Sun has released the next version of its provisioning software and deeply integrated it with role management tools as it continues to push policy-based identity management.

Sun's intent is to create a role-based provisioning and compliance platform for its identity software portfolio. The company released Identity Manager 8.0, user provisioning software that features new data export and validation mechanisms to certify access rights and deal with exceptions. Identity Manager not only automates the process of assigning user access to various systems, but also executes a follow-up process for continuously checking what a user actually has access to.

Sun has integrated Identity Manager with Sun Role Manager, software acquired when it bought Vaau in November 2007. Role Manager lets users manage identities, including validating role definitions; continuously compares user access privileges to assigned exceptions; and logs the resources users access. It also includes role certification by role owners, approval workflow and role consolidation.

Sun has had a keen focus on policy as it has built out its identity platform over the past two years.

"The next step for future releases is more unification of our suite," says Sachin Nayyar, chief identity strategist for Sun. "Not just ID, roles and compliance, but also access and directory so everything has a similar UI and documentation and simpler structure of the APIs."

Identity Manager 8.0 includes new export features that let identity data and events be exported to a data warehouse and business intelligence tools. It also features new reporting tools and management of privileges. The 8.0 software also has validation features to manage identity data.

Sun Identity Manager 8.0 is available as a stand-alone product or as part of the Sun Java Identity Management Suite, which includes Role Manager, System Access Manager, System Federation Manager and System Directory Server.