Call for standards…Open Role Exchange

This past week, SailPoint Technologies’s CTO, Darran Rolls, submitted an open letter to the community for a discussion and call for standards around the exchange of role models, including items such as:

  • Common Exchange Format
  • Query & Exchange Operations
  • Change Control and Delegated Administration
  • Role Mapping and Resource Referencing
  • Common State Model

And in doing so, a new site was launched:

http://www.openroleexchange.org/

As Darran mentioned in a recent podcast, Role Interoperability is the next big standardization drive in corporate identity. In my travels and work with customers over the past 18 months, every identity project identifies role proliferation as a major problem across systems. Today, we have so many different provisioning solutions, role management products and enterprise applications all authoring their own definition of a role model. Getting these role models to interoperate with each other is making the CIO/CISO’s job much more difficult. These conflicting models along with the growing requirements for SOX based policy’s make it even more difficult.

Products like SailPoint’s ComplianceIQ and it’s Role Management capabilities provide a solid role model for an entire enterprise. These roles can be shared with leading provisioning solutions and enterprise applications, but at a cost. Every integration is somewhat custom and without a common schema or exchange format, some role model specifics can be lost in translation.

So, I’m looking forward to what the industry can come up with in this open call for standards. I hope that this role exchange format can bring out the best in all products with the ultimate goal of supporting that CIO/CISO’s focus on business roles without concern for each product’s rigid definition of a role model.

As this is an open call, I hope to follow this blog with my own interpretation of the key areas I bulleted above. I welcome any comments or suggestions. I also hope to see you out on the Open Role Exchange forum. My id is terry.

Technorati Tags: , , , ,

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: