Identity Federation with Oracle allows Enterprise Customers adopt a hybrid cloud approach while keeping the same levels of security access control. We mention the hybrid thing, because the fundamentals of this pattern is that the Oracle Identity & Access Management solution is of course deployed in the on-premises side.
Thanks to the capabilities of Oracle Access Manager (OAM), you can provide users a unique Single Sign On experience for both: cloud and on-premises applications.
Thanks to the open standards utilised for the SSO thing (SAML2.0, SSL,…), there is no need for specific VPN connectivity between on-premises and cloud.
Thanks to the ability to replicate password-less identities in the Oracle cloud side, it is completely imposible for Users to gain access to their provisioned cloud services unless they login the corporate system provided by OAM from the on-premises side. This means that users not connected to corporate network will receive a login form that can’t never reach, therefore they are not able to gain access never ever from anywhere.
Thanks to the lack of passwords stored in cloud side, there is no risk of identities thieving.