[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ
I also agree with the viewpoints of Uppili, and Darren. -Gavenraj gsodhi1@home.com ----- Original Message ----- From: "Yoav Kirsch" <yoav.kirsch@businesslayers.com> To: <xrpm@yahoogroups.com> Sent: Monday, October 29, 2001 1:40 PM Subject: RE: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ > I agree with Uppili and Darren we should deal with non-security issue and > with security issues > Yoav Kirsch > > -----Original Message----- > From: Uppili Srinivasan [mailto:usriniva@us.oracle.com] > Sent: Monday, October 29, 2001 2:48 PM > To: xrpm@yahoogroups.com > Cc: Hal Lockhart; Gavenraj Sodhi; provision-comment@lists.oasis-open.org > Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC > FAQ > > > We use the term "Provisining Integration" to refer to process of tying the > various aspects of provisioning together. The term "Provisioning" itself > can be applied to any specific aspect such as "e-mail provisioning", > "voice-mail provisioning". The idea is that there are *logical* agents > associated with each independent aspect of provisioning that participate in > the overall process of "Provisioning Integration". > > This seems intuitive to customers (when you describe it this way) since it > parallels how they go about application integration in general and > infrastructure integration for directory and security in particular. > > My 2c .. :-) > > ----- Original Message ----- > From: "Idan Shoham" <idan@psynch.com> > To: <xrpm@yahoogroups.com> > Cc: "Hal Lockhart" <hal.lockhart@entegrity.com>; "Gavenraj Sodhi" > <gsodhi1@home.com>; <provision-comment@lists.oasis-open.org> > Sent: Monday, October 29, 2001 11:15 AM > Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC > FAQ > > > > Perhaps the thing to do is to state that we are focusing on *provisioning* > > I.T. security access, and *triggering* the provisioning of other items and > > services, such as equipment, building access, etc. > > > > We can then define "triggering" as initiation of an out-of-band process > via > > e-mail, posting XML to another system, or execution of some executable > > program. > > > > Just my 2c.. :-) > > > > -- > > Idan Shoham > > Chief Technology Officer > > M-Tech Mercury Information Technology, Inc. > > idan@psynch.com > > http://psynch.com > > > > > > On Mon, 29 Oct 2001, Darran Rolls wrote: > > > > > I personally do not think we should constrain ourselves to provisioning > > > only security related "things". Whilst I agree that we will need to > > > closely manage scope as we move this forward, we do need to be mindful > > > of the large number of "loosely attached" security things that are often > > > bound in with a given say, user provisioning activity. > > > > > > A good example would be a provisioning request to activate a new user > > > that results in a bunch of account level provisioning PLUS the > > > initiation of a new cell phone request (for example). Within the > > > provisioning platform this may be little more than an encapsulated > > > process flow, maybe resulting in an email or workflow action. If we > > > allow for these types of actions we will need to allow for the exchange > > > of the required data - thus back to the definition of provisioning > > > issue.... > > > > > > Having said all that, if we simply emphasize the services in > > > Provisioning SERVICES TC and explain that this implies the provisioning > > > of services - "services" has a pretty wide definition.... > > > > > > > > > Darran Rolls > > > Waveset Technologies > > > MSIM drolls_waveset@hotmail.com > > > AIM drollswaveset > > > YIM drolls_waveset > > > <htp://www.waveset.com> http://www.waveset.com/ > > > <mailto:drolls@waveset.com> drolls@waveset.com > > > > > > -----Original Message----- > > > From: Hal Lockhart [mailto:hal.lockhart@entegrity.com] > > > Sent: Monday, October 29, 2001 11:14 AM > > > To: 'Gavenraj Sodhi'; provision-comment@lists.oasis-open.org; > > > xrpm@yahoogroups.com > > > Subject: RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ > > > > > > I am content with the scope of this TC being limited to "security > > > related" aspects of administration (access and entitlement). However, I > > > fear that the definition of Provisioning proposed below is not > > > consistent with the generally understood meaning of the term in the > > > networking industry and bodies such the DMTF. > > > > > > The use of the term in this general snse (as distinct from the > > > dictionary definition of obtaining food and other necessities) came from > > > the telephone companies and predates the existence of software. It has > > > largely been adopted by ISPs and other data network providers. > > > > > > Normally it refers to configuration activities that are specific to a > > > particular user, order or service delivery as distinguished from > > > activities intended to affect the behavior of the overall network. ( > > > Configuring a router to optimize capacity between NY and Boston is not > > > provisioning. Configuring a router to allow John Doe to access the > > > network is provisioning.) > > > > > > In any event, the term is not generally understood to be specific to > > > security concerns. Curiously, the DMTF does not list the term in their > > > CIM glossary. Lynn Wheeler does not list it either, which suggests in is > > > not considered a security "term of art". I did find this definition at > > > whatis.com which is generally consistent with my notion. > > > > > > <http://whatis.techtarget.com/definition/0,,sid9_gci333804,00.html> > > > http://whatis.techtarget.com/definition/0,,sid9_gci333804,00.html > > > Therefore, to avoid confusion, perhaps we should use some modifier, such > > > as security provisioning, user provisioning, access provisioning, > > > entitlement provisioning or rights provisioning. > > > > > > Hal > > > -----Original Message----- > > > From: Gavenraj Sodhi [mailto:gsodhi1@home.com] > > > Sent: Monday, October 29, 2001 11:20 AM > > > To: provision-comment@lists.oasis-open.org; xrpm@yahoogroups.com > > > Subject: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ > > > All, > > > > > > Thanks to Darran for posting this document and Kelly and John for their > > > help in putting the 1st Draft of PSTC together. The document is > > > available in DOC and PDF formats at the following hyperlinks below: > > > > > > <http://oasis-open.org/committees/provision/PSTCFAQv01.doc> > > > http://oasis-open.org/committees/provision/PSTCFAQv01.doc > > > http://oasis-open.org/committees/provision/PSTCFAQv01.PDF > > > > > > -Gavenraj Sodhi > > > > > > Provisioning Services Technical Committee (PSTC) > > > FAQ > > > Revision History > > > > > > > > > Version > > > Draft 01 - v01 > > > > > > Date > > > 12 October 2001 > > > 28 October 2001 > > > > > > Editor > > > Kelly Emo, John Aisien, Gavenraj Sodhi > > > > > > Comments > > > FAQ > > > - 28 October 2001 - Modification and addition of question, added > > > hyperlink to Introduction document > > > > > > > > > > > > > > > > > > > > > > > > PSTC FAQ > > > > > > > > > * What is provisioning? > > > o Provisioning is the automation of all the steps required to > > > manage (setup, amend & revoke) user or system access and entitlement > > > rights to electronic services. > > > * Why is a standard for the provisioning of services important? > > > o Agreement of a vendor-neutral syntax for the exchange of > > > provisioning data between systems & resources will significantly reduce > > > the cost of integration for all members of the provisioning value chain > > > and thus serve as a key accelerator for conducting eBusiness within and > > > across enterprises. > > > * What are the core aims & objectives of the PSTC? > > > o The purpose of the OASIS Provisioning Services Technical > > > Committee (PSTC) is to define an XML-based framework for exchanging > > > user, resource, and service provisioning information. The Technical > > > Committee will develop an end-to-end, open, provisioning specification > > > developed from Provisioning specifications. > > > o The goal (subject to revision) is to submit a Committee > > > Specification to the OASIS membership for its approval by September > > > 2002. > > > * How would achievement of these aims & objectives benefit > > > stakeholders within the provisioning value chain? (vendors, customers, > > > partners, etc) > > > o Interoperability between multiple systems > > > o Additional functionality for the system the customer may have > > > internally to use a multitude of resources, from a multitude of vendors > > > o Vendors may manufacture, according the proposed standard, into > > > customers sites that need access to resources (Electronic Services(s)) > > > which may currently not be available. > > > o Partners can develop open-standard communication to Resources > > > and system collaboratively by having a standard interface. > > > * What specific problem(s) are we trying to solve? > > > o Two main initial issues: > > > * Interoperability between system to system > > > * System may be meta-directory system, provisioning system, web > > > access control system, or other. > > > * Standard interface between the system and resource (Electronic > > > Service(s)). > > > * How does this effort relate to XRPM, ADPR, DSML, SAML, DMTF/CIM > > > and so on...? > > > o Please refer to the Overview/Introduction Document. > > > o http://www.oasis-open.org/committees/provision/Intro-102301.doc > > > * How does this effort complement or compete with Liberty, .Net, > > > Passport and so on..? > > > o Still being investigated... > > > * What is our timeline? > > > o The goal (subject to revision) is to submit a Committee > > > Specification to the OASIS membership for its approval by September > > > 2002. > > > o Meeting times, dates, and other detailed information are > > > available at: > > > * http://www.oasis-open.org/committees/provision/ > > > * What are our critical success factors? > > > o Successful Use Case development > > > o Prototypes and Implementations by working group members > > > o Test Case Publications > > > o Approval of Proposed Specification (currently stated for > > > September 2002) > > > o Specification recognition and implementation > > > * Can you provide some practical use cases? > > > o These will be made available after November 12, when the formal > > > PSTC convenes and starts the work on a proper Use Cases working > > > document. Many artifacts may be derived from XRPM, ADPr, and ITML > > > proposals. > > > > > > > > > > > To unsubscribe from this group, send an email to: > > xrpm-unsubscribe@yahoogroups.com > > > > > > > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > > > > > > > > To unsubscribe from this group, send an email to: > xrpm-unsubscribe@yahoogroups.com > > > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > ------------------------ Yahoo! Groups Sponsor ---------------------~--> > Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! > http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/1U_rlB/TM > ---------------------------------------------------------------------~-> > > To unsubscribe from this group, send an email to: > xrpm-unsubscribe@yahoogroups.com > > > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC