Sun Microsystems, Waveset Technologies, and PeopleSoft have announced an "expansion of the companies' strategic alliance to deliver an integrated, standards-based identity management solution for use with PeopleSoft applications. The integrated solution is expected to provide users with the ability to initiate and manage the lifecycle of workforce identity information from a single portal interface, spanning Human Resource, IT and facilities resources." Featuring automated provisioning processes based upon the Service Provisioning Markup Language (SPML), this innovative identity management solution "is designed to combine the functionality of the Liberty Alliance-enabled Sun ONE Identity Server, Sun ONE Directory Server, and Waveset Lighthouse to reduce the time it takes to establish or change access rights, privileges and profile data across multiple applications. The first iteration of the solution is designed to enable business process integration between Human Capital Management and IT security/identity management, that will help drive down costs in the on-boarding and off-boarding of employees and to increase workforce productivity."
From the Announcement
Sun and Waveset [demonstrated] the integrated solution on July 10, 2003 at Burton Group's Catalyst Conference 2003, in San Francisco, Calif. The demonstration highlighted a standards-based interoperability between Sun, Waveset and PeopleSoft based on the Service Provisioning Markup Language (SPML) currently under review by OASIS (Organization for the Advancement of Structured Information Standards) for acceptance as an industry-wide standard.
This integrated solution [from Sun/Waveset] is expected to provide users with the ability to initiate and manage the lifecycle of workforce identity information from a single portal interface, spanning Human Resource (HR), IT and facilities resources. It is designed to combine the functionality of the Liberty Alliance-enabled Sun ONE Identity Server, Sun ONE Directory Server, and Waveset Lighthouse to reduce the time it takes to establish or change access rights, privileges and profile data across multiple applications. This greatly improves an organization's operational efficiency and frees IT resources to focus on other areas.
"As a customer who depends on PeopleSoft to provide authoritative source information on workforce identity data, I am extremely pleased to see Sun and Waveset provide an integrated identity management solution that leverages industry standards in streamlining HR management processes and helping us comply with organizational security policies," said Waveset customer, Larry Burtt, Group Leader at Guidant.
The joint solution developed by Sun and Waveset integrated with PeopleSoft is expected to provide administrators and end users the assurance and convenience of one interface from which to manage all identity-related data. Specifically:
For HR managers, PeopleSoft HCM system drives workforce add/delete processes from start to finish and acts as the authoritative source for identity information changes.
For IT managers, centralized, automated provisioning processes based upon SPML result in increased operational efficiencies.
For security professionals, an integrated HR/identity management combination increases the predictability of business processes that support the management of workforce identities.
For end users, single-action self-service interfaces provide faster turnaround time on access requests or profile changes.
"Adding or removing employees -- whether permanent, contract, full-time or part-time -- from information systems today requires companies to take multiple steps to input and maintain the latest identity data and associated business processes across disparate HR, IT and facility management systems," said Stuart Wells, senior vice president, Market Development Organization, Sun Microsystems, Inc. "This process often results in the proliferation of inconsistent, erroneous workforce information, placing an organization's operational integrity and security at risk. The joint solution offered by Sun and Waveset integrated with PeopleSoft is designed to reduce costs by avoiding the proliferation of such systems and help to minimize potential security breaches associated with the off-boarding process."
About Sun ONE Identity Server
"Sun ONE Identity Server 6.0 software is a standards-based product designed to help organizations manage secure access to Web and non Web-based applications both on the intranet and extranet. As organizations require more financial, organizational, and competitive agility to compete in the marketplace, Sun ONE Identity Server 6.0 provides scalable access management services that help secure the delivery of business information, improve the user experience through Web single sign-on, and put a federated identity framework in place to create new revenue opportunities through enhanced affinity relationships with business partners and customers..."
"Sun ONE Identity Server 6.0 provides fine-grained access control to Web and non Web-based resources for secure delivery of business information. It supports Liberty Alliance federated identity and SAML Web services security standards. It helps improve user experience and infrastructure security through Web single sign-on..."
