[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PS TCFAQ
All, Below is the wording of the current definition for provisioning. "Provisioning is the automation of all the steps required to manage (setup, amend & revoke) user or system access and entitlement rights to electronic services." we would prefer that the definition be amended as follows; Provisioning is the process required to manage (setup, modify, move, & revoke) users' allocations of resources and services. The reasons are: 1. We do not wish to be limited by the word automation 2. We do not wish to be limited by the term electronic 3. We do not wish to be limited by the type of services or resources 4. We do wish to be limited to provisioning users Adrian F. Viego Chief Technology Officer Business Layers 365 West Passaic Street Rochelle Park, NJ 07662 Phone: 201 291-8999 x203 adrian.viego@businesslayers.com -----Original Message----- From: Uppili Srinivasan [mailto:usriniva@us.oracle.com] Sent: Monday, October 29, 2001 2:48 PM To: xrpm@yahoogroups.com Cc: Hal Lockhart; Gavenraj Sodhi; provision-comment@lists.oasis-open.org Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ We use the term "Provisining Integration" to refer to process of tying the various aspects of provisioning together. The term "Provisioning" itself can be applied to any specific aspect such as "e-mail provisioning", "voice-mail provisioning". The idea is that there are *logical* agents associated with each independent aspect of provisioning that participate in the overall process of "Provisioning Integration". This seems intuitive to customers (when you describe it this way) since it parallels how they go about application integration in general and infrastructure integration for directory and security in particular. My 2c .. :-) ----- Original Message ----- From: "Idan Shoham" <idan@psynch.com> To: <xrpm@yahoogroups.com> Cc: "Hal Lockhart" <hal.lockhart@entegrity.com>; "Gavenraj Sodhi" <gsodhi1@home.com>; <provision-comment@lists.oasis-open.org> Sent: Monday, October 29, 2001 11:15 AM Subject: Re: [PSTC] RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ > Perhaps the thing to do is to state that we are focusing on *provisioning* > I.T. security access, and *triggering* the provisioning of other items and > services, such as equipment, building access, etc. > > We can then define "triggering" as initiation of an out-of-band process via > e-mail, posting XML to another system, or execution of some executable > program. > > Just my 2c.. :-) > > -- > Idan Shoham > Chief Technology Officer > M-Tech Mercury Information Technology, Inc. > idan@psynch.com > http://psynch.com > > > On Mon, 29 Oct 2001, Darran Rolls wrote: > > > I personally do not think we should constrain ourselves to provisioning > > only security related "things". Whilst I agree that we will need to > > closely manage scope as we move this forward, we do need to be mindful > > of the large number of "loosely attached" security things that are often > > bound in with a given say, user provisioning activity. > > > > A good example would be a provisioning request to activate a new user > > that results in a bunch of account level provisioning PLUS the > > initiation of a new cell phone request (for example). Within the > > provisioning platform this may be little more than an encapsulated > > process flow, maybe resulting in an email or workflow action. If we > > allow for these types of actions we will need to allow for the exchange > > of the required data - thus back to the definition of provisioning > > issue.... > > > > Having said all that, if we simply emphasize the services in > > Provisioning SERVICES TC and explain that this implies the provisioning > > of services - "services" has a pretty wide definition.... > > > > > > Darran Rolls > > Waveset Technologies > > MSIM drolls_waveset@hotmail.com > > AIM drollswaveset > > YIM drolls_waveset > > <htp://www.waveset.com> http://www.waveset.com/ > > <mailto:drolls@waveset.com> drolls@waveset.com > > > > -----Original Message----- > > From: Hal Lockhart [mailto:hal.lockhart@entegrity.com] > > Sent: Monday, October 29, 2001 11:14 AM > > To: 'Gavenraj Sodhi'; provision-comment@lists.oasis-open.org; > > xrpm@yahoogroups.com > > Subject: RE: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ > > > > I am content with the scope of this TC being limited to "security > > related" aspects of administration (access and entitlement). However, I > > fear that the definition of Provisioning proposed below is not > > consistent with the generally understood meaning of the term in the > > networking industry and bodies such the DMTF. > > > > The use of the term in this general snse (as distinct from the > > dictionary definition of obtaining food and other necessities) came from > > the telephone companies and predates the existence of software. It has > > largely been adopted by ISPs and other data network providers. > > > > Normally it refers to configuration activities that are specific to a > > particular user, order or service delivery as distinguished from > > activities intended to affect the behavior of the overall network. ( > > Configuring a router to optimize capacity between NY and Boston is not > > provisioning. Configuring a router to allow John Doe to access the > > network is provisioning.) > > > > In any event, the term is not generally understood to be specific to > > security concerns. Curiously, the