OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

provision-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ


I also agree with the viewpoints of Uppili, and Darren.

-Gavenraj
gsodhi1@home.com

----- Original Message -----
From: "Yoav Kirsch" <yoav.kirsch@businesslayers.com>
To: <xrpm@yahoogroups.com>
Sent: Monday, October 29, 2001 1:40 PM
Subject: RE: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC
FAQ


> I agree with Uppili and Darren we should deal with non-security issue and
> with security issues
> Yoav Kirsch
>
> -----Original Message-----
> From: Uppili Srinivasan [mailto:usriniva@us.oracle.com]
> Sent: Monday, October 29, 2001 2:48 PM
> To: xrpm@yahoogroups.com
> Cc: Hal Lockhart; Gavenraj Sodhi; provision-comment@lists.oasis-open.org
> Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of
PSTC
> FAQ
>
>
> We use the term "Provisining Integration" to refer to process of tying the
> various aspects of provisioning together.   The term "Provisioning" itself
> can be applied to any specific aspect such as "e-mail provisioning",
> "voice-mail provisioning".  The idea is that there are *logical* agents
> associated with each independent aspect of provisioning that participate
in
> the overall process of "Provisioning Integration".
>
> This seems intuitive to customers (when you describe it this way) since it
> parallels how they go about application integration in general and
> infrastructure integration for directory and security in particular.
>
> My 2c .. :-)
>
> ----- Original Message -----
> From: "Idan Shoham" <idan@psynch.com>
> To: <xrpm@yahoogroups.com>
> Cc: "Hal Lockhart" <hal.lockhart@entegrity.com>; "Gavenraj Sodhi"
> <gsodhi1@home.com>; <provision-comment@lists.oasis-open.org>
> Sent: Monday, October 29, 2001 11:15 AM
> Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of
PSTC
> FAQ
>
>
> > Perhaps the thing to do is to state that we are focusing on
*provisioning*
> > I.T. security access, and *triggering* the provisioning of other items
and
> > services, such as equipment, building access, etc.
> >
> > We can then define "triggering" as initiation of an out-of-band process
> via
> > e-mail, posting XML to another system, or execution of some executable
> > program.
> >
> > Just my 2c..  :-)
> >
> > --
> > Idan Shoham
> > Chief Technology Officer
> > M-Tech Mercury Information Technology, Inc.
> > idan@psynch.com
> > http://psynch.com
> >
> >
> > On Mon, 29 Oct 2001, Darran Rolls wrote:
> >
> > > I personally do not think we should constrain ourselves to
provisioning
> > > only security related "things". Whilst I agree that we will need to
> > > closely manage scope as we move this forward, we do need to be mindful
> > > of the large number of "loosely attached" security things that are
often
> > > bound in with a given say, user provisioning activity.
> > >
> > > A good example would be a provisioning request to activate a new user
> > > that results in a bunch of account level provisioning PLUS the
> > > initiation of a new cell phone request (for example).  Within the
> > > provisioning platform this may be little more than an encapsulated
> > > process flow, maybe resulting in an email or workflow action.  If we
> > > allow for these types of actions we will need to allow for the
exchange
> > > of the required data - thus back to the definition of provisioning
> > > issue....
> > >
> > > Having said all that, if we simply emphasize the services in
> > > Provisioning SERVICES TC and explain that this implies the
provisioning
> > > of services - "services" has a pretty wide definition....
> > >
> > >
> > > Darran Rolls
> > > Waveset Technologies
> > > MSIM  drolls_waveset@hotmail.com
> > > AIM    drollswaveset
> > > YIM    drolls_waveset
> > >  <htp://www.waveset.com> http://www.waveset.com/
> > >  <mailto:drolls@waveset.com> drolls@waveset.com
> > >
> > > -----Original Message-----
> > > From: Hal Lockhart [mailto:hal.lockhart@entegrity.com]
> > > Sent: Monday, October 29, 2001 11:14 AM
> > > To: 'Gavenraj Sodhi'; provision-comment@lists.oasis-open.org;
> > > xrpm@yahoogroups.com
> > > Subject: RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ
> > >
> > > I am content with the scope of this TC being limited to "security
> > > related" aspects of administration (access and entitlement). However,
I
> > > fear that the definition of Provisioning proposed below is not
> > > consistent with the generally understood meaning of the term in the
> > > networking industry and bodies such the DMTF.
> > >
> > > The use of the term in this general snse (as distinct from the
> > > dictionary definition of obtaining food and other necessities) came
from
> > > the telephone companies and predates the existence of software. It has
> > > largely been adopted by ISPs and other data network providers.
> > >
> > > Normally it refers to configuration activities that are specific to a
> > > particular user, order or service delivery as distinguished from
> > > activities intended to affect the behavior of the overall network. (
> > > Configuring a router to optimize capacity between NY and Boston is not
> > > provisioning. Configuring a router to allow John Doe to access the
> > > network is provisioning.)
> > >
> > > In any event, the term is not generally understood to be specific to
> > > security concerns. Curiously, the DMTF does not list the term in their
> > > CIM glossary. Lynn Wheeler does not list it either, which suggests in
is
> > > not considered a security "term of art". I did find this definition at
> > > whatis.com which is generally consistent with my notion.
> > >
> > >  <http://whatis.techtarget.com/definition/0,,sid9_gci333804,00.html>
> > > http://whatis.techtarget.com/definition/0,,sid9_gci333804,00.html
> > > Therefore, to avoid confusion, perhaps we should use some modifier,
such