"Sun ONE Identity Server Federation services enable shared authentication with affiliate organization web sites. Access Management services are used to securely control access to Web and non Web-based resources. Identity Administration services provide centralized administration of identities, policies, and services. Authentication provides out-of-the-box modules to help simplify integration into an existing security framework. Sun ONE Identity Server authentication controls include LDAP, RADIUS, X.509v3 certificates, SafeWord token cards, anonymous, and UNIX platform authentication services, Microsoft Windows NT and Windows 2000, resource-based authentication, Online Certificate Status Protocol (OCSP) validation for X.509 v3 digital certificate-based authentication. The Java Authentication and Authorization Service (JAAS) technology-based authentication framework provides an open standard, flexible, and extensible authentication architecture that enables to organizations to customize authentication mechanisms..." [adapted from the overview]
About Wavewet Lighthouse
Focused on the most critical aspects of managing identities in today's complex enterprise environment, Lighthouse Enterprise Edition combines the following four solutions with a unique Enterprise Identity Console and Identity Platform Services:
- Provisioning Manager, a secure provisioning solution that uses automation and delegation to reduce the time and costs associated with enabling new users to start working productively and instantly disabling access when relationships change or end for a more secure enterprise.
- Password Manager, a complete password management solution that allows end users to manage their passwords themselves, increasing their satisfaction while greatly reducing associated support costs.
- Identity Broker, a breakthrough identity profile management solution that easily maintains consistent identity profile information across enterprise business applications including CRM, HR and ERP applications leveraging the revolutionary technologies and capabilities that Lighthouse applies to managing permissions.
- Directory Master, a centralized point of administrative control over multiple directories and directory platforms, reducing operational overhead and improving the accuracy, consistency and security of strategic business data.
- Audit and Reporting, Lighthouse's comprehensive identity auditing and reporting capabilities are essential to detecting security risks and dealing with them proactively. [website description]
About PeopleSoft 8
"In 1998, PeopleSoft recognized that Fortune 2000 corporate strategic plans were increasingly looking to the Internet to increase profitability by making customer and vendor transactions faster and better."
"As a result, we retrenched our internal strategy, halting development of anything that wasn't a pure Internet application. We directed the bulk of our resources -- $500 million and 2,000 developers over two years -- into our new pure Internet platform for the real-time enterprise. The result is PeopleSoft 8, with more than 150 pure Internet applications. All with no client software to maintain. All designed to build loyal customer relationships, enable better supplier communication, and make employee recruiting and retention more efficient. Today, more than 1,000 customers in 144 countries are reaping the real-world benefits of our investment."
"PeopleSoft 8 makes better interactions possible by delivering both the relationship and analytic data you need to the employee in your organization who needs it, when they need it. Relationship data includes details of past transactions, from the size and status of a vendor's latest shipment to which sport a customer's kids play. Business analytic data indicates which customers are the most important based on the amount of product they are likely to buy and your cost of serving them, or which vendors deliver the highest quality products, on time and at the best price. The sales force or customer service teams have that data available from any browser when the customer calls or when the vendor is ready to negotiate a price..." [corporate website]
Principal references:
- Announcement 2003-07-09: "Sun and Waveset to Offer Integrated Identity Management Solution for Peoplesoft. Enterprises Gain Secure, Lifecycle Management of Workforce, Based on Industry Standards."
- Sun ONE Identity Server 6.0. "Manage secure access to Web-based resources; provides an identity system that includes access management, identity administration, and directory services."
- Sun ONE Directory Server. "Store and manage identity profiles, access privileges and application and network resource information. The Sun ONE Meta-Directory consolidates and integrates identity information spread throughout the computing environment into a single profile."
- Sun Directory Servers/Identity Management
- Waveset Lighthouse - Secure identity management solution.
- "Sun ONE Identity Server 6.0 Supports Liberty Alliance and SAML Specifications." News story January 16, 2003.
- "OASIS Member Companies Host SPML Identity Management Interoperability Event." News story June 27, 2003.
- Corporate websites:
- OASIS Provisioning Services TC website
- "XML-Based Provisioning Services" - Main reference page.