Oracle Magazine - September/October 2008

When the State of Delaware decided to implement an identity management system, Oracle Identity and Access Management Suite offered a long-term solution, says Lynn Hersey-Miller, chief program officer, Department of Technology and Information.

“We used open enrollment as the catalyst for an enterprisewide identity and access management project,” recalls Lynn Hersey-Miller, chief program officer for Delaware’s Department of Technology and Information (DTI). Hersey-Miller and her team evaluated several market-leading identity management products. They picked the Oracle Identity and Access Management Suite for its tight integration with Oracle’s PeopleSoft applications, the flexibility of its federated identity management capabilities, and its sophisticated multiple-factor authentication capabilities. “We wanted to develop a long-term solution that would govern access to all types of applications, not just PeopleSoft applications,” Hersey-Miller says. “We felt confident that the Oracle product was going to do what we needed it to do.”

The state purchased the Oracle Identity and Access Management Suite in June 2006 and went live with its new open-enrollment system in February 2007. Three months later, approximately 12,000 employees used the Oracle software to enroll for their benefits.

“Getting the majority of state employees to renew their benefits online was a huge undertaking, so we wanted to make it as simple as possible,” says Michele C. Ackles, deputy principal assistant in DTI. “It’s not easy to convince 15,000 people that something they have done on paper all their lives will work [online], let alone be easy to understand.”

Pn Narayanan, DTI’s project management team leader, saw the open-enrollment project as an opportunity to deploy centralized identity management that could support other software applications as well. “In the past, individual agencies created unique security capabilities for just about every application,” he says.

Oracle’s Jasuja says developing discrete authentication, access, and provisioning capabilities for each application is not uncommon, partly because doing so ensures a highly granular level of control. However, such practices become a maintenance headache for developers and a burden for the user community, which has to remember unique user IDs and passwords for multiple applications. That’s why he believes centralized investments in identity management software quickly pay for themselves.

“Centralized directories are simpler to maintain over time,” he says, “and dealing with distinct security for each application complicates audits and compliance efforts.”

In the State of Delaware’s case, the new identity management framework supports single sign-on to three applications. One is the open-enrollment application, which will soon enable all 35,000 state employees to renew their health benefits. The second is a public safety application that enables 8,000 law enforcement officers and court officials to review protective orders as part of the Violence Against Women Act. The third is a transportation application that lets approximately 700 truckers file their International Motor Fuel Tax paperwork online.

Additionally, DTI is working with Delaware’s Office of Pensions to support Oracle’s PeopleSoft ePay module. This will give government workers a consistent login process for reviewing retirement and payroll processes from anywhere in the world. The advantages of single sign-on will soon apply to Delaware citizens as well, many of whom use the internet to access public information resources.

“When citizens enroll in a state college, report a crime, or sign up for a business license, we want them to be able to use one login and password,” says DTI’s Narayanan. “They should feel like they are dealing with one state, no matter how many agencies they interact with.” O

David Baum ( david@dbaumcomm.com) is a freelance business writer based in Santa Barbara, California.

nextSTEPS

READ more about Oracle Identity Management oracle.com/identity otn.oracle.com/products/id_mgmt

INVESTIGATE service-oriented security otn.oracle.com/products/id_mgmt/pdf/serv_oriented_sec.pdf

BROWSE the Oracle Identity Management Resource Library oracle.com/products/middleware/identity-management/resource-library.html DOWNLOAD Oracle Adaptive Access Manager oracle.com/products/middleware/identity-management/adaptive-access-manager.html