Oracle Internet Directory (OID)

OID is a repository that stores the user credentials such as username, password, user identifiers, groups they belong to etc. It is LDAP v3 directory service which leverages high availability, scalability and security features of Oracle Database

Serves as central user repository for Oracle Access Manager and other applications

Stores and accesses identity data (User Credentials-Authentication, Access Privileges-Authorization, and Profile Information)

Includes ODIP (Directory integration platform) which supports OID synchronization with other directories.

Authentication is a process of validating a user against some Ldap store.

Authorization is a process of authorizing an authenticated user to give privilege to access a resource.

OID includes Oracle Directory Services Manager (ODSM), a web-based administration user interface for server configuration.

Oracle Virtual Directory  (OVD)

Sometimes user identity might be present in different identity stores (like in OID and Active Directory). OVD helps to logically combine both of these stores and fetch the required data from both based on specified conditions.

Single logical directory that exposes data from multiple heterogeneous data sources without directory synchronization.

OVD includes two primary components: the OVD Server to which applications connect and ODSM

Oracle Directory Server Enterprise Edition (ODSEE)

Enterprise identity services including the LDAP Directory Server, Directory Proxy, Directory Synchronization, web-based management user interface and deployment tools. ODSEE is the industry’s leading, carrier-grade directory. ODSEE has been the most widely adopted directory for interoperability and ISV (Independent Software Vendor) adoption in contrast to OID which is the backbone identity store for Oracle applications like eBusiness Suite, Database Security, and Identity and Access Management

OAM (Oracle Access Manager)

OAM provides centralized, policy driven services for web applications authentication, web single sign-on (SSO), and identity assertion.

OAAM (Oracle Adaptive Access Manager)

OAAM provides resource protection through real-time fraud prevention, software-based multifactor authentication, and unique authentication strengthening. E.g., virtual keyboards we see while entering passwords, secret questions when we login from new IP address

eSSO(Enterprise Single Sign-On)

Oracle eSSO is a Microsoft Windows desktop based set of components providing unified authentication and single sign-on to both thick and thin-client applications with no modification required to existing applications.

OES (Oracle Entitlements Server)

OES is a fine-grained authorization engine that externalizes, unifies, and simplifies the management of complex entitlement policies. . As a simple example, a coarse grain security might allow or disallow a user from accessing a screen, whereas a fine grain security can allow or disallow users seeing specific buttons and might hide/show a field or make a field read only etc. 

OIF (Oracle Identity Fedration)

OIF is a self-contained solution enabling browser-based, cross-domain single sign-on using industry standards (SAML, Liberty ID-FF, WS-Federation and Microsoft Windows CardSpace).

OIM (Oracle Identity Manager)

OIM typically answers the question “Who has access to What, When, How, and Why?” OIM is designed to administer both intranet and extranet user access privileges across a company’s resources throughout the entire identity management life cycle, from initial on-boarding to final de-provisioning of an identity.

OIA (Oracle Identity Analytics)

OIA helps enterprises address regulatory mandates, automate processes, and quickly make compliance a repeatable and sustainable part of business. OIA provides a comprehensive solution for attestation (access certification), role governance, and enterprise level segregation-of-duties enforcement.