• No results found

Identity Focus, LLC SUMMARY

N/A
N/A
Protected

Academic year: 2021

Share "Identity Focus, LLC SUMMARY"

Copied!
9
0
0

Loading.... (view fulltext now)

Full text

(1)

Identity Focus, LLC

Timothy Melander

Identity and Access Management Consultant

US Mobile: +1.612.747.9308 Email: tim@identityfocus.com

LinkedIn profile: http://www.linkedin.com/in/timmelander

SUMMARY

Mr. Melander is an experienced professional with excellent technical, leadership and business skills. He is highly experienced in architecting and implementing Oracle Identity and Access Management solutions to provide high availability, data integrity, and application integration at enterprise level deployments that require systems to work and perform with critical applications with 24x7x365 availability. Mr. Melander is also well versed in understanding, designing, administrating, troubleshooting, and integrating LDAP technologies. Additional skills include automating administrative tasks, web development, security design and processes, ITIL processes, and outstanding verbal and written skills. Mr. Melander continues to keep on top of emerging technologies even outside of Identity and Access Management, is highly motivated to work with existing environments to determine the most optimal solution for the client, firmly believes in documenting solutions, and is a technically competent team player as well as leader that is determined to get the job done and provide guidance to his team members.

(2)

SKILLS SUMMARY

Identity and

Access

Management

• Oracle Access Manager 10g & 11g • COREid 7.0.4

• COREid 6.1.1

OAM Configuration Manager

• OAM Upgrades (6.x & 7.x to 10g) • COREid Access and Identity v5 – v7 • OAM SSO integration with Portal • OAM SSO with SAP, Siebel, and

PeopleSoft

• OAM SSO with Oracle Portal and

OSSO

• Oracle Internet Federation 10g • Proxy Authentication

• OVD 10g & 11g Deployment and

Configuration

• OAM IWA integration • OAM integration with BEA

WebLogic Security

• OAM with OIM OSSO Integration • OAM integration with WebSphere

Security

• .NET Security • IDXML Integration • XSLT Customizations • Workflow Event API

Hardware &

Operating

Systems

• Windows NT, 2000, XP • SUN Solaris • Novell Netware

• Red Hat Linux & Oracle Unbreakable • F5 BigIP Load Balancer

• IBM AIX RS/6000 RISC • VMWare

• Basic Cisco switches and routers • Radius

Programming

Languages

• Visual Basic, ASP • SQL • VBScript • DHTML • Perl • Java/JSP

XML/XSLT

OID PLSQL Plugin

Directory

Servers

• Sun ONE Directory 5.x - 11g • iPlanet Directory 4.x

• Oracle Virtual Directory 10g > 11g • Novel eDirectory 8.7

• Oracle Internet Directory 10g > 11g • Microsoft ADAM

• Microsoft Active Directory 2k & 2k3 • OpenDS 2.2

Software &

Applications

• Microsoft ASP.NET/IIS • TIBCO

• Apache Web/Tomcat Jakarta • IIS3,4,5,6 Web Server • WebLogic 10.3.x & 11g • Visio • NetBeans IDE • PeopleSoft • Apache JMeter • Oracle HTTP Server 10/11g • Sun/iPlanet Web Server • Informatica • Lotus Notes • DreamWeaver • Visual InterDev • Siebel • SAP • WebSphere 6 & 7

Engagement

Experience

• Technical Lead Identity Management • Oracle Access Manager Architect • Identity and Access Implementation

and customization

• End-to-End project live cycle • End User Training

• Testing • Configuration

(3)

PROFESSIONAL EXPERIENCE

In the order of most recent to past:

Access

Management

Financial

Industry,

Switzerland

Implement x509 PKI Smartcard Authentication with E-Business

Suite R12.1.3 with OID 11.1.1.5.0, and OAM 11.1.1.5.0

Architected a x509 smartcard authentication using clients PKI with E-Business Suite R12 and OAM11g with OID11g.

Responsible for designing and deploying the integration and High Availability.

Solaris SPARC 10 was the platform the implementation was built on.

Users were synchronized bi-directionally using OID DIP and E-Business Suite synch function.

OID was installed against Oracle Real Application Cluster (RAC).

