Service Provisioning Markup Language (SPML) Becomes OASIS Standard
Service Provisioning Markup Language (SPML) Ratified as OASIS Standard
Abridean, BEA Systems, BMC Software, Business Layers, Computer Associates, Entrust, Netegrity, OpenNetwork, Waveset, and Others Develop OASIS Standard for Exchanging User, Resource, and Service Provisioning Information
Boston, MA, USA. November 19, 2003.
The OASIS standards consortium today announced that its members have approved the Service Provisioning Markup Language (SPML) version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. SPML provides an XML-based framework for managing the allocation of system resources within and between organizations. Encompassing the entire life-cycle management of resources, SPML defines the provisioning of digital services such as user accounts and access privileges on systems, networks and applications, as well as non-digital or physical resources such as cell phones and credit cards.
"As provisioning becomes a more widely available network service, the need for an open standard to support the integration of account and service management in identity infrastructures is clear," says Darran Rolls of Waveset, chair of the OASIS Provisioning Services Technical Committee. "By fostering interoperability across business units or with business partners, SPML frees companies to focus on the business rules for provisioning user accounts and not on the technology to wire everything together."
"Enterprise architects should consider SPML real and deployable," said Patrick Gannon, president and CEO of OASIS. "It provides a much needed starting point for a long-term user access provisioning strategy that can be implemented today within the enterprise and will work in the future for integrating with Web services implementations. We congratulate the developers of SPML 1.0 and invite additional participation from the community on advancing SPML 2.0 to achieve full Web services compatibility."
Members of the OASIS Provisioning Services Technical Committee include Abridean, BEA Systems, BMC Software, Business Layers, Computer Associates, Entrust, Netegrity, OpenNetwork, Waveset, and other users and providers of identity management software.
SPML relates closely to another OASIS Standard, the Security Assertion Markup Language (SAML). Together, SPML and SAML provide a standard way to create user accounts and validate users as part of an identity management infrastructure. The two offer the basis for integrating single sign-on and provisioning software for Web services.
Industry Support for SPML
"BMC Software is excited about the ratification of SPML as an OASIS Standard," said Doron Cohen, Chief Architect, Security Business Unit, BMC Software. "This is a key milestone towards wide adoption of interoperable provisioning solutions in the marketplace. As a leading provisioning vendor and an active member of the OASIS Provisioning Services Technical Committee, we are committed to helping our customers realize the benefits and gains delivered by SPML."
"The ratification of SPML opens the door for interoperability of provisioning products within the enterprise, and between enterprises", said Adrian Viego, CTO of Business Layers. "This is an exciting step towards true delegated administration, and with it the promise of Web services."
"SPML will reduce the cost and complexity of provisioning Web services, helping organizations maximize the ROI on the deployment of next-generation business solutions," said Gavenraj Sodhi, eTrust product manager at Computer Associates. "By incorporating SPML into our eTrust Identity and Access Management Suite -- which already supports SOAP, SAML, and UDDI -- CA is ensuring its universal applicability and seamless interoperability with our customers' existing Web services architectures."
"We are pleased to see SPML accepted as an OASIS standard," said Bob Worner, vice president of engineering for OpenNetwork. "With native support for SPML in our flagship product, Universal IdP, our customers can experience the benefits of securely exchanging user, resource and service provisioning information across company boundaries, dramatically improving business efficiency and effectiveness."
"Waveset is proud to have been a leading contributor to the development and adoption of the SPML specification," said Kevin Cunningham, vice president of marketing at Waveset. "Looking forward to 2.0, we will leverage our experience in developing the industry's first open source SPML toolkit, and the success of our customers' SPML-enabled deployments, to drive the continued standardization of a provisioning network service."
OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces. Founded in 1993, OASIS has more than 2,500 participants representing over 600 organizations and individual members in 100 countries.
OASIS Provisioning Services Technical Committee
Cover Pages Technology Report: "XML-Based Provisioning Services"
Prepared by Robin Cover for The XML Cover Pages archive. See also: "SPML Provisioning and Identity Management Specification Balloted for Approval."