poll or questions would be posted on the giant screens in the keynote hall, and the audience members would be encouraged to send in their responses by text message, with the results being shown on the screen in real-time. While the poll questions elicited some good feedback from the audience, it was interesting to see some of the responses people sent in to questions like “The next killer app would be…“, “What features would you most like to see in Oracle products?” and “What was the first Oracle product you encountered?“. Messages ranged from the humorous to the thought-provoking, with a couple of digs at Larry.

Audience Polls before Keynotes

THE KEYNOTES
All the keynote speakers used their platform to really showcase their products and make some major announcements. The big announcement from Oracle was first made during Charles Phillips keynote on Monday, and then repeated throughout the week – the introduction of Oracle VM, Oracle’s server virtualization software technology (check it out). During his keynote, Charles also talked about Oracle’s growth by acquisition benefiting customers by moving the inter-application integration challenge off the customer’s shoulders and onto Oracle’s plate, delivered through Oracle Application Integration Architecture.

Thomas Kurian used his keynote to explain how Fusion Middleware was going to change how business is delivered by applications on the back of 5 middleware “pillars” – SOA, Enterprise Performance Management (EPM), Enterprise 2.0 technologies (which includes collaboration and communication tools, content management and rich user experience), Security and Identity Management, and Grid Computing.

Larry Ellison used his CEO Keynote to update everyone on Unbreakable Linux (which he launched at last year’s OpenWorld), expand on the launch of Oracle VM, and talk about the first Fusion Application that will be rolling off the production line – Sales Force Automation (SFA). A demo provided a first look at the 3 slick applications that make up SFA: Sales
Prospector, Sales References, and Sales Tools. Interestingly enough (for IdM), SFA incorporates social concepts into its functionality.

Oracle partners that gave keynote addresses this year were AMD, HP, Intel, Dell and Sun. Among the more interesting, Sun announced the launch of their open-source project in Server Virtualization, OpenxVM. AMD, Intel, HP and Dell all announced products focused on enabling greener Data Centers, where power utilization and efficiency are greatly improved.

Charles Phillips giving his Keynote

You can check out webcasts of all the keynotes here.

THE SESSIONS
As so often happens at these events, customer meetings eclipse my ability to attend sessions with any regularity. OpenWorld presents a good opportunity to listen to people from other parts of the company (that I would be hard pressed to find time with) introduce their products and talk about their plans for the same. The rate at which Oracle acquires companies and technologies sometimes means that this is the only way to figure out technologies we have in-house that can help in our development activities. So it was good to be able to go to sessions and learn about Coherence, Hyperion and a few other technologies.

The audience was definitely geared towards the database and applications side of the house. In terms of the topics that I touch on in this blog, interest was high in understanding the value that Oracle’s IAM suite brings to current deployments of Oracle Applications like E-Business Suite, and in understanding where Fusion Applications was going. While the attendance at IdM sessions was not as high, the quality of people in attendance was extremely high, with discussions exploring topics in quite a bit of depth.

IDENTITY SERVICES AT OPENWORLD
My session on “Identity Management in Fusion Architecture” was extremely well received and drew some quality feedback. The folks who showed up were really interested in seeing how the concept of identity will be woven into the fabric of Fusion Applications moving forward. And a number of them gave me some really good real-world information on challenges that they are facing today. A lot of them came to the session not exactly sure what identity even meant in the fusion concept, and left (hopefully) a little clearer on the topic.

I had hoped for a lot more people to come so that I could get some more input, but I’ll be more than happy if folks participate in a discussion via this blog as well. Check out the presentation I gave in my session by downloading it from here.

MESSAGES
Virtualization is hot, and information is more important than ever. Getting applications to work with each other in a seamless manner is the key to business innovation. And the next hot thing in applications is the incorporation of social concepts into their functionality, combining Business Intelligence with Human Intelligence in a way that will make it easier to solve the real challenges enterprise users face every day.

THOUGHTS
As I mentioned above, I had a number of interesting side discussions with customers and prospects at OpenWorld this year. I was really encouraged to finally connect with a customer that had some deep and well thought through needs for deploying enterprise identity services. Most of the customers I know who are thinking of identity services are thinking about it as an enterprise architecture project (because they know it is the right thing to do) without any concrete consumers lined up. This particular customer actually has projects planned that could really use identity services. It led to a very interesting conversation that I found quite stimulating. I will definitely be covering some of my thoughts that came out of this meeting in the coming weeks.

Also, I found a number of people interested in understanding fusion architecture as a way of figuring out how they should go about standardizing their application development efforts. The big thing I saw was that there are a few enterprises out there that want to put an identity services layer in place, and are debating whether to build it themselves or wait till someone in the identity community comes out with something. While I am pretty sure that frameworks like Higgins can help some of these folks, there were a number that talked about Higgins being too low level in the abstraction it offers.

The fact that concepts emerging from the social networking arena are actually being built into the way the next generation of applications will work presents an interesting challenge for identity management. Not only are identity services going to have to scale to a level that supports these kind of interactions in applications, they will also need to have the right controls in place to protect privacy while not preventing the kind of collaboration that social concepts will foster.

Well, looks like we are about ready to land. I will probably post this sometime tonight, with my next post probably focusing on the Gartner summit. But add some comments if you have some thoughts on OpenWorld, Fusion, IdM and the crazy world of Oracle. Oh, and if you were at my session and were one of the people taking photographs of me while I spoke, drop me an email with some of those pictures, will ya? I’d love to see what was drawing so many flashes

Tags: Application-Centric IdM, Fusion Identity Management, Identity Services, Oracle Identity Management, Oracle OpenWorld