Press Release

Companies Demonstrate Interoperability of Service Provisioning Markup Language (SPML) OASIS Standard

BMC Software, CA, Citrix, Oracle, Sun, and Others Collaborate on Service Provisioning InterOp at Burton Catalyst 06

San Francisco, CA, USA; 14 June 2006 – Six international companies joined together to demonstrate interoperability of the Service Provisioning Mark-up Language (SPML) version 2.0 at the Burton Catalyst 06 conference in San Francisco today. Developed by the OASIS Provisioning Services Technical Committee, SPML is an approved OASIS Standard that lets companies manage the provisioning and allocation of identity information and system resources within and between organizations. “The SPML OASIS InterOp at Catalyst is a milestone in the development of a standards-based approach for the management of user identities across heterogeneous applications,” stated Mark Diodati, analyst for Burton Group’s Identity and Privacy Strategies. “Products that leverage SPML can help organizations provide user access to resources without custom provisioning connectors.” The Catalyst demonstration scenarios involve a group of companies that outsource various services to application service providers (ASPs). Each ASP publishes a SPML interface for provisioning accounts. Each company uses a SPML client that makes provisioning requests to the ASPs as needed. The roles of company and ASP are interchangeable among all six InterOp participants. “Both provisioning vendors and their customers benefit from the increased standardization that SPML 2.0 offers,” said Jeff Bohren of BMC Software, co-chair of the OASIS Provisioning Services Technical Committee and participant in the InterOp. “Today’s demonstration showed how smoothly SPML interoperates among products and users, resulting in lower costs and quicker implementations. The range of systems that support SPML is exciting, and demand in the marketplace for SPML support continues to grow.” Members of the OASIS Provisioning Services Technical Committee include representatives of BEA Systems, BMC Software, CA, Capgemini, Hewlett-Packard, IBM, Microsoft, Oracle, SAP, SOA Software, Sun Microsystems, and others. Participation remains open to all, and suppliers, end-users, and systems integrators are invited to join OASIS to advance the continued development and adoption of SPML. OASIS hosts an open mail list for public comment and the spml-dev mailing list for exchanging information on implementing the standard. Companies Collaborate on SPML Interoperability BMC Software “BMC Software is delighted to participate in the SPML 2.0 OASIS InterOp,” said Doron Cohen, CTO, Identity Management Business Unit, BMC Software. “BMC has been a strong supporter and active contributor to the development of SPML 2.0 since its inception. By supporting and promoting interoperable identity provisioning, we are helping our customers to be better positioned to build an identity-aware business.” CA “Broad support for security standards such as SPML is a key component of CA’s identity and access management strategy,” said Gavenraj Sodhi, director of product management for security management at CA and co-chair of the OASIS Provisioning Services Technical Committee. “The interoperability enabled by the support of SPML ensures that our customers can efficiently integrate IT administration and readily extend critical identity services beyond their organizational boundaries.” Citrix “Citrix is delighted to lead the Enterprise Single Sign-On market in supporting SPML v2, as this standard opens the door to universal interoperability with User Provisioning solutions and ultimately delivers the best access experience for end users by eliminating the need to manually enter application credentials,” said Derek Thorslund, Senior Manager, IAM Products, Citrix Systems. Oracle “The SPML OASIS Standard provides business value by helping to lower process integration costs and enabling the secure propagation of identity information beyond the enterprise,” said Prateek Mishra, director, Security Standards, Oracle. “As part of our commitment to helping organizations secure their systems and extend the value of their IT investments, we have made SPML a core element of Oracle® Identity Manager. Oracle’s support of SPML throughout our family of identity and access management products and Oracle Fusion applications helps organizations implement a comprehensive identity lifecycle to manage access to sensitive applications and networks that encompass customer, supplier and partner ecosystems.” Sun Microsystems “Sun continues to drive identity management and Web services standards both through our participation with organizations such as OASIS and the Liberty Alliance, and by providing full support for the latest standards within our products,” said Bill Smith, director of business alliances at Sun Microsystems. “Sun is proud to have been a supporter of SPML since its inception, and we are pleased to showcase SPML 2.0 interoperability between Sun Java System Identity Manager and other vendors products at the Burton Catalyst Conference.” HP “As a member of the OASIS Provisioning Services Technical Committee, HP is pleased to see this new standard ratified and will support it in OpenView Select Identity. Enterprise customers significantly benefit from SPML v2.0 as it standardizes previously proprietary mechanisms such as password management, thereby reducing total cost of ownership, maintenance, and integrations with their IT infrastructure,” said Richard Hawes, Senior Product Manager for HP OpenView Identity Management. “HP’s goal is to benefit enterprise customers by accelerating the adoption of SPML v2 among enterprise application vendors, in addition to user provisioning vendors. Leading provisioning products such as Select Identity have been using SPML v1.0 for some time as a core component of their management interfaces, and the real breakthrough will be realized when the application targets, such as enterprise applications and application platforms, natively support SPML v2.0.” Additional Information: OASIS Provisioning Services Technical Committee About OASIS: OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces open standards for Web services, security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 5,000 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include AVDL, BCM, CAP, DITA, DocBook, DSML, ebXML CPPA, ebXML Messaging, ebXML Registry, EDXL-DE, EML, OpenDocument, SAML, SPML, UBL, UDDI, WSDM, WS-Reliability, WSRF, WSRP, WS-Security, XACML, XCBF, and XML Catalogs. OASIS Press contact: Carol Geyer Director of Communications, OASIS +1.978.667.5115 x209