Earlier this month, Oracle announced that it would hand over the Identity Governance Framework (IGF) to Liberty Alliance. IGF is an interesting framework that is composed of CARML, AAPML, an API and an identity attribute service. This is the very high level of what I understand...
CARML (client attribute req. markup language) is an xml style doc that a developer would write that lets others know about the 'data needs' of their app, for example, my app needs attibutes A, B and C. (A good usage of carml doc is for identity services, which can tell apps what info it could give them)
AAPML (attribute authority policy markup language) on the other hand is a doc that goes with the data sources. These data sources can define how place constraints on how its data is to be used. Its a profile of XACML 2.0, and can be used by a policy enforcement point (pep) to do its job, (although it has an added feature of requiring the pep to check if user consent has been obtained).
IGF also comes with specs for an client api.
What was really cool is the industry's appreciation of Oracle's move:
"We're very pleased to see that Oracle has submitted the Identity Governance Framework to the Liberty Alliance," said Don Bowen, director of Identity Integration for Sun Microsystems, Inc. "Sun believes Liberty is well suited because of its business and technical experts from all verticals, including government. Its work in the area of data privacy is not only valuable, but essential."
— Sun Microsystems, Inc., Don Bowen, director of Identity Integration
"Novell welcomes Oracle's contribution to the Liberty Alliance. We continue to look forward to working with Oracle and the other leaders in the identity management market in the development of an open identity framework."
— Novell, Inc., Nikols, vice president, Product Management Identity and Security
"CA is supporting the Identity Governance Framework to help customers more easily protect personal data across their disparate systems and applications," said Andy Rappaport, Architect, Identity and Access Management at CA. "We look forward to working with the Liberty Alliance, Oracle and others to develop practical, adaptable XML-based specifications that simplify the creation, enforcement and management of identity security policies."
— CA, Andy Rappaport, Architect, Identity and Access
It's great when everyone can play nice.