OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

provision-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [PSTC] Re: [provision-comment] Draft: Glossary of TermsforProvisioningServices Technical Committee (PSTC)

PSTC team,
 
Two things.  I'm double-booked this Thursday at 10:00 so I'll need to miss the call.  Keep me posted if I have any specific action items.
 
Second, I like John's definition of provisioning below.  I do think it implies some scoping, however, by explicitly stating "electronic services" we are scoping our definition of provisioning not to include hardware, people and other non "electronic" elements.  However, I don't see this as an issue given the goals of PSTC.
 
John and I will be working on the FAQs this week.  (John --I never did get to it this weekend, way too much going on--it's a top priority this week)
 
cheers
Kelly
 
 
 
 
-----Original Message-----
From: John Aisien [mailto:john.aisien@thortech.com]
Sent: Monday, October 15, 2001 4:08 PM
To: Darran Rolls
Cc: Gavenraj Sodhi; provision-comment@lists.oasis-open.org; xrpm@yahoogroups.com
Subject: [PSTC] Re: [provision-comment] Draft: Glossary of Terms forProvisioningServices Technical Committee (PSTC)

The 1st provisioning definition is more generic and thus less devoid of terms likely to be interpreted in a non-uniform manner (perhaps except 'account'). Hence, more preferable in my view.

What I came up with last week is below:
"Provisioning is the automation of all the steps required to manage (setup, amend & revoke) user or system access and entitlement rights to electronic services".

Also reworded your 1st one slightly (per my comments above):
"The process of managing attributes within the scope of a define business process or interaction. Provisioning a service may involve the creation, modification, deletion, suspension, restoration of a defined set of attributes for a user, group of users or system" (the last 6 words can also be replaced by 'Party', contingent on an agreed definition for this term per 'Raj's glossary).

Myself & Kelly will send the draft FAQ later this week.

JA

Darran Rolls wrote:

Thanks Raj.

I have taken the liberty of adding some definitions and have made a couple of changes here and there. Your original was in pdf, I've moved it over to a word doc for interim version control and commenting.I'll archive everything for now pending use of a doc repository on the Oasis site.

I'm a little behind with my "DocumentOf Understanding".I'll have this available to the group tomorrow (honestly ;-)

On the last call there was agreement on the need to get a better definition of the term "Provisioning".So far we have the following, what does everyone think?

Provisioning - The process of managing attributes and accounts within the scope of a 

defined business process or interaction.Provisioning an account or service may involve

the creation, modification, deletion, suspension, restoration of a defined set or accounts 

or attributes. 

Provisioning- The self-service management of user identity data (e.g., identity, role) in a

centralized manner to resources across an enterprise and external enterprise. The

resources may have attributes mapped across to multiple applications. The attributes to

these resources may consist of the following actions: Add, Modify, Delete, Suspend,

Restore, Search, Notify, etc...

Darran Rolls

Waveset Technologies
MSIM  drolls_waveset@hotmail.com
AIM    drollswaveset
YIM    drolls_waveset
http://www.waveset.com/
drolls@waveset.com
-----Original Message-----

From:Gavenraj Sodhi [mailto:gsodhi1@home.com]
Sent: Friday, October 12, 2001 6:24 PM
To:provision-comment@lists.oasis-open.orgxrpm@yahoogroups.com
Subject: [provision-comment] Draft: Glossary of Terms for ProvisioningServices Technical Committee (PSTC)

Here is the First Draft of the Glossary of Terms for PSTC.  Please comment.
-Gavenraj Sodhi
gsodhi1@home.com
Provisioning Services Technical Committee (PSTC)

Revision History


 
Version
Draft 01 - v01
Date
12 October 2001
Editor
GavenrajSodhi
Comments
Glossary of Terms

Glossary of Terms for Provisioning Services Technical Committee (PSTC)

Account - A set of parameters that define a user's access to a service. Every

service will require a different set of information to give a user

access; therefore, the parameters of accounts will differ by service

type.

Actor - An entity (i.e. person or system entity) utilizing provisioning, user

administration, services. Examples of actors include application programs, 

security services, any computing or non-computing services, etc. Perhaps actor 

is effectively synonymous with system or person entity.

Attributes - Functions of the particular resource.

Authorized - A system entity or actor is "authorized" if it is granted a right or a

permission or a capability to access a system resource.

Enterprise - Environment within the companies' realm (e.g., Intranet, current corporation employees, temporary employees, contractors).

External Enterprise - Environment which may contain many or all of the following:Managed Services, contractors, temporary employees, multiple organizations, private to public registry systems.

Identity - Unique Identity or an element with respect to a defining domain (e.g., Organization or Party)

Organization - Organization of Persons.

Party - Refers to any person who interacts with the system and/or the

network the system is managing.

Person - Represents an individual person.

Provisioning - The self-service management of user identity data (e.g., identity, role) in a centralized manner to resources across an enterprise and external enterprise.The resources may have attributes mapped across to multiple applications.The attributes to these resources may consist of the following actions:Add, Modify, Delete, Suspend, Restore, Search, Notify, etc...

Requesting Authority - Party or system that is authorized to request a resource for the party.

Resource - Any application or service which can be managed for provisioning purposes.

Role - Roles that a person can fulfill within an organization

System - Represents computing entities (e.g., Provisioning System)

Service - A specific type of resource that is not physically obtained by a user,

but is accessed periodically by the user.

Other Initiatives to be considering:

DSML (Directory Services Markup Language) - An XML specification for marking up directory services information 

SAML (Security Assertions Markup Language) - An XML-based security standard for exchanging authentication and authorization information

XACML (eXtensible Access Control Markup Language) - An XML specification for expressing policies for information access over the Internet 

XNSORG (XNS Public Trust Organization) - An XML-based open platform for automated data exchange with global identity, privacy, and permission management capabilities

-------------------------------------------------------------------------------------------

Further definitions will come out when we start diving into use cases.


Yahoo! Groups Sponsor

To unsubscribe from this group, send an email to:
xrpm-unsubscribe@yahoogroups.com



Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC