Re: [provision-comment] Draft: Glossary of Terms forProvisioningServices Technical Committee (PSTC)

[Gavenraj Sodhi <gsodhi1@home.com>]

Hello Neal,

I will find out the details on getting the interested people on the
provision-comment list but the list is publicly viewable at:
http://lists.oasis-open.org/archives/provision/200110/maillist.html

Have you been able to view the other comments from the proposing members?
Do you know if any entity within ChevronTexaco is a member of OASIS?  If
not, as a note, to be a working group member of PSTC once it formalizes
November 12, the organization or individual must be a member.  Here is a
link for further information on that:  https://www.oasis-open.org/join/

I agree on your definition of Account and will propose it to the rest of the
proposing group.

Also, a PSTC "overview" document will be coming shortly but as a short
synopsis of how this came to be.  A set of proposed specifications, XRPM,
ADPr, and ITML were submitted to form the PSTC working group.  XRPM's core
focus was on the exchange of  information across multiple systems (e.g.,
Provisioning, Web Access Control, Meta-Directory); ADPr's core focus was on
System to Resource/Service relationship across multiple systems; and ITML's
core focus was on protocols, message formats and best practices in the
Application Service Provider (ASP) and ASP aggregation market to provide
seamless integration of partners and business processes.

The PSTC proposing group is working on defining a initial set of goals to
setup an initial discussion when presented to the PSTC Working Group, when
officially recognized.

-Gavenraj Sodhi
gsodhi1@home.com



----- Original Message -----
From: "Smith, Neal L. (NLSM)" <NLSM@chevrontexaco.com>
To: "'Gavenraj Sodhi'" <gsodhi1@home.com>
Sent: Thursday, October 18, 2001 10:27 AM
Subject: FW: [provision-comment] Draft: Glossary of Terms forProvisioning
Services Technical Committee (PSTC)


> Hi.  My note was rejected by the list.  Is it possible to get authorized?
> Thanks.
>
> Neal Smith
> ChevronTexaco
>
> > -----Original Message-----
> > From: Smith, Neal L. (NLSM)
> > Sent: Thursday, October 18, 2001 10:16 AM
> > To: 'Gavenraj Sodhi'; provision-comment@lists.oasis-open.org
> > Subject: RE: [provision-comment] Draft: Glossary of Terms for
> > Provisioning Services Technical Committee (PSTC)
> >
> > I believe the definition of account could be improved.  The statement
> >
> > "Every service will require a different set of information to give a
user
> > access; therefore, the parameters of accounts will differ by service
> > type."
> >
> > suggests that there is no commonality of provisioning requests between
> > service types.  Well, not true!  Any provisioning request to create an
> > account will have some sort of account identifier.  Any provisioning
> > request to create rights to a resource will have some rights info
> > (read-only, update, etc.).  Of course, there will also be provisioning
> > information that's unique to a given service.
> >
> > I would rather see a standard that covers common provisioning requests
> > across a broad set of services, while also allowing extensions for
> > platform-specific needs.  The following definition is offered as an
> > alternative:
> >
> > Account - A set of parameters that define a user's access to a service.
> > Some of the parameters will be common across all services, but some
> > services may require a different set of information to give a user
access.
> > Therefore, the parameters of accounts may differ by service type.
> >
> > This might seem like a small point, but in looking at the proposed
schema
> > for ADPr, it appears there was little thought given to finding common
> > ground across the various provisioned services.  I would like to set the
> > bar a bit higher.  The payout will be a standard that is more flexible
and
> > adaptable to new services and new versions of existing services.
> >
> > Neal Smith
> > ChevronTexaco
> >
> > -----Original Message-----
> > From: Gavenraj Sodhi [SMTP:gsodhi1@home.com]
> > Sent: Friday, October 12, 2001 4:24 PM
> > To: provision-comment@lists.oasis-open.org; xrpm@yahoogroups.com
> > Subject: [provision-comment] Draft: Glossary of Terms for
> > Provisioning Services Technical Committee (PSTC)
> >
> > Here is the First Draft of the Glossary of Terms for PSTC.  Please
> > comment.
> >
> > -Gavenraj Sodhi
> > gsodhi1@home.com <mailto:gsodhi1@home.com>
> >
> >
> > Provisioning Services Technical Committee (PSTC)
> >
> > Revision History
> >
> >
> >
> > Version
> >
> > Draft 01 - v01
> >
> > Date
> >
> > 12 October 2001
> >
> > Editor
> >
> > Gavenraj Sodhi
> >
> > Comments
> >
> > Glossary of Terms
> >
> >
> >
> > Glossary of Terms for Provisioning Services Technical Committee (PSTC)
> >
> >
> >
> > Account - A set of parameters that define a user's access to a service.
> > Every
> >
> > service will require a different set of information to give a user
> >
> > access; therefore, the parameters of accounts will differ by service
> >
> > type.
> >
> > Actor - An entity (i.e. person or system entity) utilizing provisioning,
> > user
> >
> > administration, services. Examples of actors include application
programs,
> >
> >
> > security services, any computing or non-computing services, etc. Perhaps
> > actor
> >
> > is effectively synonymous with system or person entity.
> >
> > Attributes - Functions of the particular resource.
> >
> > Authorized - A system entity or actor is "authorized" if it is granted a
> > right or a
> >
> > permission or a capability to access a system resource.
> >
> > Enterprise - Environment within the companies' realm (e.g., Intranet,
> > current corporation employees, temporary employees, contractors).
> >
> > External Enterprise - Environment which may contain many or all of the
> > following:  Managed Services, contractors, temporary employees, multiple
> > organizations, private to public registry systems.
> >
> > Identity - Unique Identity or an element with respect to a defining
domain
> > (e.g., Organization or Party)
> >
> > Organization - Organization of Persons.
> >
> > Party - Refers to any person who interacts with the system and/or the
> >
> > network the system is managing.
> >
> > Person - Represents an individual person.
> >
> > Provisioning - The self-service management of user identity data (e.g.,
> > identity, role) in a centralized manner to resources across an
enterprise
> > and external enterprise.  The resources may have attributes mapped
across
> > to multiple applications.  The attributes to these resources may consist
> > of the following actions:  Add, Modify, Delete, Suspend, Restore,
Search,
> > Notify, etc...
> >
> > Requesting Authority - Party or system that is authorized to request a
> > resource for the party.
> >
> > Resource - Any application or service which can be managed for
> > provisioning purposes.
> >
> > Role - Roles that a person can fulfill within an organization
> >
> > System - Represents computing entities (e.g., Provisioning System)
> >
> > Service - A specific type of resource that is not physically obtained by
a
> > user,
> >
> > but is accessed periodically by the user.
> >
> >
> >
> > Other Initiatives to be considering:
> >
> >
> >
> > DSML (Directory Services Markup Language) - An XML specification for
> > marking up directory services information
> >
> > SAML (Security Assertions Markup Language) - An XML-based security
> > standard for exchanging authentication and authorization information
> >
> > XACML (eXtensible Access Control Markup Language) - An XML specification
> > for expressing policies for information access over the Internet
> >
> > XNSORG (XNS Public Trust Organization) - An XML-based open platform for
> > automated data exchange with global identity, privacy, and permission
> > management capabilities
> >
>
> --------------------------------------------------------------------------
> > -----------------
> >
> > Further definitions will come out when we start diving into use cases.
> >
> >   << File: PSTCTerms.PDF >>
>