[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Oracle Proposes Yet Another Identity Governance Framework - IGF -CARML - AAPML
Of possible interest... Thursday November 30, 06:44 AM Oracle Proposes Yet Another Identity Governance Framework http://au.news.yahoo.com/061130/20/11mf5.html by ComputerWire Staff Today, there are competing web services standards for how federated identification is maintained, including SAML/Liberty 2.0 and WS-Federation. There are various frameworks for managing personal preferences such as IBM Corps Project Higgins and Microsoft Corp's CardSpace. And there are formal and de facto standards for directories that store identity data, such as LDAP and Microsofts Active Directory. But there is no mechanism between storage and the application for expressing the policy on how and when to release identity data, claimed Amit Jasuja, vice president of development, security and identity management for Oracle. ADVERTISEMENT Oracle Corp has recruited Ping Identity, Securent, and Sun Microsystems, Inc to propose what it calls an Identity Governance Framework (IGF). Currently a proposal looking for a standards body, IGF comes off the starting gate with several proposed components. The heart of IGF includes Client Attribute Requirement Markup Language (CARML), an XML-based declarative language that signifies which identity attributes are consumed by the application, and Attribute Authority Policy Markup Language (AAPML), which provides the syntax for prescribing under what conditions specific pieces of identity data are disclosed to applications. Oracles efforts stem from several acquisitions, including Thor Technologies and OctetString roughly a year ago, that propelled the companys entry to the identity management space. According to Prateek Mishra, director of security standards for Oracle Identity Management, IGF is designed to pick up where federated ID schemes leave off. As one of the coauthors of the original SAML spec while at Netegrity, Mishra claims these standards simply provide the mechanism, but not the context under which identity data is exchanged in environments where there are multiple sources of identification data. Oracles proposals spell the beginnings of a vocabulary for specifying the rules and conditions under which identity is disclosed. For instance, it would provide the syntax for a system where data such as birth date, social security, health service, or insurance policy numbers is only disclosed to an HR system. Oracle hopes to identify a standards organization where the proposals could be submitted within the next 90 days. --- end
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]