Identity and

Access

Management

Government Navy,

US

Guidance and Implementation for Security Framework using OID

10.1.4.3 on RAC, OVD 10.1.4.3, OAM 10.1.4.2, and OIF 10.1.4.3

Has U.S. Government SF-86 Security Clearance; Secret Level.

Has U.S. Government CAC smartcard clearance

Integration included SSO on WebLogic, Wiki & Blog, Universal Content Management, and Oracle Plumbtree Portal.

The platform was designed to work on Windows 2003, but the Oracle database runs on RHEL 4.

Designed incorporated OAM lost password management, self-registration workflows, self-service features using OAM security.

Designed custom redirect in OAM for CAC authentication

A new x509 PKI authentication method was designed using out-of-the-box features of F5 BIG-IP and OAM external authentication to provide a flexible CAC smartcard authentication. Using custom iRules for header information that extracts data from ECA, PIV, or CAC certificates to make granular authorization decisions to content.

Implementation of OID 10g on Oracle RAC

I developed a custom in PLSQL plug-in for OID 10g to generate a GUID.

I developed a custom OAM C# (C Sharp) Authorization Plug-in that is key to granular content authorization used for UCM, WCI, Discussions, and Wiki & Blog.

Identity and

Access

Management

Insurance, US

Architect Security Framework using OID 10.1.4.3 on RAC, OVD

10.1.4.3, OAM 10.1.4.2, and OAAM 10.1.4.3

Architected a security framework that will support at least one-million customer base.

Integration included WebLogic for the development platform that included integration with OAM workflows for self-registration.

The platform was designed to work on Windows 2003.

(4)

Identity and

Access

Management

Auto Satellite

Services, US

Architect Security Framework using OID 10.1.4.3, OVD 10.1.4.3,

OAM 10.1.4.2, and OIF 10.1.4.3

Architected a security framework that will support at least five-million customer base.

Application Integration included OAM with JBoss using Spring Security.

RHEL 5 64bit was the platform the design was built on.

Designed incorporated OAM access management for SSO, OID as the Enterprise user store, and OVD to support aggregated view for future Active Directory Forest.

OID is deployed against a two-node RAC

Identity and

Access

Management

Government,

Canada

Guidance on OAM 10.1.4.2 Integration and implemented OVD

10.1.4.3

Helped develop a .NET managed code Access Authorization Plug-in to concatenate DOMAIN/USERID. Plug-in was created to search through User DN and decide which domain a user belongs to.

Integrated RSA SecurID 6.1 Authentication with OAM

Integrated Client Certificate Authentication with OAM using the authn_securid plug-in and OpenSSL to generate a CA and certificates

• Implemented OVD to solve problems authenticating against two Active

Directory forests.

Identity and

Access

Management

Aerospace, US

Guidance on OAM 10.1.4.2, OVD 10.1.4.2 and OID 10.0.2 LDAP

Assisted on Access Policy rules and to make things work helped implement a custom Python plug-in to correct distinguished name of members with groups.

Fixed idle timeout issues with WebGates

• Documented how to extend Simple Cert mode expiry from default of 1 year

to 10 years.

• Documented recommendations on high availability

• Documented best practices on Bundled Patch deployment • Corrected mis-behaving Login form

• Documented procedures on implementing Two-way LDAP replication

Identity and

Access

Management

Software Industry,

US

OAM Upgrade from NetPoint 7.0.1 to 10.1.4.2BP05

• Oblix NetPoint 7.0.1 HF5 was upgraded to Oracle Access Manager 10g.

Using a hybrid of the ZDTU (Zero Down Time Upgrade), ran a successful upgrade of a 7.0.1 Identity and Access to OAM 10.1.4.2 BP05.

Required migrating an extensive stylesheet customization, which required merging legacy custom stylesheets into the new OAM version.

Many custom Perl Scripts and C++ plug-ins had to be migrated.

A new improved architecture was developed, both for OAM and LDAP.

Several documents were created to support the build, upgrade, migration of customization, and testing.

Access

management

Manufacturing and

Distribution

Industry, US

OAM 10g Architecture for Global deployment

Designed an architecture that supported global deployment.

Documented the architecture to support the required IAM (Identity and Access Management) vision.

