OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

provision message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: SPML3 Charter


Hi everyone,

  I just wanted to check in and see how this is progressing. As discussed on a call a few weeks ago, our goal is to jump-start the existing Provisioning Services TC rather than starting a new TC that might not be able to pick up the existing SPML 2.0 specification. 

  In order to move forward with revising the charter, we need to reach critical mass in the TC itself - once we have attained sufficient members I will run an election for Chair and then the members can move the proposed charter clarification forward.

  If you are an OASIS member and are not yet a member of the Provisioning Services TC but would like to be, point your browser here:
http://www.oasis-open.org/apps/org/workgroup/provision/
... and then select 'join group'.

  If you aren't an OASIS member, please send a note to Dee Schur (dee.schur@oasis-open.org) who will be happy to help you.

Regards,

Mary


Mary P McRae
Director, Standards Development
Technical Committee Administrator
OASIS: Advancing open standards for the information society
twitter: @fiberartisan  #oasisopen
phone: 1.603.232.9090

Standards are like parachutes: they work best when they're open.



On Jun 21, 2010, at 11:01 PM, Richard Sand wrote:

Hi Jeff,
 
Thanks for the feedback! Regarding number 3, I see your point – these items may be better served under the last item i.e. as templates for implementations as opposed to part of the core standard.
 
For  4 & 5 – yes I noticed the autonumber problem after I hit send J
 
For 6, I guess you are talking about the the Capabilities mechanism?  Again a lot of my thinking here may fall under the category of templates or additional profiles, but what I want to do is get more specific with operational metadata – especially the metadata generally needed to enable auditing and compliance measurement.
 
For 7 – XACML is a tool that can be used here – for example we could use XACML as a language for defining these models. Same type of thinking – XACML is a lower-level general purpose language whereas what I want to accomplish is to put some structure and scaffolding in place to facilitate the communication of role information between parties.
 
Keep it coming!
 
Mary, from a chicken-and-egg standpoint, do we need to have the charter locked down before (re)convening a committee? Should the charter be more general? Basically what’s the next step so we can bring these discussions into an active committee as opposed to being an informal discussion about possibly forming a committee?
 
FYI I had John Fontana’s e-mail address wrong in the previous e-mails, I’ve corrected it in this one.
 
Best regards,
Richard Sand | CEO
239 Kings Highway East | Haddonfield | New Jersey 08033 | USA
Mobile: +1 267 984 3651
| Office: +1 856 795 1722| Fax: +1 856 795 1733

<image001.jpg>
 
From: Bohren, Jeff [mailto:jbohren@caremedic.com] 
Sent: Monday, June 21, 2010 1:07 PM
To: Richard Sand; Dee Schur; Mary McRae; yvonne.wilson@oracle.com; martin.raepple@sap.com; romanenko@softerra.com;a.chukanov@softerra.com; John.Fontana@pingidentity.com; Tony.Goulding@ca.com; Gavenraj Sodhi; Daniel A. Perry; Patrick Harding; jackson.shaw@quest.com; Darren Platt; Mark Diodati; bblakley@burtongroup.com; Dale Olds; jbohren@caremedic.com.;jbohren@yahoo.com
Cc: laurent.liscia Liscia; James Bryce Clark; Carol Geyer
Subject: RE: SPML3 Charter
 
Richard,
 
I just back from PTO (with out cell phone or internet access). After looking over the proposed charter I have some comments/questions:
 
  • I don’t think item 3 is appropriate. There is nothing in SPML today that would preclude multi-tenancy as far as I know. As for delegation, registration, and identification, these seem to be specific to a specific business model and I can’t see a standard dictating these features.
  • I think you meant items 4 and 5 to be one item (damned auto numbering).
  • I don’t see what you are getting at for item 6. SPML already has a metadata mechanism that should be sufficient for those purposes. Or are you suggesting a replacement of the metadata mechanism?
  • What’s the difference between item 7 and XACML?
 

