1 / 14

OASIS Provisioning Services Technical Committee

OASIS Provisioning Services Technical Committee. An Introduction to version 2 of the Service Provisioning Markup Language. Overview. Who is the PSTC? OASIS technical committee focused on developing open standards for Service & Identity Provisioning Founded in 2001 Contributors:

Download Presentation

OASIS Provisioning Services Technical Committee

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. OASIS Provisioning Services Technical Committee An Introduction to version 2 of the Service Provisioning Markup Language

  2. Overview • Who is the PSTC? • OASIS technical committee focused on developing open standards for Service & Identity Provisioning • Founded in 2001 • Contributors: • BEA - Mycroft • BMC Software - Open Network Technologies • CA (Netegrity) - Oracle (PeopleSoft) • Critical Path - HP (Thor) • Entrust - TruLogica • IBM - Sun (Waveset) • Deliverable - Service Provisioning Markup Language • V1 - OASIS Open Standard November 3rd 2003 • V2 – Planned complete March 05

  3. Overview • What is SPML? • Open standard for defining and exchanging provisioning requests in XML using Web Services technologies • XML RPC interface for Identity Provisioning • Interface model and management abstraction for an Identity Life-cycle

  4. Specification Deliverables • Specification consisting of three elements: • An XML Schema – an XSD that defines the syntactical rules of SPML message format and data flow • A Core Specification – normative and non-normative text that describes what SPML is and exactly how to works • Resource Schema Profiles – definitions of how to use various resource and provisioning target schema languages with SPML V2 • Native XML Schema • SPML V1 DSML V2 Schema

  5. SPML Vocabulary • Requesting Authority (RA) • An issuer of SPML requests • Provisioning Service Point (PSP) • Listens for and processes SPML requests • Provisioning Service Target (PST) • A request end-point supporting core operations and defined capabilities • Provisioning Service Object (PSO) • Uniquely identifiable data object or element on a PST

  6. Target Target Target SPML/SOAP SPML/SOAP Value added Service… SPML Operating Model XSD WSDL SPML Service Point WS-Sec Secured Portal UDDI

  7. Specification Concepts Service Point Requestor

  8. Target Target In-Spec Target Out of Spec Specification Concepts XSD Ref to XSD WSDL Service Point Requestor Request Response Core Operations List of Targets Batches V1Schema Bulk Operations Sync/Async Model Capabilities Transport Security Model Trust Model (inc. establishment) AuthN & AuthZ Model

  9. Specification Elements • Protocol • Simple Request-Response protocol • Synchronous & Asynchronous operations • Individual & batch request models • Support for bulk operations Requestor Provider

  10. Specification Elements • Core Operations (mandatory) • addRequest / addResponse • Create a new object on a target • Controllable returned data set • lookup • Single object query • Controllable returned data set • modifyRequest / modifyResponse • Change an object on a target • Controllable returned data set • deleteRequest / deleteResponse • Remove an object from a target • listTargets • List all provisioning targets available at a given service point

  11. Specification Elements • Targets & Objects • A Target is an end-point for a request • Requestors can list available Targets • A Target supports core operations and defined capabilities • A PSP must supports at least one Target • A Provisioning Service Object is a uniquely identifiable data element “within the domain” of a given Target • Targets have a defined query-able schema • Targets can have many Objects • Object ID’s are unique within a scope of a given PSP ProvisioningService Point Capability Capability Capability Capability Capability Target Capability Target Target Schema Schema Schema Object Object Object Object Object Object Object

  12. Specification Elements • Capabilities • Optional operations interfaces for domain specific actions • Password operations • setPasword • expirePassword • resetPassword • validatePassword • Suspend actions • Suspend • Resume • Active • Reference relationship definitions

  13. Specification Elements • Capabilities • Place for optional elements of the core protocol • Async protocol definitions • Cancel operation • Status request • Batch operation • Batch • Bulk operations • bulkModify • bulkDelete • Search operations • Search • Iterate • Key extension point for future new operations

  14. Specification Elements • Target Schema • Each Target has a defined schema • Operations are requested relative to that schema • Target schema uses an extensible model with two “profiles” defined by the TC • Native XML Schema • Point to location of published XSD • SPML V1 DSML V2 Schema • DSML V2 name=value schema defined in-band Target Schema External XSD V1 Schema

More Related