Included high level integration in the document for Oracle E-Business Suite, WebLogic, and general web applications.

(5)

Provided insight on OAM product knowledge and integration.

No product was deployed. This engagement was purely to provide an architecture and guidance.

Identity and

Access

management

Third Largest

University, US

High Level Design and Recommendation for Oracle IAM Suite.

Lead project to complete a University IAM design with all of Oracle’s Idm technology.

Products used in design were OIM, OIF, OAM, OVD, OEM, and EUS.

Designed a phased approach with opt-in framework.

Completed several onsite interviews with key University groups.

Created two main documents; High Level IAM phased approach to implement Oracle IAM technologies, and a high level IAM architecture document that included all of the Oracle IAM products.

Identity and

Access

management

Manufacturing and

Distribution

Industry, US

Complete Architecture Review of a Full End to End Identity and

Access Management Proof of Concept

• Products implemented were OAM (COREid) 10g, OID 10g, Oracle

E-business Suite, OSSO, OHS, and Oracle Identity Manager 10g (9.0.1).

• Reviewed the Architecture for Validation

• Implemented the OAM (COREid) and SSO Integration with OIM

• OAM 10g configurations included ADAM for the Policy and Configuration

store, and Active Directory 2003 for the User store.

• The solution also included the SSO integration of IWA (Integrated Windows

Authentication) so that employees could seamlessly go to applications without being prompted for a logon form.

• Documented any installations completed for future deployments in forward

environments.

Identity and

Access

management

Financial Industry,

US

Complete Oracle Identity and Access Management Architecture

and Deployment

• Products implemented were OAM (COREid) 10g, OVD 10g, OID 10g,

Oracle Portal 10g, OSSO, OHS, and Oracle Directory Integration Toolkit.

• Architected a secure OAM 10.1.4.2 solution that included Oracle Virtual

Directory 10g as the backend LDAP for OAM.

• The architecture provided a very security three-tier design that separated

the presentation layer from the application layer from the data layer. This provided security layers to help meet PCI compliance.

• Problems solved were keeping external clients separate from the internal

employees in Active Directory by using OVD 10g, which pointed to OID as an external user LDAP store and Active Directory 2003 for internal users. The namespace was abstracted from the backend Directory Services including any unique members of groups, which translated dynamically all in real-time.

• The architecture required the synchronization of users and groups between

Active Directory 2003 to OID using a custom Oracle Directory Integration Toolkit so the Oracle Portal could consume user and group data on OID.

• OAM provided SSO with the integration of Oracle Portal 10g.

• Deployment was on multiple environments including a Proof of Concept. • The stages of the project were completed using Oracle’s Oracle Unified

Methodology, which covered Architecture, Design and Analysis, Implementation, Testing, and Production rollout.

• The solution worked with very few technical issues out of the box. • All session points that may expose sensitive data like passwords were

(6)

terminated using SSL.

Identity and

Access

management

Financial Industry,

US

Oracle Access Manager 10gR3 Architecture Review and

re-Design COREid 7.0.4.3

• Extensive troubleshooting on incidents to resolve and correct issues. • Trained client team on extensive OAM knowledge and troubleshooting

secrets.

• Created document on a methodology on using OAM Configuration Manager

as a horizontal migration tool.

• Created a document on Access and WebGate best practices to better serve

the clients deployments, architecture, and deployment.

• Created a document on JMeter and how to use it as a OAM load and tuning

testing tool for both web applications and IdentityXML.

• Created a document and plan on switching from eDirectory to Active

Directory with best practices.

• Created a document for the team on troubleshooting OAM. • Assisted in integrating OAM SNMP with HP OpenView. • Conducted architecture Review of current environment

• Re-architected existing OAM implementation to provide site high availability. • Provided recommendation to provide overall improvement in stabilization for

OAM.

• Integrated OAM with Websphere application using the Identity Asserter. • Architected and deployed OAM 10gR3 and Configuration Manager • Architected IWA integration and OAM and conducted POC to prove out a

solution that will help reduce the number of password resets across the enterprise.

Identity and

Access

management

Supply Chain

Services, US

Oracle Access Manager 6.1.1 Upgrade to 10.1.4.2

• Guidance on upgrade strategy.