> > > as security provisioning, user provisioning, access provisioning,
> > > entitlement provisioning or rights provisioning.
> > >
> > > Hal
> > > -----Original Message-----
> > > From: Gavenraj Sodhi [mailto:gsodhi1@home.com]
> > > Sent: Monday, October 29, 2001 11:20 AM
> > > To: provision-comment@lists.oasis-open.org; xrpm@yahoogroups.com
> > > Subject: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ
> > > All,
> > >
> > > Thanks to Darran for posting this document and Kelly and John for
their
> > > help in putting the 1st Draft of PSTC together.  The document is
> > > available in DOC and PDF formats at the following hyperlinks below:
> > >
> > >  <http://oasis-open.org/committees/provision/PSTCFAQv01.doc>
> > > http://oasis-open.org/committees/provision/PSTCFAQv01.doc
> > > http://oasis-open.org/committees/provision/PSTCFAQv01.PDF
> > >
> > > -Gavenraj Sodhi
> > >
> > > Provisioning Services Technical Committee (PSTC)
> > > FAQ
> > > Revision History
> > >
> > >
> > > Version
> > > Draft 01 - v01
> > >
> > > Date
> > > 12 October 2001
> > > 28 October 2001
> > >
> > > Editor
> > > Kelly Emo, John Aisien, Gavenraj Sodhi
> > >
> > > Comments
> > > FAQ
> > > - 28 October 2001 - Modification and addition of question, added
> > > hyperlink to Introduction document
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > PSTC FAQ
> > >
> > >
> > > *        What is provisioning?
> > > o       Provisioning is the automation of all the steps required to
> > > manage (setup, amend & revoke) user or system access and entitlement
> > > rights to electronic services.
> > > *        Why is a standard for the provisioning of services important?
> > > o        Agreement of a vendor-neutral syntax for the exchange of
> > > provisioning data between systems & resources will significantly
reduce
> > > the cost of integration for all members of the provisioning value
chain
> > > and thus serve as a key accelerator for conducting eBusiness within
and
> > > across enterprises.
> > > *        What are the core aims & objectives of the PSTC?
> > > o       The purpose of the OASIS Provisioning Services Technical
> > > Committee (PSTC) is to define an XML-based framework for exchanging
> > > user, resource, and service provisioning information.  The Technical
> > > Committee will develop an end-to-end, open, provisioning specification
> > > developed from Provisioning specifications.
> > > o       The goal (subject to revision) is to submit a Committee
> > > Specification to the OASIS membership for its approval by September
> > > 2002.
> > > *        How would achievement of these aims & objectives benefit
> > > stakeholders within the provisioning value chain? (vendors, customers,
> > > partners, etc)
> > > o       Interoperability between multiple systems
> > > o       Additional functionality for the system the customer may have
> > > internally to use a multitude of resources, from a multitude of
vendors
> > > o       Vendors may manufacture, according the proposed standard, into
> > > customers sites that need access to resources (Electronic Services(s))
> > > which may currently not be available.
> > > o       Partners can develop open-standard communication to Resources
> > > and system collaboratively by having a standard interface.
> > > *        What specific problem(s) are we trying to solve?
> > > o       Two main initial issues:
> > > *         Interoperability between system to system
> > > *        System may be meta-directory system, provisioning system, web
> > > access control system, or other.
> > > *         Standard interface between the system and resource
(Electronic
> > > Service(s)).
> > > *        How does this effort relate to XRPM, ADPR, DSML, SAML,
DMTF/CIM
> > > and so on...?
> > > o       Please refer to the Overview/Introduction Document.
> > > o
http://www.oasis-open.org/committees/provision/Intro-102301.doc
> > > *        How does this effort complement or compete with Liberty,
.Net,
> > > Passport and so on..?
> > > o       Still being investigated...
> > > *        What is our timeline?
> > > o       The goal (subject to revision) is to submit a Committee
> > > Specification to the OASIS membership for its approval by September
> > > 2002.
> > > o       Meeting times, dates, and other detailed information are
> > > available at:
> > > *         http://www.oasis-open.org/committees/provision/
> > > *        What are our critical success factors?
> > > o       Successful Use Case development
> > > o       Prototypes and Implementations by working group members
> > > o       Test Case Publications
> > > o       Approval of Proposed Specification (currently stated for
> > > September 2002)
> > > o       Specification recognition and implementation
> > > *        Can you provide some practical use cases?
> > > o       These will be made available after November 12, when the
formal
> > > PSTC convenes and starts the work on a proper Use Cases working
> > > document.  Many artifacts may be derived from XRPM, ADPr, and ITML
> > > proposals.
> > >
> >
> >
> >
> > To unsubscribe from this group, send an email to:
> > xrpm-unsubscribe@yahoogroups.com
> >
> >
> >
> > Your use of Yahoo! Groups is subject to
http://docs.yahoo.com/info/terms/
> >
> >
> >
>
>
>
> To unsubscribe from this group, send an email to:
> xrpm-unsubscribe@yahoogroups.com
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
> ------------------------ Yahoo! Groups Sponsor ---------------------~-->
> Get your FREE VeriSign guide to security solutions for your web site:
encrypting transactions, securing intranets, and more!
> http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/1U_rlB/TM
> ---------------------------------------------------------------------~->
>
> To unsubscribe from this group, send an email to:
> xrpm-unsubscribe@yahoogroups.com
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC