• United States
by Staff

SPML 2.0 ratified as a standard for managing user access

Apr 11, 20061 min
Access ControlEnterprise ApplicationsWeb Development

In a move that could open the door to more user account provisioning in the enterprise, the OASIS consortium approved the SPML (Service Provisioning Markup Language) version 2.0 specification as an official OASIS standard on Tuesday.

OASIS’ Provisioning Services Technical Committee approved SPML 2.0, an XML framework for managing resources, such as user accounts and privileges, between networks and applications used by different organizations. The new standard includes such features as password management and user account deprovisioning that many companies need to manage access to sensitive applications and network resources.

The standard was developed jointly by representatives from OASIS member companies such as BEA, BMC, CA, IBM, Oracle, Sun, and others.

SPML 2.0 builds on the SPML 1.0 standard, which was approved in Nov. 2003.

The new standard, coupled with already approved OASIS standards such as SAML (Security Assertion Markup Language) and WS-Security, will make it easier for services and applications running in one enterprise to exchange information and interoperate with those on a different organization’s infrastructure, especially when it comes to exchanging information about user access and permissions for digital and physical resources such as cell phones and credit cards, OASIS said.