• Provided technical architecture overview and suggestions for improvements

on the newer OAM deployment.

• Liaison to development and support for any technical challenges on

upgrade.

Identity and

Access

management

Health Care, US

Oracle Access Manager 10gR3 Architecture Review and

Guidance

• Provided technical knowledge on an OAM 10gR3 with OID 10.1.4 • Conducted Architecture Review

• Provided guidance to deployment strategies to circumvent future problems • Identified and documented performance tuning modifications to dramatically

increase speed on IDXML calls to OID.

• Provided pre and post installation guidance.

• Provided input on the best practices of extending the schema in OID

Identity and

Access

management

Automotive, US

Oracle Access Manager 10gR3 Upgrade from Oblix 6.1.1

• Lead Architect and project lead

• Provided architecture for the upgrade of Oblix 6.1.1 to OAM 10gR3 on

Windows 2003 using Active Directory as the backend.

• Successfully guided Oracle consultants to make sure the upgrade was

successful without impact to end users.

• Provided additional troubleshooting outside of OAM to make sure the project

(7)

Identity and

Access

management

State and local

Government,

Canada

POC WebSphere 6 Integration with Oracle Access Management

10gR3

• Designed and installed OAM

• Designed and implemented integration support of the WebSphere 6

connector

• Designed and implemented RSA Integration with OAM

Identity and

Access

management

Marketing, US

Oracle Access Manager 10g and Oracle Internet Directory 10g

Architecture and Implementation

• Lead architect and team lead

• Supervised and mentored 2 Oracle consultants and several customer project

team members

• Responsible for requirement Gathering and Design and implementation of

Identity Management solution

• Schema DIT and Namespace design • Detailed Use Case gathering

• Environment Architecture and Design including high availability and site

Fail-over, Disaster Recovery, Load Balancing, Hardware Sizing, Configuration

• GUI Customization with XSL

• Provided a consistent Authentication framework for applications

• Provided a delegated administration model that meets business requirements • Web Service development for the clients custom interface to administer users

Identity and

Access

management

Architecture

review

Financial Industry

Health Care

Logistics

Insurance, Canada

COREid 7.0.4 Multiple Identity & Access Management Critical

Support and Architecture Reviews

• Performed health check to narrow down issues

• Provided overview of the OAM architecture and put together an architectural

review with an executive dashboard showing what has been done right and what needs improvement.

• Worked with engineers and architects to resolve issues and improvements both

from an architectural perspective and best practices on implementation and operations management

Identity

Federation

Federal, US

Oracle Identity Federation 10g Integration

• Helped integrate various Federated use cases to support external SSO. • Designed and implemented delegated administration model to support external

government administrators to manage their own user base.

• Provided assistance on XSL Stylesheet work for Lost Password Management

Identity and

Access

management

Financial Industry,

US

COREid 7.0.4 Identity and Access Management Support

• Provided support on undocumented workflow extension features

• Helped troubleshoot issues and created new documentation to supplement the

current product guides on using workflow escalation and dynamic participant using PPP Exec.

Identity and

Access

management

Telecom, Denmark

COREid 7.0.4 Identity and Access Management Architecture

Guidance

• Supported customer with move from Entrust GetAccess to Oracle/Oblix Access

and Identity system

(8)

• Designed LDAP Namespace for enterprise on Active Directory 2003 • Provided knowledge about IDXML and how it fits into the architecture • Provided guidance on hardware sizing to accommodate 3 million users.

Identity and

Access

management

State and local

Government, US

COREid 7.0.4 Identity and Access Management Integration

• Provided assistance on deploying a custom Web Server • Provided assistance with the integration with BEA App Server • Helped troubleshoot issues, make configurations, and advised

Identity and

Access

management

State and local

Government, US

COREid 7.0.4 Identity and Access Management Integration

• Debugged, Unit Tested Use Cases around delegated security • Helped troubleshoot issues, make configurations, and advised • Provided input for form login use cases

Identity and

Access

Management

Advisor

Financial Industry

COREid 7.0.4 Identity and Access Management Advisor

• Led the design and implementation of Single Sign-On with Siebel, a

WebSphere application, a Java Application, and a .NET application using COREid Access.

