Account Provisioning

Automation streamlines the process of managing user information.


But companies are finding that there's room and a growing popularity for the smaller vendors that help companies that have mixed products already in-house. With the help of these smaller vendors, companies can integrate with their provisioning software instead of making complete replacements with something new. Business Layers and Courion both have links to other software vendors that provide tremendous flexibility and growth opportunity.

The Reason for the Growing Market
It makes sense that companies would want to automate identity management, since human errors occur regardless of how careful individuals are when entering and deleting information into systems. Automation also eliminates the cost associated with paying an employee to enter and delete data.

As companies strive to stay lean, it's common for them to use employees on different projects, and as they are reassigned, their need for and access to resources change. Account provisioning software appears to be the solution to handle these actions.

Part of the user satisfaction problem with account management has always been that users with separate passwords for multiple applications tend to write the passwords down and leave them accessible because they simply forget which one is which. This is especially prevalent when the company institutes the mandatory ?Change Password? rule every 30 days. It's hard to be original, creative and secure and remember numerous passwords and system log-ins, especially when they change every 30 days.

Provisioning provides a way to link systems while providing one password?the long sought-after single sign-on. This, in addition to simplifying user access and increasing security, also shrinks the administrative costs of monitoring the rules and rights access for different and divergent systems. Provisioning software also provides clear and recognizable auditing and a tangible ROI.

The Future of Account Provisioning
There appears to be a bright future for account provisioning. Already popular for tying diverse platforms and applications together in-house, it is now expanding to tying platforms and applications from different companies via the Internet.

The Internet Business Services Initiative (IBSI) is an industry association promoting the development and use of Web-native business solutions. In 2001 the IBSI launched a ?proof-of-concept? implementation of its first standard to streamline interoperability among Internet business services. This standard was known as the IBSI ITML Provisioning Specification, and was released to general industry to allow secure account information to be shared among services.

The standard defines secure interoperability standards for sharing user data among Web-based business-to-business services so that customers will not have to enter the same information multiple times?that is, every time they subscribe to a new service or change their user permission levels. The IBSI felt that the ITML Provisioning Specification was important in enhancing integration among online software companies. The specification was the basis for permitting customers to have access to accounts at all of their subscribed software services. This type of access makes online applications convenient and flexible.

Naturally, the ITML Provisioning Specification is the first in a series of planned technical recommendations by the IBSI. Other subjects to be addressed are single sign-on and technical guidelines for issues not yet addressed by other standards groups. The purpose is to rapidly establish a commonly accepted integration path for services.

The original provisioning specification is based on an industry-standard XML protocol for provisioning users and companies across multiple Internet businesses and integration platforms.

Building on that specification, Netegrity Inc. and Business Layers recently demonstrated the industry's first XML-based solution for identity management known as Services Provisioning Markup Language (SPML). The language was specifically developed to address the challenges associated with complex resource provisioning for inter-organizational business transactions. According to the companies, SPML is designed to leverage Web services to archive secure, federated user resource allocation to maximize exiting IT resources, reduce administrative costs, and enhance security. Business Layers will be responsible for submitting the original provisioning specification to the Organization for the Advancement of Structured Information (OASIS).