• United States

Provisioning gets its recognition

Jan 12, 20043 mins
Access ControlEnterprise Applications

* Moves that illustrate the importance of provisioning to the identity management arena

In the last issue, when I mentioned that provisioning is now only a small part of the entire identity management spectrum and needs to be integrated with the rest and be part of vendor offerings, it was not with any specific event in mind. I’d written those words before Christmas, so I wasn’t influenced by the Dec. 30 announcement that Netegrity was acquiring Business Layers, arguably the last of the “pure play” provisioning companies. The acquisition follows Sun’s purchase of Waveset and the previous acquisition of Access360 by IBM’s Tivoli division.

Yes, there are still “independent” (whatever that means, these days) providers of provisioning solutions, such as Thor and Oblix, but Thor came to provisioning from its long experience in security while Oblix moved beyond pure provisioning some time ago. Both are better examples of competitors against Netegrity than they were against Business Layers.

Last February, when we re-named this newsletter from the previous title “Network World on Directory Services,” I wrote that the directory is now part of the infrastructure for the loose collection of new age technologies called ‘Web services.’ I said that in particular, Web services rely on identity management and identity management requires a directory platform.

I also mentioned that computing had moved on beyond arguing the need for directory services – the directory was necessary for 21st century computing, which is now and will be for the foreseeable future based on an identity management paradigm.

But just as the directory is necessary for identity management so too is the provisioning service. In the next generation of Web services, (or whatever the next “new thing” is called) it will be unthinkable that all of the data repositories containing a person’s roles, personae, and attributes are not connected and related.

Since provisioning will be an essential part of identity management, then, it will be a requirement for any vendor hoping to make a play in the identity management space to have a provisioning service – and it’s better to have your own than to have to rely on someone else’s. In fact, with provisioning becoming a small part of a larger solution, the way is clear for a general rationalization of provisioning methods – a fully formed, optimized provisioning protocol. That certainly seems like something that the Provisioning Services Technical Committee of OASIS could (and should) take up. And quickly, before Microsoft and IBM decide they’ll dream up their own version called WS-Provisioning. Stay tuned; I’ll keep you informed on where this is leading.