[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [regrep] ebXML Registry and Dublin Core
<Quote> they want to establish insurance industry standards for passwords and user IDs between insurance companies and agencies and brokers. </Quote> ...using already existing (and still in process in some cases) open standards such as WS-Security and SAML, I hope? Joe Peter Kacandes wrote: > > At the ACORD meeting last week, they spent close to two hours debating these > points. > > Basically, they want to establish insurance industry standards for passwords > and user IDs between insurance companies and agencies and brokers. At first > they wanted to call it SSO but realized that wasn't appropriate and then > started calling it Identity management, and realized that wasn't quite right > either. > > The popular term was PINRM (Post-it Note Replacement Methodology) to capture > the fact that most agents at a brokerage keep an array of Post-it Notes on > the borders of their monitors where each Post-it Note has the user ID and > password that they need to get into the applications at a particular > insurance company. > > cheers > > pk > > -----Original Message----- > From: Chiusano Joseph [mailto:chiusano_joseph@bah.com] > Sent: Friday, June 27, 2003 10:31 AM > To: Carl Mattocks > Cc: Anne Thomas Manes; Farrukh Najmi; Peter Kacandes; > regrep@lists.oasis-open.org > Subject: Re: [regrep] ebXML Registry and Dublin Core > > <Quote> > the true potential for XACML is as a 'single sign-on' gateway > </Quote> > > I know exactly what you meant, but mixing the terms "single sign-on" and > access control is often dangerous. Most folks associate SSO with > SAML/Liberty Alliance, which is all on the authentication side of things > (which includes identity management). Access control assumes that the > user/resource has already been authenticated, and - now knowing that > their identity is valid - what resources they have access to, at what > level, in what manner etc. > > <Quote> > let us not forget Dublin Core. IMHO the registry should allow both the > DC core & extended elements to be applied to any and all types of > objects. i.e. expand the information that is known about a particular > asset > </Quote> > > Yes - I think a mapping between Dublin Core metadata and our RIM would > be very useful. Then the Content Indexer could be used to perform the > translation between the 2. David Webber mentioned GILS (Global > Information Locator Service) to Farrukh and I recently - there is a > GILS/Dublin Core crosswalk available. So if we support GILS, we can > support Dublin Core through the crosswalk (if we choose that approach). > > There also exists a crosswalk between GILS and UDDI - so we could have > UDDI --> GILS --> ebXML Registry as well. > > Joe > > Carl Mattocks wrote: > > > > In the world of large organizations (the world they create) direct access > to databases is strictly limited to DBAs and approved applications. IMHO > (similar to Joe) the true potential for XACML is as a 'single sign-on' > gateway to many information sources (database and other CMSs). > > > > Regarding standard for CMS - let us not forget Dublin Core. IMHO the > registry should allow both the DC core & extended elements to be applied to > any and all types of objects. i.e. expand the information that is known > about a particular asset . > > > > > <Quote> > > > But looking at this from the customer's point of view -- they're > > > accustomed to defining access control policies in the database. > > > > > > Absolutely - the human factor and change management is always an > > > important consideration (it's often a deal maker or breaker). An "XACML > > > Gateway" from the large database vendors might help solve this. > > > > carl > > Carl Mattocks > > CEO CHECKMi > > e-mail: CarlMattocks@checkmi.com > > ******************************************* > > Business Agent Software that > > Secures Knowledge for Reputation:Protection > > ******************************************* > > CHECKMi Compendium the shortcut to Valued & Trusted Knowledge > > ******************************************* > > www.checkmi.com > > (usa)1-908-322-8715 > > You may leave a Technical Committee at any time by visiting http://www.oasis-open.org/apps/org/workgroup/regrep/members/leave_workgroup.php
begin:vcard n:Chiusano;Joseph tel;work:(703) 902-6923 x-mozilla-html:FALSE url:www.bah.com org:Booz | Allen | Hamilton;IT Digital Strategies Team adr:;;8283 Greensboro Drive;McLean;VA;22012; version:2.1 email;internet:chiusano_joseph@bah.com title:Senior Consultant fn:Joseph M. Chiusano end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]