Here’s a sad statement on standards-based provisioning: “likely unachievable.”
That is the conclusion from Mark Diodati, a senior analyst in the identity and privacy practice at the Burton Group, who last week published his new report on the topic.
(Note: the full report is available only to clients)
The report concludes that complexity, performance and lack of vendor support for SPML v2 is a crippler for seamless interoperability between provisioning systems and target applications
But it is not the final word. I spoke today to Richard Sand, CEO for Skyworth TTG, a global systems integrator, who said he is working to revive the OASIS SPML TC, dormant for nearly two years, and work toward a SPML 3.0 focused more on needs for the cloud.
Sand said we should hear news on the new or revised TC this week or next. He is talking to a number of companies about joining in.
If that does not work out , Mary McRae, director of standards development at OASIS and a technical committee administrator, told me the current SPML TC would be laid to rest. She had been set to shut it down May 1, but has been actively working with Sand, who nominated himself to chair the TC.
Standards based provisioning just isn’t getting the traction that Sand says it deserves as cloud computing evolves. He acknowledges the complexity as a major hurdle.
When I talked to Diodati a few weeks ago, he told me Burton took the step of writing its own SPML connector to get the 20-miles-of-bad-road view on what it takes. His conclusion: “[The industry is] at a crossroads now.” And Diodati wrote in his report that his "unachievable" conclusion is “a sad prognosis, as SPML (or something like it), is desperately needed for interoperable provisioning services associated with locally hosted and cloud-based applications.”
“I have a lot of ambition around what SPML 3.0 should be,” said Sand. Foremost on the list is that it won’t be backward compatible with 2.0, which for all intents and purposes has no takers. But he says a SPML 3.0 effort would take “building blocks” from the existing work.
Sand says he is looking at simplification of some of the use cases. “I also want to put in some higher level use cases,” he said. “One problem with SPML is that adoption is a low-level thing. I want to give it some higher level function so it solves more of the integration challenges.”
He says he would like to spec out a REST specification and minimize the focus on SOAP. “I think this can make adoption a bit easier and make it more appealing to existing products. I want to get ahead of the curve for use cases around cloud enablement and what products will need to support.”
And Sand wants to attack the standard schema issue that was never really finished by the SPML TC.
“I want to put a stake in the ground. There can be more than one common schema. There could be one SPML recognizes out of the box so to speak. In the long term that could facilitate adoption because there would be a basic pre-fab schema that end points can translate into.”
Sand has a heavy rock to push up a steep hill, but he hopes SPML has a Chapter 3. This time with some tangible results.