Network technologies such as the Internet have provided users and other entities with virtually unlimited access to remote systems and associated applications. This type of access in many cases has become a complex maze of processes that is often offloaded to third-party systems to manage. Application heterogeneity has increased exponentially, and rapid growth has forced enterprises to develop and deploy applications ever faster—even at the expense of integration and ease of administration. Historically, enterprises generally only had to consider these issues at an internal level. In many situations however, these enterprises now have to grant external access to employees, supply chain partners, contractors and customers. Organizations that employ third-party service providers (application, network or otherwise) generally, should manage users and access rights across both their internal systems and the systems run by service providers.
In some cases, provisioning systems can facilitate establishing new users' rights and privileges across multiple applications. Generally, these systems are tailored to the needs of an existing business to augment existing security practices by enabling administrators to quickly cut off terminated employees, and when necessary standards evolve, effect changes in employment status and responsibility across business partner networks. Many provisioning systems include a workflow system, a logging and audit system, a database to support the workflow and auditing tasks, and personal agents that communicate with applications to add, delete, suspend or change users and privileges. Not all provisioning systems have equal spans of control and utility, however, wherein several problems currently exist.
At the core of many systems, custom-designed models and architectures have been developed to support existing businesses and/or business practices (e.g., an electronic accounting system that can only manage accounts relating to the associated business it was designed for). These models can include inflexible rules that are configured to one particular business model or a limited subset of business activity. Thus, inflexible or hard-coded designs are not easily adaptable to newer and ever-changing technologies such as provided by the Internet and/or other type electronic services. Consequently, if new services are to be added to existing businesses, or if new packages of services are desired, extensive systems and architectural improvements are generally required to support such services.
Another related problem involves the amount of development effort that is expended when new services become available and another entity that has not developed the service desires to sell the respective service or in some cases become aware of service availability. As an example, if a vendor of a music service were to add a subsequent service such as a retail merchandise service, it is very likely that the vendor would have to develop a custom and/or new interface to support existing billing and/or accounting practices that were previously in place for the original music service. As can be appreciated, if new interfaces, software, procedures and/or business practices are required when new services are added and deployed or in many cases when new relationships are established, then development time and associated costs can become excessive.