Service Provisioning Markup Language (SPML) v2.0 Ratified as OASIS Standard

["Carol Geyer" <carol.geyer@oasis-open.org>]

Service Provisioning Markup Language (SPML) v2.0 Ratified as OASIS
Standard

BEA Systems, BMC Software, Capgemini, CA, Hewlett-Packard, IBM,
Microsoft, Oracle, RSA Security, SAP, SOA Software, Sun Microsystems,
and Others Develop OASIS Standard for Exchanging User, Resource, and
Service Provisioning Information


Boston, MA, USA; 11 March 2006 --  The OASIS international standards
consortium today announced that its members have approved the Service
Provisioning Markup Language (SPML) version 2.0 as an OASIS Standard, a
status that signifies the highest level of ratification. SPML provides
an XML-based framework for managing the allocation of system resources
within and between organizations. Encompassing the entire life-cycle
management of resources, SPML defines the provisioning of digital
services such as user accounts and access privileges on systems,
networks and applications, as well as non-digital or physical resources
such as cell phones and credit cards.

"One of the hardest parts of provisioning is interoperability," noted
analyst, Mark Diodati of Burton Group's Identity and Privacy Strategies.
"SPML provides a standards-based approach, and  version 2.0 adds
important functionality that is required for robust provisioning
services."

"SPML v2.0 will further facilitate the seamless application of identity
management solutions to the day-to-day challenges of provisioning and
de-provisioning business services," said Gavenraj Sodhi of CA, co-chair
of the OASIS Provisioning Services Technical Committee. "The result will
be more efficient IT administration, improved security, and easier
extension of services beyond organizational boundaries."

"SPML 2.0 provides a service-oriented identity protocol that goes far
beyond just enterprise provisioning while enabling customers to spend
less time connecting systems and applications, and more time focusing on
the technology issues and implementations most important to their
business needs and services," said Jeff Bohren, of BMC Software,
co-chair of the OASIS Provisioning Services Technical Committee.

The SPML v2.0 OASIS Standard offers enhanced functionality as well as a
new profile that lets users and other objects be manipulated more
easily. Additional features include improved password management, user
suspension capabilities, and user attribute schema discovery.

"SPML was developed alongside other key security specifications,
including the Security Assertion Markup Language (SAML) and WS-Security,
both of which are also OASIS Standards," noted Patrick Gannon, president
and CEO of OASIS. "Our security committees work together to exploit the
benefits of reuse and coordination to the greatest extent possible. We
congratulate the members of the OASIS Provisioning Services Technical
Committee for this outstanding achievement."

The OASIS Provisioning Services Technical Committee remains open to new
participation. All interested parties are encouraged to exchange
information on implementing SPML via the spml-dev mailing list
(http://www.oasis-open.org/mlmanage/). As with all Consortium projects,
archives of the OASIS Provisioning Services Technical Committee's work
are accessible to both members and non-members, and OASIS hosts an open
mail list for public comment on the standard. 


Support for the SPML OASIS Standard

BMC Software
"BMC Software is pleased with the approval of SPML 2.0 as an OASIS
Standard," said Doron Cohen, CTO, Identity Management Business Unit, BMC
Software. "BMC is committed to working with organizations like OASIS to
create and promote the influence of standards in the market that help
customers effectively and efficiently build an identity-aware business."

CA
"CA is excited to be co-authors of the SPML 2.0 specification. Its
ratification as an OASIS Standard is a significant milestone for
security management standards and is inline with the maturity of
Identity Management solution requirements," said Gavenraj Sodhi,
director of product management for security management at CA and
co-chair of the OASIS Provisioning Services Technical Committee. "We
look forward to continued adoption of identity management standards,
with the goal of encouraging interoperability and thus promoting more
efficient processes for implementing Identity Management Solutions."

Oracle
"Oracle is deeply committed to helping bring security standards to the
market and building support for these standards into our family of
identity management products," said Prateek Mishra, director, Security
Standards, Oracle. "As a member of the OASIS Provisioning Services
Technical Committee, we are pleased that the standard has been
finalized, and we look forward to helping accelerate its adoption
throughout the industry and across our customer base."


Additional Information:

OASIS Provisioning Services Technical Committee 
http://www.oasis-open.org/committees/provision


About OASIS:

OASIS (Organization for the Advancement of Structured Information
Standards) is a not-for-profit, international consortium that drives the
development, convergence, and adoption of e-business standards. Members
themselves set the OASIS technical agenda, using a lightweight, open
process expressly designed to promote industry consensus and unite
disparate efforts. The consortium produces open standards for Web
services, security, e-business, and standardization efforts in the
public sector and for application-specific markets. Founded in 1993,
OASIS has more than 5,000 participants representing over 600
organizations and individual members in 100 countries. Approved OASIS
Standards include AVDL, CAP, DITA, DocBook, DSML, ebXML CPPA, ebXML
Messaging, ebXML Registry, EML, OpenDocument, SAML, SPML, UBL, UDDI,
WSDM, WS-Reliability, WSRP, WS-Security, XACML, XCBF, and XML Catalogs.
http://www.oasis-open.org


Press contact:

Carol Geyer
Director of Communications, OASIS
carol.geyer@oasis-open.org
+1.978.667.5115 x209