• Designed and implemented concept of Legal Entity for a delegation model • Provided best practices methodology for upgrade and installation.

• Created a horizontal migration script and document that extracts a single

workflow between environments.

Identity and

Access

Management

Communication

Industry

COREid 7.0.2 Identity and Access management Pilot

• Integrated SSO with SAP

• Implemented and designed Microsoft MIIS Integration. • Led the design and implementation

• Configured Auditing for MS SQL

• Setup Java SOAP request to execute a workflow to create an account • Created various workflows

Identity

Management

Lead

Health Care

NetPoint (COREid) 6.1.1 Identity Management Lead

• Work with Enterprise Architecture Organization and related segments on

establishing Identity Management usage and deployment across the Enterprise.

• Technical Lead on NIS to iPlanet Directory LDAP where I gathered and

documented requirements and details.

Identity

Management

Lead

Travel Industry

NetPoint (COREid) 6.1.1 Identity Management Lead

• Implemented and Designed Identity Management solution. • Provided application security technical guidance

• Worked with Audit, EAO and CTAC in on risk analysis

• Provided design, development and support function for DS & IDM Global White

Pages application

• Provided design, development and support function for DS & IDM security and

(9)

Other Accomplishments

Education

• M.S.E., Started Masters in Software Engineering, St. Thomas University, MN • B.S., Business and Administration, Saint Cloud State University, MN 1994

Certifications

• ISSA (Information Systems Security Association ) Member 601495 • WebLogic 11g Oracle internal advanced training

• Oracle Accreditation Courses for OAM11g, OAAM11g, OID11g, OVD11g, and

OIF11g. CRT 2010

• Oracle Entitlement Server (BEA AquaLogic), Oracle In Class Training 2008 • Oracle Identity Federation, Oracle Training 2007

• Oracle Identity Manager, Oracle Deep Dive Training 2007

• Oblix COREid Identity and Access 7.0, Oblix Instructed Training 2004 • Securing and Auditing the .NET Framework, MIS Training Institute 2003 • DIR2217 Directory Server Analysis & Planning, Sun Microsystems 2002 • Oblix COREid Identity and Access 6.0, Oblix Instructed Training - 2001 • iPlanet Directory Server 5.0, Sun Micro Systems 2001

• 2152 Implementing Windows 2000 Professional & Server, MindSharp 2001 • Programming Logic, Denning Training Services 2000

• The Seven Habits of Highly Effective People, Carlson Companies 1999

Recognition &

Awards

• Top North American Consultant 2010 & 2009 in utilization.

• Highly Recognized Oracle Access Manager guru within Oracle Corporation • Oracle QOOL recognition for Best of the Best in Consulting. 2007

• Two letters of recognition on the successful deployment of Enterprise Directory • Letter of recognition on the design, development, and deployment of a Lost

Password Management

• Letter of recognition on architecting the Identity Management and Directory

Services infrastructure.

• Two letters of recognition of the contribution and success of the Y2K efforts

References

Related documents

The second strategy will utilize the random timing in the exit of applicants from stage 5 as the basis of a continuous treatment estimator that identifies the impact of length

Extending HCM deployments with Identity and Access Management solutions offers companies a unique set of capabilities to address business process, integration, and data

Oracle Access Manager Access System, 6-2 Oracle Access Manager Identity System, 6-8 Oracle Application Server Single Sign-On, 8-1 Oracle Delegated Administration Services,

To examine the significance of the methylation level of the p53 target and tumour suppressor genes apoptotic protease activating factor-1 (APAF-1) and death-associated protein

 Les taux d’œstrogènes et de progestérone sont très faibles Hypothèse : une seule hypothèse est exigée. o Les follicules ovariens sont insensibles à l’action des

Because of this circumstances, the Spanish government has created several rules focused on minimizing the environmental impact caused by the construction industry and, in

I. Find the LCM of i. Find the LCM of I. Calculate the LCM of I.. Find the number. Seven times a number diminished by 14 is equal to the sum of three times the number and

Southern Association for Counselor Education and Supervision (2000-present) Georgia Association for Counselor Education and Supervision (2004-2009) Association for Specialists