[July 12, 2001] In April 2001, Access360 announced the formation of XRPM (Extensible Resource Provisioning Management) Working Group, "assembled to formulate and introduce an XML-based specification that will enable interoperability for end-to-end provisioning and identity solutions across the extended enterprise. Access360 and XRPM members -- founders include Critical Path, Jamcracker, Oblix, and VeriSign -- are collaborate to develop an open standard based on the specification and create the optimum protocol... The mission of XRPM is to provide a standard for the open interoperability between systems and resources in order for access rights to be provisioned."
"The XRPM Working Group has planned three phases of this standard initiative. Phase one will enable communication between computing and non-computing managed resources and a provisioning system. Phase two will expand to cross provisioning of systems among affiliations and enterprises. Finally, phase three will allow multi-organization-to-multi-organization cross provisioning. Phase one, in production now, includes plans to release a development specification in the 3rd quarter of this year. The mission of the XRPM Working Group is to provide a standard for the open interoperability between systems and resources in order for access rights to be provisioned. To expedite the specification's adoption to become a standard, the group will submit the XRPM specification to a standards organization, such as OASIS (Organization for the Advancement of Structured Information Standards). According to Access360, the group plans to submit the completed specification within the next 12 to 18 months. Also during this time, additional corporate participants may be added to the XRPM Working Group."
Why a Provisioning Standard: "Without standardization, systems inside and outside of the enterprise can not natively provision resources; companies are required to build and/or purchase proprietary solutions to achieve heterogeneous provisioning; the cost of interconnecting best-of-breed management technologies is prohibitive; and layers of technology are required to synchronize identity management and provisioning. The XRPM working group's standard will enable companies to seamlessly integrate best-of-breed products to create a complete solution tailored to the customer's environment. It will also enable management systems to deliver new capabilities by uniting services of XRPM adapters, and allow information systems to plug into scalable and effective administrative environments."
[July 12, 2001] Access360 panel proposal for RSA 2001 conference: "Provisioning Overlays promise to unify registration and authentication of web services by centralizing management of dissimilar service registries and providing an abstracted view of service attributes. By leveraging emerging standards (e.g., ebXML, PKI, SAML, UDDI, XRPM), they provide a proving ground for the development/evolution of these standards as well as defining and discovering new requirements for same. This presentation examines provisioning overlays including their use of role-based access control and standard security technologies (Digital Signature/Encryption)." [Post from Gavenraj Sodhi: "We are also submitting a panel proposal to RSA based on how the XRPM (eXtensible Resource Provisioning Management) standard positions with security, web services and registries. We would like to includes discussion from fellow SAML members as well as individuals involved with ebXML, UDDI and so forth. I have proposed the following topic, which has been agreed upon, to submit to RSA to present with Krishna of Cisco among others on a panel discussion..."]
- XRPM.org web site
- See: "XML-Based Provisioning Services."
- Announcement: "Access360 Introduces XRPM Working Group. Access360, Critical Path, Jamcracker, Oblix, and VeriSign Actively Develop Protocol for Provisioning Standard." [source]
- Meeting attendees 09/10/2001
- XRPM Working documents
- Brainstorming Document. From PSTC F2F (9/10/2001)
- "Peer-to-Peer Provisioning: Problem Statement" "Provisioning systems are currently designed with a master-slave relationship between themselves and the resources that they provision. Traditionally, the only true peer-to-peer relationship between the provisioning system and another system is with the provisioning systems relationship with an identity management (human resources) system. In this relationship, the identity management system will notify the provisioning system of identity changes, which may then trigger provisioning actions to take place against its managed resources."
- Draft of Preliminary [PSTC] Charter, [cache]
- XRPM Working Document. By Jeff Bohren, Tony Gullotta, Gavenraj Sodhi, and John Aisien. August 2, 2001. Supplies an initial set of use cases for XRPM. "This document describes the requirements and use cases for eXtensible Resource Provisioning Management (XRPM). It provides an initial set of use cases for the eXtensible Resource Provisioning Management, XRPM, Working Group. XRPM's objective is to provide an XML standard for the open interoperability between provisioning systems and resources in order for access rights to be provisioned... This section contains a set of primary use cases for XRPM. Each use case consists of a description, actors involved, pre-conditions, steps involved, post-conditions, and finally. many use cases contain a diagram depicting the actions occurring. We have attempted to address a good majority of use cases that would cover the workings of the group and it is understood that there are other use cases which XRPM may have not yet addressed (e.g., Modify, Suspend, Restore), which may be added to future use case list as stated in this draft." [cache]
- "Resource Provisioning, Interoperability, and XML." Invitational Industry Discussion. By Phil Schacter (Director, Network Strategy Service, The Burton Group). September 10, 2001. See the original .PPT file.
- Zip file Contains documents on Peer-to-Peer Provisioning document with Powerpoint, Use Cases Document with Object Model.
- Contact: Gavenraj Sodhi