The first public demonstration of the Oasis Service Provisioning Markup Language Specification (SPML) Version 1.0...
will take place on 9 July at the Catalyst Conference in San Francisco.
SPML is an XML-based framework for exchanging and administering user access rights and resource information across heterogeneous environments. Ten Oasis members will show the stability of the specification and demonstrate interoperability between SPML-conformant products.
The specification provides a mechanism for exchanging information between provisioning service points on the internet. It is designed to work with Soap, SAML (Security Assertion Markup Language), and the Oasis WS-Security specification.
BMC Software, Business Layers, Entrust, OpenNetwork, PeopleSoft, Sun Microsystems, Waveset, Thor Technologies, and TruLogica are some of the companies endorsing the specification.
SPML is undergoing public review in the Oasis process for consideration of standards.
ZapThink analyst Ronald Schmelzer stressed the importance of identity management, but added that SPML could overlap with other specifications.
"SPML adds to the identity management capabilities by providing a standard way in which access to these critical infrastructure resources can be granted or denied," he said. "This means that companies can build applications that have strict identity and security policies without having to do so in a proprietary and noninteroperable manner."
"While SPML has more to do with provisioning physical access to specific resources, there is definitely potential for overlap or, at least, complementary offering to the WS-Security and WS-Policy specifications," he added.
Paul Krill writes for InfoWorld