SAN DIEGO (07/26/2000) - Long thought of as a place to manage end users and organize lists of employees, the enterprise directory is quickly evolving into a platform for e-commerce and a key technology for use with XML-enabled applications.
That evolutionary process and its importance for enterprise users will get a thorough examination this week at The Burton Group's Catalyst Conference in San Diego.
IT executives will get a peek at new products from several vendors, including Netegrity and Oblix, that are designed to help firms securely expose their directories to outside users. The directory is key for controlling business partners' access to applications and data, which is a pressing issue among IT executives building e-commerce relationships.
They also will be looking at the Directory Services Markup Language (DSML), an XML specification introduced at the conference last year to great fanfare. The now emerging DSML 2.0, which will be put on a standards track, raises hopes of XML and directory integration, along with concerns over fragmentation of directory access standards.
"The directory has popped up a level in importance and the question now is, 'How do we leverage the directory to build electronic commerce applications?'" says Jamie Lewis, president of The Burton Group, a consulting firm in Midvale, Utah.
Controlling net access
One of the conference's key topics will examine the directory as a platform and explore how to use it to control access to internal systems by potentially thousands of external business partners.
"Access management is the hottest topic for us right now," says Harold Albrecht, chairman of the Network Applications Consortium (NAC), a user organization with the goal of improving interoperability of applications in heterogeneous environments. "I don't want to poke a new hole in my firewall every time someone needs access to an internal system. I need a more flexible way to manage external users across what have traditionally been rigid enterprise boundaries."
Albrecht says the directory is the foundation for solving the issue. In March, the NAC began developing a general-access management model for its members.
Those members will get a look at some new access products this week at Catalyst. Netegrity plans to unveil its Delegated Management Services (DMS), which lets companies delegate user administration to business partners. DMS lets partners manage only their portion of a host directory, deleting and adding users and assigning access rights within a set of guidelines.
Oblix will introduce Web browser-based software, dubbed NetPoint, that lets IT managers control the authentication and access of trading partners and customers to the company's extranets and Web-enabled applications. NetPoint lets customers subscribe to a host's extranet and add or delete user accounts and passwords for its employees and manage workflow processes.
In addition to access, other key issues will find prominence at Catalyst, including DSML 2.0. A year ago at the conference, e-commerce vendor Bowstreet introduced the 1.0 version with backing from Microsoft Corp., Novell Inc. and Oracle Corp., among others. Version 1.0 was limited, providing only a description of a directory's content. DSML 2.0 promises to add query and modification capabilities and the ability to manipulate directory data, a critical step allowing developers of XML-enabled applications to add hooks to a directory.
The Organization for the Advancement of Structured Information Standards (OASIS) has created a working group to put DSML 2.0 on a standards track. A draft specification is expected this fall.
"DSML 2.0 is more transactional and opens up a whole new arena for XML apps to use the directory," says James Tauber, director of XML technology for Bowstreet and chairman of the OASIS DSML Technical Working Group.
Many vendors, including iPlanet, Radiant Logic and Sun, will use Catalyst to demonstrate support for DSML. Radiant Logic plans to introduce Radiant One 1.5, which supports DSML 1.0. The software is a "virtual directory" that has an intelligent cache to accelerate LDAP-based access and modification of back-end database information.
But DSML 2.0 is raising some questions as XML and directories continue on a course toward convergence.
Observers are concerned about the overlap of DSML and the Lightweight Directory Access Protocol and whether LDAP, XML's Simple Object Access Protocol (SOAP) or both will become the protocol of choice for accessing a directory. LDAP isn't particularly suited to traverse corporate firewalls, while SOAP is designed just for that purpose.
"The concern is over the ability to get some sort of universal agreement," says The Burton Group's Lewis. "DSML should provide a mechanism that is protocol-independent."
Lewis says with many hands in the DSML pie, including those of OASIS and Microsoft's BizTalk.org, and the speed at which XML efforts are moving, the possibility is high for fragmentation in creating a standard set of XML tags to access the directory.
Lewis says getting a single standard is important to provide developers a simple mechanism for building directory support into XML-based applications without having to use low-level programming techniques.