From: Richard Sand [mailto:Richard.Sand@skyworthttg.com] 
Sent: Thursday, June 17, 2010 1:58 PM
To: Dee Schur; Mary McRae; yvonne.wilson@oracle.com; martin.raepple@sap.com; romanenko@softerra.com;a.chukanov@softerra.com; John.Fontana@pingidentity.com; Tony.Goulding@ca.com; Gavenraj Sodhi; Daniel A. Perry; Patrick Harding; jackson.shaw@quest.com; Darren Platt; Mark Diodati; bblakley@burtongroup.com; Dale Olds; jbohren@caremedic.com.
Cc: laurent.liscia Liscia; James Bryce Clark; Carol Geyer
Subject: RE: SPML3 Charter
 
Hi all- does anyone have any feedback on the draft charter?
 
Richard Sand | CEO
239 Kings Highway East | Haddonfield | New Jersey 08033 | USA
Mobile: +1 267 984 3651
| Office: +1 856 795 1722| Fax: +1 856 795 1733

<image001.jpg>
 
From: Richard Sand 
Sent: Thursday, June 10, 2010 1:04 AM
To: 'Dee Schur'; 'Mary McRae'; 'yvonne.wilson@oracle.com'; 'martin.raepple@sap.com'; 'romanenko@softerra.com';'a.chukanov@softerra.com'; 'John.Fontana@pingidentity.com'; 'Tony.Goulding@ca.com'; Gavenraj Sodhi; Daniel A. Perry; 'Patrick Harding'; 'jackson.shaw@quest.com'; 'Darren Platt'; 'Mark Diodati'; 'bblakley@burtongroup.com'; 'Dale Olds'; 'jbohren@caremedic.com.'
Cc: 'laurent.liscia Liscia'; 'James Bryce Clark'; 'Carol Geyer'
Subject: SPML3 Charter
 

Hi all,

I’ve written here my draft proposal for an SPML 3 charter. It basically hints at the shortfallings of SPML 2 and gives general guidelines from a methodology standpoint how we plan to address those shortfalls, and then gives some details on the various additions we’d like to see added to the specification to give it more relevance, solve real problems, and provide ease of deployment.

This is not an official document by any stretch so feel free to flame / roast / etc. as you see fit!

 

SPML 3.0 Charter

The purpose of the OASIS Provisioning Services Technical Committee (PSTC) is to define an XML-based framework for exchanging user, resource, and service provisioning event information. The Technical Committee will develop an end-to-end, open provisioning specification designed to handle cases both within an organization and federated cases, such as those encountered in B2B and service-based environments.

The previous version of SPML , version 2.0, provided the basic semantics for expressing atomic provisioning operations and for batching multiple operations into single requests. SPML 3.0 will include all of this functionality, and will build upon it to provide higher level complex operations required by identity management systems for managing the full lifecycle of user identities both within the enterprise and between enterprises. It will also put forth simple yet extensible standard templates for identity schema, role models, and organizational design for easing adoption of SPML 3.0 implementations. The focus will be on providing breadth of functionality but in a simple and straightforward fashion for the majority of cases.

Some of the focus areas of SPML 3.0 will be:

1.       Solving more business provisioning problems - such as bidirectional account flow and synchronization – which are even more prevalent in B2B or service provider scenarios

2.      Adding higher level IDM tasks, such as: an employee moving between departments, various forgotten password reset and recovery tasks, temporary delegation of rights, other self service requests such as for additional roles or access rights

3.      Adding support for common service provider models (such as multi-tenancy, delegation, registration and identification of organizations)

4.      Defining multiple standard schema that can be used and extended upon for various use cases. Some examples for these standard schema could be based

5.      upon LDAP InetOrgPerson, Active Directory User, industry specific schema for education, healthcare, government, retail.

6.      Defining provisioning metadata for all operations that can be used for workflow, automation, audit & compliance purposes

7.      Defining one or more flexible, extensible role model(s) to serve common role-based access control use case

8.      Creating an extensible set of templates which can be used to accelerate implementations for the common cases, and can be easily extended or even replaced as needed. Templates would include a bit of all of the facets of SPML, e.g. standard schema, supported operations, metadata definition, role and org structure, so that these can be selected as a starting point for the whole provisioning rollout for an organization and extended from there

 
 
 
Richard Sand | CEO
239 Kings Highway East | Haddonfield | New Jersey 08033 | USA
Mobile: +1 267 984 3651
| Office: +1 856 795 1722| Fax: +1 856 795 1733

<image001.jpg>
 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]