[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Groups - Bi-weekly PSTC meeting modified
CORRECTION: Karsten Huneycutt (and not Tom Zeller, as I originally wrote) asked how complex attributes would appear in the DSML binding and asked about privacy attributes. -- Gary Cole Bi-weekly PSTC meeting has been modified by Gary Cole Date: Monday, 29 August 2011 Time: 02:00pm - 03:00pm ET Event Description: 1-866-682-4770 conference: 1938387 passcode: 123456 Agenda: 1) Call Roll. 2) Approve minutes from July 18 meeting. 3) Approve minutes from Aug 15 meeting. 4) Review "SIMPLEST" draft: - Basic Identity Management (Person) - Enterprise Identity Management (adds Org, Role, Group) - Account Management (adds Target and Account) - Provisioning and Compliance (Access-Policy and -Priv) 5) Discuss priorities for work yet to do on draft: - Examples of minimal implementation - Examples of supporting User only 6) AOB Minutes: Chair: Gary Cole Attendees: Tom Zeller (Internet2) Gary Cole (Oracle) Shyam Mankala (Oracle) Kent Spaulding (Oracle) Karsten Huneycutt (UNC Chapel Hill) Agenda: 1) Call Roll 2) Approve minutes from July 18 meeting 3) Approve minutes from Aug 15 meeting 4) Review "SIMPLEST" draft: - Basic Identity Management (Person) - Enterprise Identity Management (adds Org, Role, Group) - Account Management (adds Target and Account) - Provisioning and Compliance (Access-Policy and -Priv) 5) Discuss priorities for work yet to do on draft: - Examples of minimal implementation - Examples of supporting User only 6) AOB 1) Call Roll - Gary took roll. - Quorum was achieved (7 of 8 voting members attended) - Voting status changes: None. - New member: Shyam Mankala (Oracle) 2) Approve minutes from July 18 meeting 3) Approve minutes from Aug 15 meeting. - Gary Cole moves to approve the minutes of both meetings as recorded in the PSTC Calendar Events. - No objection. 4) Review "SIMPLEST" draft: Gary presented the "layers" of the schema, from most general interest to most narrow interest: - Basic Identity Management (Person) - Enterprise Identity Management (adds Org, Role, Group) - Account Management (adds Target and Account) - Provisioning and Compliance (Access-Policy and -Priv) Gary presented the notion of Complex Attributes and the current overlap with some Scalar Attributes of each entity: - Motivations for complex attributes: -- structured value (e.g., address) -- meta-data on value (e.g., "isPrimary" and "type") Karsten Huneycutt asked how complex attributes would appear to a requester in the DSML binding: - the Reference Capability connects two objects with PSOIDs. Gary acknowledged this as an issue, asked for input, and suggested several approaches: - (mis-)use the Reference Capability (e.g., to connect an object to itself). - Specify that complex attributes automagically appear in the DSML binding as string-format JSON objects or XML objects. - Define a new Capability (e.g., Complex Attribute Capability) so that complex attributes appear as Capability-Specific Data. Karsten asked about "privacy" attributes: - Individual values of email or address can be private. - Entire Person record can be private. Gary asked what is the default: - Private is the default (if not specified)? - Public is the default (if not specified)? - Provider determines the value of 'isPrivate' (if not specified)? - Require specification of a value for 'isPrivate' attribute (would preclude update to corresponding scalar attribute)? Gary suggested that we add 'isPrivate" boolean to complex attributes such as 'hasEmail' and 'hasAddress': - scalar attributes would not include privacy tags. - default is false (isPrivate=false). Gary suggested that we add 'isPrivate' boolean to Person: - does this make sense for other entities as well? Gary mentioned potential trouble-spots with SIMPLEST: - Person belongsTo only one Organization. -- Some enterprises have matrix organizations. -- Many persons have dotted-line relationships to multiple orgs. -- Gary suggested defining another type of relationship to suit each such use-case. - Distinction between Group and Role: -- These are often conflated. -- Gary suggests Role have enterprise-role semantics. -- Gary suggests Group have collection semantics. 