Call for standards…Open Role Exchange

This past week, SailPoint Technologies’s CTO, Darran Rolls, submitted an open letter to the community for a discussion and call for standards around the exchange of role models, including items such as:

• Common Exchange Format
• Query & Exchange Operations
• Change Control and Delegated Administration
• Role Mapping and Resource Referencing
• Common State Model

And in doing so, a new site was launched:

http://www.openroleexchange.org/

As Darran mentioned in a recent podcast, Role Interoperability is the next big standardization drive in corporate identity. In my travels and work with customers over the past 18 months, every identity project identifies role proliferation as a major problem across systems. Today, we have so many different provisioning solutions, role management products and enterprise applications all authoring their own definition of a role model. Getting these role models to interoperate with each other is making the CIO/CISO’s job much more difficult. These conflicting models along with the growing requirements for SOX based policy’s make it even more difficult.

Products like SailPoint’s ComplianceIQ and it’s Role Management capabilities provide a solid role model for an entire enterprise. These roles can be shared with leading provisioning solutions and enterprise applications, but at a cost. Every integration is somewhat custom and without a common schema or exchange format, some role model specifics can be lost in translation.

So, I’m looking forward to what the industry can come up with in this open call for standards. I hope that this role exchange format can bring out the best in all products with the ultimate goal of supporting that CIO/CISO’s focus on business roles without concern for each product’s rigid definition of a role model.

As this is an open call, I hope to follow this blog with my own interpretation of the key areas I bulleted above. I welcome any comments or suggestions. I also hope to see you out on the Open Role Exchange forum. My id is terry.

Technorati Tags: Compliance, Identity, OpenRolesExchange, Roles, SailPoint

Advertisement

See you at Burton Group Catalyst NA ’08

I’ll be in San Diego for the Burton Group Catalyst Conference North America 2008. I hope you can join us this year.

Be sure to stop by the SailPoint Hospitality Suite and say hi Wednesday Evening!

Technorati Tags: Compliance, Identity, Risk

DART Rail in Plano, TX of all places…getting busy

This morning, heading down to a ISACA North Texas (Information Systems Audit and Control Association) luncheon on RBAC, decided to take the train from Plano to the Cityplace stop. Figured it’d save some time, gas and parking.

It’s obvious the gas prices are taking a toll on folks. Not only the

parking lots of DART rail were busy, but the local shopping venues (Kohl’s and Best Buy) parking lots were at their max. not sure how happy they are about that.
Anyways, writing this blog from comfort of my train seat over my AT&T wireless card on my MacBook. Hope to write more as I sit in some of these sessions at ISACA.

Technorati Tags: DART

Welcome to the new home of Sigle’s Sideline

Welcome to the new home of Sigle’s Sideline (http://blogs.sigle.com), my place to blog about the little things that touch my life at home or at work.

I’ve recently made a switch in my job from Sun Microsystems to SailPoint Technologies. Although different companies (especially # employees), my focus (Identity Management) will be very similar as it was back at Sun.

I’ll spend a little time in future postings sharing my thoughts around Identity Risk Management, the focus of SailPoint Technologies, and hopefully relate it back to some of the work I did at Sun.

Additionally, I’m still focused (in my nights/weekends) on Project OpenPTK with my buddies Scott Fehrman and Derrick Harcey. We’ve just completed discussions around finalizing version 1.1.0 and futures. We’ll hopefully be blogging about that soon.

If you have interest in reading some of my past blogs, please do so at http://blogs.sun.com/tls.

As always, just leave a comment if you agree or disagree with anything I say.

Thanks!

tls

Technorati Tags: Terry Sigle, OpenPTK