OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

announce message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: OASIS Demos Provisioning Identity Management Solution for Web Services

OASIS Members Demonstrate Support for New Provisioning Identity
Management Solution for Web Services

BMC Software, Business Layers, Entrust, OpenNetwork, PeopleSoft, Sun
Microsystems, Waveset, Thor Technologies, TruLogica, and Others Showcase
Specification for Exchanging Information Between Provisioning Service
Points on the Internet

Boston, MA, USA; 26 June 2003 -- The first public demonstration of the
OASIS Service Provisioning Markup Language Specification (SPML) v1.0
will be held on 9 July 2003 at the Catalyst Conference in San Francisco.
SPML is an XML-based framework for exchanging and administering user
access rights and resource information across heterogeneous
environments. Ten members of the OASIS standards consortium will come
together at Catalyst to prove the stability of the new specification and
demonstrate interoperability between SPML-conformant security software

"SPML is the product of an open collaboration process involving identity
management vendors committed to the creation of a standard that any
application or software product could use to request provisioning
services," said Phil Schacter vice president and director, directory and
security strategies, Burton Group. "The effort and commitment by these
vendors to create SPML demonstrates their recognition of the key role
standards play in enabling the virtual enterprise. Provisioning is
clearly becoming a key component in the identity management
infrastructure for many companies."

SPML lets organizations automate, centralize, and manage the process of
provisioning user access to internal and external corporate systems and
data. SPML has been designed to work with the World Wide Web
Consortium's SOAP, the OASIS Standard SAML, the OASIS WS-Security
specification, and other open standards that allow companies to securely
leverage Web services.

"SPML allows cooperating elements of an Identity Management
infrastructure to securely exchange provisioning and service
subscription requests using an open standards-based protocol," explained
Darran Rolls of Waveset, chair of the OASIS Provisioning Services
Technical Committee. "This demonstration highlights interoperability
between the industry's leading provisioning and identity management
vendors, based on our committee's specification. As infrastructure
becomes more identity-centric and companies start to model and deploy
Web services, SPML will be a critical element of an end-to-end
standards-based identity management strategy."

"We are very pleased with the work surrounding the development of the
SPML specification," said Gavenraj Sodhi of Business Layers, secretary
for the OASIS Provisioning Services Technical Committee. "This is a
collective effort by industry leaders to take an administrative burden
off the customer by creating an open standard that will be applied to
Web services strategies moving forward." Sodhi will make an SPML
presentation at the Catalyst Conference.

"Clearly, security is essential for the proliferation of Web services.
That's why it's so significant that these SPML developers are proving
interoperability on a major scale, in a public forum," said Karl Best,
vice president of OASIS. "The demonstration is a milestone in the
development and recognition of SPML 1.0 as an crucial security layer in
the Web services stack."

The SPML specification is currently in a public review period which
occurs prior to being submitted to the OASIS membership at-large for
consideration as an OASIS Standard. SPML is one of several security
standards being developed at OASIS. Other
standards and specifications include WS-Security for high-level security
services, XACML for access control, XCBF for describing biometrics data,
and SAML for exchanging authentication and authorization information.

Industry Leaders Support SPML

BMC Software:
"BMC Software is proud to be a member of the OASIS SPML Interoperability
Demonstration. As the identity management market emerges, addressing the
need for integration and interoperability of disparate access control
components and business applications becomes a top priority of our
customers' identity management strategy. Provisioning systems can now
use a standard language to exchange identity information with business
applications and service providers to achieve automated provisioning of
users and services. SPML adds a much needed dimension to the open and
secure identity management solution market," said Doron Cohen, Chief
Architect, Security Business Unit, BMC Software.

Business Layers:
"Business Layers is proud to be part of the process in ratifying the
SPML specification. This is an important achievement for both customers
and vendors that support them. We look forward to continuing our
investment and active involvement with OASIS through our commitment to
open standards for Identity Management and Provisioning," said Adrian
Viego, chief technology officer for Business Layers.

"SPML represents a significant step forward in the industry's collective
efforts to help governments and businesses manage user identities across
a broad range of applications in a cost-effective and timely manner. As
a strong advocate of open standards, Entrust is proud to have played an
active role in SPML's development to date, and we look forward to
demonstrating our ongoing commitment to this important specification at
the upcoming OASIS SPML Interoperability Demonstration," said Tim
Moses, director of advanced security technology at Entrust.

"As technologists and active participants in OASIS, we are committed to
delivering standards-based solutions that meet our customers' challenges
of securely managing identities across complex enterprises. We are
excited about the benefits of the new SPML specification and are pleased
to team with our partners and deliver the first prototype of its kind to
the market," said Bob Worner, vice president of product engineering at

"More and more Waveset customers are adopting Web services as a way to
build and expand business opportunities. By providing open, SPML-enabled
identity management solutions, we can help them protect and maximize
current enterprise investments, while also leveraging the latest, most
innovative technologies for continued competitive advantage. We are
proud of our contribution to OASIS, which underscores a continued
commitment to industry standards in the development and deployment of
award-winning products," said Kevin Cunningham, vice president of
marketing at Waveset.

About OASIS (www.oasis-open.org)

OASIS (Organization for the Advancement of Structured Information
Standards) is a not-for-profit, global consortium that drives the
development, convergence, and adoption of e-business standards. Members
themselves set the OASIS technical agenda, using a lightweight, open
process expressly designed to promote industry consensus and unite
disparate efforts. OASIS produces worldwide standards for security, Web
services, conformance, business transactions, electronic publishing,
topic maps and interoperability within and between marketplaces. Founded
in 1993, OASIS has more than 2,000 participants representing over 600
organizations and individual members in 100 countries.

Press inquiries:

Carol Geyer
OASIS Director of Communications

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]