Oracle has announced that they are acquiring Passlogix. That is no real surprise to me. Oracle has been the last large OEM partner of Passlogix for their E-SSO (Enterprise Single Sign-On) solution. Others like IBM had decided for own solutions in the past. Passlogix had some success in direct sales, but being a niche vendor they probably had to decide between an exit strategy or significant investments to expand their own portfolio.

From an Oracle perspective, the acquisition definitely makes sense. Oracle mentions "tighter integration" as the opportunity behind that deal. And that exactly is what the deal is about. E-SSO currently is in a transition phase, from a very focused and specialized solution towards an integrated element within authentication and authorization concepts. Versatility, e.g. the capability to flexibly support different authentication methods in sort of a plug-and-play approach, combined with step-up authentication and other concepts, is just one example of new trends in the SSO market. Integrating E-SSO and Web Access Management as well as Identity Federation is another. And the potential of bringing together Oracles Adaptive Authentication Manager, e.g. risk-/context-based authentication, with E-SSO (e.g. E-SSO based on risk and context) is obvious as well.

With the acquisition, Oracle opens the door for new, integrated approaches beyond classical, pure-play SSO. That fits into what IBM has done when acquiring E-SSO technology or Novell with buying a source code license from ActivIdentity - all players want to better integrate E-SSO with other solutions and all want to have the flexiblity in their product strategy they never can have with an OEM product. What can be done with integrated approaches has been demonstrated by Evidian for quite a while - one consolidated access management.

Thus it will be interesting to observe where Oracle starts to deliver on the idea of integrating E-SSO with other technologies. Even while I overall rate integrating E-SSO positively, there is one aspect which should be kept in mind: A strength of the pure-play E-SSO solutions is that they aren't intrusive with respect to the existing IT infrastructure. Thus they are very easy to deploy and provide a quick win potential. This advantage shouldn't be given away.