A group of security vendors will give the first public demonstration of the new Service Provisioning Markup Language for identity management at the Burton Groups Catalyst Conference July 9.
SPML is designed to enable companies to exchange user rights and resource information across heterogeneous networks. The language is an XML-based framework that also includes support for a number of other standards, such as Simple Object Access Protocol and WS-Security.
Identity management has quickly become one of the hottest topics in the security community and vendors and customers alike are struggling to define exactly what the term encompasses and how best to address the problem. For most enterprises, the motivation behind deploying an identity management solution is the desire to automate and streamline the process of managing, creating and deleting user accounts across a variety of corporate applications and systems.
To do that efficiently, the systems need a common form of communication, which is where SPML comes in. The language is also seen as being key to the secure deployment of Web services.
Many of the involved vendors will be releasing SPML-compliant solutions in the coming weeks and months. Among the companies involved in the specifications development were Business Layers, Waveset Technologies Inc., Entrust Inc., BMC Software Inc. and OpenNetwork Technologies.
"Clearly, security is essential for the proliferation of Web services. Thats why its so significant that these SPML developers are proving interoperability on a major scale, in a public forum," said Karl Best, vice president of Organization for the Advancement of Structured Information Standards, the standards body under which SPML was developed. "The demonstration is a milestone in the development and recognition of SPML 1.0 as a crucial security layer in the Web services stack."
Ten members of the technical committee that developed SPML will be at the Catalyst Conference in San Francisco for the demo.