ArisID de-couples developers from having to make protocol, schema, and architecture decisions that would limit the usability and deployability of their application in an evolving and ever complex enterprise network, where a large number of identity sources and protocols are used. By relying on intelligent ArisID libraries, developers can now ensure maximum flexibility and use of their applications while significantly reducing development time.
Fundamentally, rather than an application developer coding 'Use protocol X to obtain identity attribute Y', ArisID would have them express 'My application needs identity attribute Y' using an XML syntax
The CARML specification is an XML document that developers use to describe the identity data and transactions used by a service or application. The data types may include identity attributes, predicates (e.g. “Is an Adult”), and roles (e.g. “Manager,” “Business Class Flier”) that an application requires.
The burden of determining the how (ie LDAP, SAML, OAuth etc) and from where (i.e. dealing with discovery) to obtain the attribute is taken off the application, and assumed by the identity infrastructure.
I have been experimenting with profiling CARML in a slightly different manner - each morning, I create a CARML file with my food and drink expectations for that day (i.e. cold beer @ 5pm) and then upload it to my blog so that the home infrastructure can retrieve and process.
As in any intra-enterprise project there are political battles to be fought - the food and drink adminstrators have as yet refused to acknowledge the value of the new paradigm and cling stubbornly to clearly obselete modalities.