SPML 2.0 ratified as OASIS Standard

The standard includes features such as password management and user account deprovisioning

In a move that could open the door to more user account provisioning in the enterprise, the OASIS consortium approved the SPML (Service Provisioning Markup Language) version 2.0 specification as an official OASIS standard on Tuesday.

OASIS' Provisioning Services Technical Committee approved SPML 2.0, an XML (Extensible Markup Language) framework for managing resources, such as user accounts and privileges, between networks and applications used by different organizations. The new standard includes such features as password management and user account deprovisioning that many companies need to manage access to sensitive applications and network resources.

The standard was developed jointly by representatives from OASIS member companies such as BEA, BMC, Computer Associates, IBM, Oracle, Sun MicroSystems, and others.

SPML 2.0 builds on the SPML 1.0 standard, which was approved in Nov. 2003.

The new standard, coupled with already approved OASIS standards such as SAML (Security Assertion Markup Language) and WS-Security, will make it easier for services and applications running in one enterprise to exchange information and interoperate with those on a different organization's infrastructure, especially when it comes to exchanging information about user access and permissions for digital and physical resources such as cell phones and credit cards, OASIS said.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies