[ mainpage :: register :: training :: conference :: hitb-labs :: the venue ]
[ capture the flag (CTF) :: wireless village :: lock picking village (LPV) :: open-hack ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

OFFICIAL CONFERENCE VIDEOS HAVE BEEN RELEASED

HITBSecConf2008 - Malaysia (Day 1)

HITBSecConf2008 - Malaysia (Day 2)

Registration for HITBSecConf2009 - Dubai is also now open.

Thomas Varghese (Oracle Corporation)

Filed under: Main Page — Administrator @ 3:43 pm

Presentation Title: Delivering Identity Management 2.0 by Leveraging OPSS
Presentation Abstract:

The identity management industry continues to expand with new products and capabilities, many of these technologies typically fall into one of three broad functional areas: directory services, identity administration, or access management.

While the industry tends to still group identity management technologies into the three functional areas as described above, we are starting to see a new generation of functionality emerge. “Identity Management 2.0” is being driven by: a new era of governance, risk, and compliance; increasingly sophisticated online attacks; and corporate consolidation from merger and acquisition activities.

As we are increasingly seeing, risky access from unknown networks or un-registered or malware-ridden computers or smart phones can easily compromise passwords including the tokens and other authentication solutions. Enterprises on the other hand should consider taking steps to protect and use this sensitive information in a secure fashion within their existing Identity management systems or on-going provisioning and access management projects by introducing a risk-aware provisioning & risk-aware access management process that can be leveraged from using newer technologies like adaptive authentication and proactive real time fraud prevention strategies.

The core platform of identity management capabilities such as authentication, authorization, user provisioning, password management, and the like has provided us with a base for improving security and automating manual processes to drive down operational costs. Identity Management 2.0 extends the core platform to provide stronger forms of authentication, risk-based authorization and fine-grained entitlements, user provisioning based on roles and relationships, as well as the ability to virtualize identities, all in effort to address the next generation of requirements and threats.

Application developers, deployers, security architects, and administrators should start delivering Identity Management 2.0 by leveraging Oracle IdM products including Oracle Platform Security Services (OPSS) with a standards-based, portable, enterprise-grade security platform.

About Thomas

Thomas Varghese, was the founder of Bharosa, a security platform provider and served as its president and chief technology officer before its successful acquisition by Oracle last year. He is primarily responsible for Oracle’s Security and Identity Management strategy.

He is an industry veteran with over 21 years of experience in Internet security and related technologies. In his first ten years of his career Thomas was a research scientist (electronics, defense, space) designing sub-systems for Satellite and Missile platforms prior to acting as CTO for Silicon Valley companies. Thomas currently serves on numerous corporate advisory boards.



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By




Malaysian National Computer Confederation


Multimedia Development Corporation


Platinum Sponsors

Titanium Sponsor (Post Conference Reception)

Gold Sponsors

CTF Sponsor

CTF Prize Sponsor

Open-Hack Sponsor

Metro-e and Official Bandwidth Sponsor


Network Equipment Sponsor

Our Speakers are Supported By


Supporting Media:

Virus Bulletin

InfoSec News

InfoSec News

XAKEP (Russia)

Supporting Organizations


Professional Information Security Association - Hong Kong









Special Interest Group in Security & Information InteGrity Singapore