OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Oracle Proposes Yet Another Identity Governance Framework - IGF -CARML - AAPML


Of possible interest...

Thursday November 30, 06:44 AM
Oracle Proposes Yet Another Identity Governance Framework
http://au.news.yahoo.com/061130/20/11mf5.html

by ComputerWire Staff

Today, there are competing web services standards for how federated
identification is maintained, including SAML/Liberty 2.0 and WS-Federation.
There are various frameworks for managing personal preferences such as IBM
Corps Project Higgins and Microsoft Corp's CardSpace. And there are formal and
de facto standards for directories that store identity data, such as LDAP and
Microsofts Active Directory.

But there is no mechanism between storage and the application for expressing
the policy on how and when to release identity data, claimed Amit Jasuja, vice
president of development, security and identity management for Oracle.
ADVERTISEMENT

Oracle Corp has recruited Ping Identity, Securent, and Sun Microsystems, Inc to
propose what it calls an Identity Governance Framework (IGF). Currently a
proposal looking for a standards body, IGF comes off the starting gate with
several proposed components.

The heart of IGF includes Client Attribute Requirement Markup Language (CARML),
an XML-based declarative language that signifies which identity attributes are
consumed by the application, and Attribute Authority Policy Markup Language
(AAPML), which provides the syntax for prescribing under what conditions
specific pieces of identity data are disclosed to applications.

Oracles efforts stem from several acquisitions, including Thor Technologies and
OctetString roughly a year ago, that propelled the companys entry to the
identity management space.

According to Prateek Mishra, director of security standards for Oracle Identity
Management, IGF is designed to pick up where federated ID schemes leave off. As
one of the coauthors of the original SAML spec while at Netegrity, Mishra
claims these standards simply provide the mechanism, but not the context under
which identity data is exchanged in environments where there are multiple
sources of identification data.

Oracles proposals spell the beginnings of a vocabulary for specifying the rules
and conditions under which identity is disclosed. For instance, it would
provide the syntax for a system where data such as birth date, social security,
health service, or insurance policy numbers is only disclosed to an HR system.

Oracle hopes to identify a standards organization where the proposals could be
submitted within the next 90 days.


---
end





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]