The next version of Oracle Identity Management software will utilize SAML from the Organization of Advancement in Structured Information Standards (OASIS), sometime in 2004.

Use of various WS- specifications, jointly authored by IBM Corp [IBM] and Microsoft Corp [MSFT], and Liberty Alliance Project specifications for single sign-in are also in Oracle’s plans.

Authorization and authentication for Oracle applications and others’ applications via the company’s Identity Management suite is today provided via a proprietary API.

And, while Oracle Identity Management can be accessed via software from partners including Entrust Inc [ENTU] and Oblix Inc, this is achieved by exposing Oracle’s programming interfaces.

Oracle is moving to SAML so developers no longer need to write to a specific API, and can instead use the more generic XML interface.

SAML would be the first standard adopted because it is the most mature of the specifications for authentication. Oracle has implemented elements of WS-Security such as encryption and digital signatures in applications but this standard needed to firm up.

The company is evaluating a number of emerging XML-based specifications for provisioning, authorization and access control.

Liberty’s specifications are also in Oracle’s plans.

Oracle Identity Management composes a series of modules available through applications such as Oracle’s application server. These are Single Sign-On, Certificate Authority, Delegated Administrate Services, Directory Integration and Provisioning and Provisioning and Integration Services.

Standards are likely to be implemented across all features of Oracle Identity Management.

This article was based on material originally published by ComputerWire.