DMTF does not list the term in their > > CIM glossary. Lynn Wheeler does not list it either, which suggests in is > > not considered a security "term of art". I did find this definition at > > whatis.com which is generally consistent with my notion. > > > > <http://whatis.techtarget.com/definition/0,,sid9_gci333804,00.html> > > http://whatis.techtarget.com/definition/0,,sid9_gci333804,00.html > > Therefore, to avoid confusion, perhaps we should use some modifier, such > > as security provisioning, user provisioning, access provisioning, > > entitlement provisioning or rights provisioning. > > > > Hal > > -----Original Message----- > > From: Gavenraj Sodhi [mailto:gsodhi1@home.com] > > Sent: Monday, October 29, 2001 11:20 AM > > To: provision-comment@lists.oasis-open.org; xrpm@yahoogroups.com > > Subject: [provision-comment] (PSTCFAQv01) - Version 1 of PSTC FAQ > > All, > > > > Thanks to Darran for posting this document and Kelly and John for their > > help in putting the 1st Draft of PSTC together. The document is > > available in DOC and PDF formats at the following hyperlinks below: > > > > <http://oasis-open.org/committees/provision/PSTCFAQv01.doc> > > http://oasis-open.org/committees/provision/PSTCFAQv01.doc > > http://oasis-open.org/committees/provision/PSTCFAQv01.PDF > > > > -Gavenraj Sodhi > > > > Provisioning Services Technical Committee (PSTC) > > FAQ > > Revision History > > > > > > Version > > Draft 01 - v01 > > > > Date > > 12 October 2001 > > 28 October 2001 > > > > Editor > > Kelly Emo, John Aisien, Gavenraj Sodhi > > > > Comments > > FAQ > > - 28 October 2001 - Modification and addition of question, added > > hyperlink to Introduction document > > > > > > > > > > > > > > > > PSTC FAQ > > > > > > * What is provisioning? > > o Provisioning is the automation of all the steps required to > > manage (setup, amend & revoke) user or system access and entitlement > > rights to electronic services. > > * Why is a standard for the provisioning of services important? > > o Agreement of a vendor-neutral syntax for the exchange of > > provisioning data between systems & resources will significantly reduce > > the cost of integration for all members of the provisioning value chain > > and thus serve as a key accelerator for conducting eBusiness within and > > across enterprises. > > * What are the core aims & objectives of the PSTC? > > o The purpose of the OASIS Provisioning Services Technical > > Committee (PSTC) is to define an XML-based framework for exchanging > > user, resource, and service provisioning information. The Technical > > Committee will develop an end-to-end, open, provisioning specification > > developed from Provisioning specifications. > > o The goal (subject to revision) is to submit a Committee > > Specification to the OASIS membership for its approval by September > > 2002. > > * How would achievement of these aims & objectives benefit > > stakeholders within the provisioning value chain? (vendors, customers, > > partners, etc) > > o Interoperability between multiple systems > > o Additional functionality for the system the customer may have > > internally to use a multitude of resources, from a multitude of vendors > > o Vendors may manufacture, according the proposed standard, into > > customers sites that need access to resources (Electronic Services(s)) > > which may currently not be available. > > o Partners can develop open-standard communication to Resources > > and system collaboratively by having a standard interface. > > * What specific problem(s) are we trying to solve? > > o Two main initial issues: > > * Interoperability between system to system > > * System may be meta-directory system, provisioning system, web > > access control system, or other. > > * Standard interface between the system and resource (Electronic > > Service(s)). > > * How does this effort relate to XRPM, ADPR, DSML, SAML, DMTF/CIM > > and so on...? > > o Please refer to the Overview/Introduction Document. > > o http://www.oasis-open.org/committees/provision/Intro-102301.doc > > * How does this effort complement or compete with Liberty, .Net, > > Passport and so on..? > > o Still being investigated... > > * What is our timeline? > > o The goal (subject to revision) is to submit a Committee > > Specification to the OASIS membership for its approval by September > > 2002. > > o Meeting times, dates, and other detailed information are > > available at: > > * http://www.oasis-open.org/committees/provision/ > > * What are our critical success factors? > > o Successful Use Case development > > o Prototypes and Implementations by working group members > > o Test Case Publications > > o Approval of Proposed Specification (currently stated for > > September 2002) > > o Specification recognition and implementation > > * Can you provide some practical use cases? > > o These will be made available after November 12, when the formal > > PSTC convenes and starts the work on a proper Use Cases working > > document. Many artifacts may be derived from XRPM, ADPr, and ITML > > proposals. > > > > > > To unsubscribe from this group, send an email to: > xrpm-unsubscribe@yahoogroups.com > > > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/1U_rlB/TM ---------------------------------------------------------------------~-> To unsubscribe from this group, send an email to: xrpm-unsubscribe@yahoogroups.com Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC