XRPM Working Group
Access360 Introduces XRPM Working Group
Access360, Critical Path, Jamcracker, Oblix, and VeriSign Actively Develop Protocol for Provisioning Standard
Irvine, California, USA. April 24, 2001.
Access360, a leading provider of policy-based provisioning solutions for enterprise user administration, today announced the XRPM (extensible resource provisioning management) Working Group, assembled to formulate and introduce an XML-based specification that will enable interoperability for end-to-end provisioning and identity solutions across the extended enterprise. Access360 and XRPM members -- founders include Critical Path, Jamcracker, Oblix, and VeriSign -- will collaborate to develop an open standard based on the specification and create the optimum protocol to propose industry-wide.
The XRPM Working Group has planned three phases of this standard initiative. Phase one will enable communication between computing and non-computing managed resources and a provisioning system. Phase two will expand to cross provisioning of systems among affiliations and enterprises. Finally, phase three will allow multi-organization-to-multi-organization cross provisioning. Phase one, in production now, includes plans to release a development specification in the 3rd quarter of this year.
"Today's manual provisioning is a huge impediment to business-to-business interoperability as well as the outsourcing of applications. The automation of these tasks hinges on the ability of the key vendors and users in the directory-based resource provisioning space to agree on standards that will enable agent as well as server interoperability," said Christy Hudgins, analyst, The Burton Group.
The mission of the XRPM Working Group is to provide a standard for the open interoperability between systems and resources in order for access rights to be provisioned. To expedite the specification's adoption to become a standard, the group will submit the XRPM specification to a standards organization, such as OASIS (Organization for the Advancement of Structured Information Standards). According to Access360, the group plans to submit the completed specification within the next 12 to 18 months. Also during this time, additional corporate participants may be added to the XRPM Working Group.
"It has long been our philosophy to partner with businesses that have complementary technologies to our enRole provisioning system, giving us the ability to offer true best-of-breed solutions for customers," said Jeff Drake, executive vice president, strategic planning and development, for Access360. "Formalizing the effort to have a standard in place allows us to further our commitment for interoperability as well as realize our goal of true seamless access rights provisioning for the eBusiness and exchange arenas."
Why a Provisioning Standard
Without standardization, systems inside and outside of the enterprise can not natively provision resources; companies are required to build and/or purchase proprietary solutions to achieve heterogeneous provisioning; the cost of interconnecting best-of-breed management technologies is prohibitive; and layers of technology are required to synchronize identity management and provisioning. The XRPM working group's standard will enable companies to seamlessly integrate best-of-breed products to create a complete solution tailored to the customer's environment. It will also enable management systems to deliver new capabilities by uniting services of XRPM adapters, and allow information systems to plug into scalable and effective administrative environments.
"Critical Path has been very pro-active in working on an XML-based provisioning protocol for some time that would enable in-sourced and outsourced services to be easily managed by anyone, and our efforts are now seeing traction with many companies through the activities undertaken within the XRPM working group," said Josh Groves, vice president of channel and alliance sales at Critical Path. "We fully support efforts to standardize and secure provisioning services both for enterprises and service providers."
"Having the ability to seamlessly integrate between disparate systems is key to managing user access and standardization will allow us to accelerate the time-to-service for end users and IT administrators," said David Orchard, Jamcracker chief standards architect. "As a co-chair for the emerging XRPM specification, Jamcracker is committed and motivated to deliver technical solutions to the challenge of creating an integrated ecosystem of best-of-breed web services."
"Resource provisioning is an integral part of the overall security and management framework for securing applications. Through an open standard such as XRPM customers will benefit from integration between providers of solutions as well as derive value from being able to deploy solutions that solve problems across companies or in hosted environments," said Nand Mulchandani, chief technology officer, Oblix.
"As we've seen with the recent introduction of VeriSign's next generation trust services, the creation of standards-based technology removes complexity for developers and enables them to quickly build applications that support advanced security functions," said Bob Pratt, director of enterprise product marketing for VeriSign. "In the realm of user provisioning, as companies look to provision internal users as well as business partners and suppliers to an increasing number of services, the creation of standards will accelerate the development of applications that will support dynamic cross-company collaboration."
The announcement of the working group is in conjunction with the availability of its Web site, now live at www.XRPM.org. This site provides news as well as details on schemas, specifications, use cases, and related information to keep the public abreast of the XRPM working group's standard development.
Access360 helps companies better manage Enterprise User Administration by automating the processes that connect employees, business partners and customers to the resources they need. The company's flagship product, enRole puts corporate resources to work faster, provides greater visibility and control, and reduces the expenses and minimizes the risks associated with enterprise security. With our policy-based provisioning solutions, companies are securely conducting business across the extended enterprise while managing changing environments around the world. Customers such as BP, E*TRADE, Overseas Union Bank and Sony Electronics have deployed enRole to tighten enterprise security, increase productivity and reduce operating costs.
Access360 is a privately held company with leading international investors, including Crosspoint Venture Partners, Amerindo Investment Advisors, Inc., Pivotal Asset Management, Oracle Corporation and VeriSign, Inc. Headquartered in Irvine, Calif., Access360 has offices throughout the United States, Europe, Asia and Australia. For more information about Access360, please call (877) 742-6400 or visit the Web site at http://www.access360.com.
Access360 has submitted DAML (Directory Access Markup Languages) as its proposal for DSML 2.0, which is a markup language for representing directory services in XML. DAML, following closely with the LDAP (Lightweight Directory Access Protocol) language, is the protocol of the company's next generation enRole product.
Prepared by Robin Cover for The XML Cover Pages archive. See: "XRPM Working Group for Extensible Resource Provisioning Management."