5) Discuss priorities for work yet to do on draft: (Did not discuss.) 6) AOB Tom Zeller asked what forces had caused past efforts at Standard Schema to fail. Gary suggested several possible reasons: - Value of differentiation (i.e. proprietary lock-in) to participating company exceeds value of standard (i.e., interoperability) to same participating company. - Specifically, SPMLv2 Standard Schema would have commoditized provisioning (and reduced the competitive value of proprietary connectors offered by IAM vendors. - Proposed model of standard "offends" (i.e., does not suit) a participating member company. Tom Zeller asks: has the situation has changed sufficiently that a Standard Schema can succeed? Gary says that he is not certain, but that the business environment has now shifted in favor of a Standard Schema: - Oracle has acquired Sun. These two no longer battle over adapters/connectors. - Many IAM solutions now emphasize disconnected resources (which reduces somewhat the market-value of adapters/connectors). - Compliance solutions require integration with provisioning solutions--these use many of the same entities & relationships. - Many vendors have challenges with respect to intra-suite integration and interoperability that might benefit from a standard schema. This event is one in a list of recurring events. Other event dates in this series: Monday, 04 July 2011, 02:00pm to 03:00pm ET Monday, 18 July 2011, 02:00pm to 03:00pm ET Monday, 01 August 2011, 02:00pm to 03:00pm ET Monday, 15 August 2011, 02:00pm to 03:00pm ET Monday, 12 September 2011, 02:00pm to 03:00pm ET Monday, 26 September 2011, 02:00pm to 03:00pm ET Monday, 10 October 2011, 02:00pm to 03:00pm ET Monday, 24 October 2011, 02:00pm to 03:00pm ET Monday, 07 November 2011, 02:00pm to 03:00pm ET Monday, 21 November 2011, 02:00pm to 03:00pm ET Monday, 05 December 2011, 02:00pm to 03:00pm ET Monday, 19 December 2011, 02:00pm to 03:00pm ET Monday, 02 January 2012, 02:00pm to 03:00pm ET Monday, 16 January 2012, 02:00pm to 03:00pm ET Monday, 30 January 2012, 02:00pm to 03:00pm ET Monday, 13 February 2012, 02:00pm to 03:00pm ET Monday, 27 February 2012, 02:00pm to 03:00pm ET Monday, 12 March 2012, 02:00pm to 03:00pm ET Monday, 26 March 2012, 02:00pm to 03:00pm ET Monday, 09 April 2012, 02:00pm to 03:00pm ET Monday, 23 April 2012, 02:00pm to 03:00pm ET Monday, 07 May 2012, 02:00pm to 03:00pm ET Monday, 21 May 2012, 02:00pm to 03:00pm ET Monday, 04 June 2012, 02:00pm to 03:00pm ET Monday, 18 June 2012, 02:00pm to 03:00pm ET Monday, 02 July 2012, 02:00pm to 03:00pm ET View event details: http://www.oasis-open.org/apps/org/workgroup/provision/event.php?event_id=30845 PLEASE NOTE: If the above link does not work for you, your email application may be breaking the link into two pieces. You may be able to copy and paste the entire link address into the address field of your web browser.
BEGIN:VCALENDAR METHOD:PUBLISH VERSION:2.0 PRODID:-//Kavi Corporation//NONSGML Kavi Groups//EN X-WR-CALNAME:My Calendar BEGIN:VEVENT CATEGORIES:MEETING STATUS:TENTATIVE DTSTAMP:20110829T000000Z DTSTART:20110829T180000Z DTEND:20110829T190000Z SEQUENCE:15 SUMMARY:Bi-weekly PSTC meeting DESCRIPTION:1-866-682-4770 conference: 1938387 passcode: 123456\n\nGroup: OASIS Provisioning Services TC\nCreator: Gary Cole URL:http://www.oasis-open.org/apps/org/workgroup/provision/event.php?event_id=30845 UID:http://www.oasis-open.org/apps/org/workgroup/provision/event.php?event_id=30845 END:VEVENT END:VCALENDAR
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]