11-18 Oracle Fusion Middleware Administrators Guide for Oracle Adaptive Access Manager

11.5.3.4.4 OAAM Users vs. Themselves: Trigger Combinations

None

11.5.3.5 Autolearning Pattern-Based Policy: OAAM Users vs. All Users

If a user does not have a sufficient amount of historical data captured this policy is used to evaluate his current behavior against the historical behavior of all other users. This policy uses pattern-based rules to evaluate risk.

11.5.3.5.1 OAAM Users vs. All Users Policy Summary

Country and State ENTITY: Entity is member of pattern less than some percent times Pattern Hit Percent less than = 10 Pattern name for membership = User: State profiling pattern Is Membership Count Less than patternHitPercent = True Time period type for pattern membership = Months Time period for pattern membership = 1 Member type for pattern membership = User Action = OAAM Challenge Alert = OAAM User: state Score = 600 Time of Day ENTITY: Entity is member of pattern less than some percent times Pattern Hit Percent less than = 3 Pattern name for membership = User: timerange profiling pattern Is Membership Count Less than patternHitPercent = True Time period type for pattern membership = Months Time period for pattern membership = 1 Member type for pattern membership = User Action = OAAM Challenge Alert = OAAM User: time of day Score = 500 ASN ENTITY: Entity is member of pattern less than some percent times Pattern Hit Percent less than = 6 Pattern name for membership = User: ASN profiling pattern Is Membership Count Less than patternHitPercent = True Time period type for pattern membership = Months Time period for pattern membership = 1 Member type for pattern membership = User Action = OAAM Challenge Alert = OAAM User: ASN Score = 600 Country ENTITY: Entity is member of pattern less than some percent times Pattern Hit Percent less than = 20 Pattern name for membership = User: Country profiling pattern Is Membership Count Less than patternHitPercent = True Time period type for pattern membership = Months Time period for pattern membership = 3 Member type for pattern membership = User Action = OAAM Challenge Alert = OAAM User: Country Score = 700 Table 11–15 Cont. Auto-learning Pattern-Based Policy Rules Details: OAAM Users vs. Themselves Rule Rule Condition and Parameters Results OAAM Security and Autolearning Policies 11-19

11.5.3.5.2 OAAM Users vs. All Users Flow Diagram

Figure 11–10 Auto-learning Pattern-Based Policy: OAAM Users vs. All Users Flow

11.5.3.5.3 OAAM Users vs. All Users: Details of Rules

Table 11–16 Auto-learning Pattern-Based Policy: OAAM users vs. All Users Summary Summary Details Purpose Evaluates the users current behavior against the historical behavior of all other users. This policy uses pattern-based rules to evaluate risk. Scoring Engine Maximum Weight 100 Group Linking Linked Users It is a nested policy