LDAP-Enabled Privacy at The University of Notre Dame EduCAUSE conference, October 2002 Brendan Bellina Office of Information Technologies University of.

Slides:



Advertisements
Similar presentations
Family Educational Rights and Privacy Act What you should know about FERPA.
Advertisements

Protect Our Students Protect Ourselves
FERPA: Family Educational Rights and Privacy Act
FERPA What it Means to You, The Instructor. What is FERPA? 1974 – Family Educational Rights and Privacy Act Buckley Amendment Protects the Privacy of.
The Family Educational Rights and Privacy Act
Family Education Rights & Privacy Act of 1974 FERPA, You, & UC.
Maureen Cronin Associate Registrar for DARS University of Nevada, Reno.
FERPA for Students What Every MSU Student Should Know Prepared by the Office of the Registrar.
F amily E ducational R ights and P rivacy A ct University of Nebraska at Kearney.
1 Office of the General Counsel FERPA  Family Educational Rights and Privacy Act (20 U.S.C § 1232g)
FERPA: WHAT YOU SHOULD KNOW ILASFAA April 18, 2008 Amy Perrin Director of Financial Aid Elgin Community College.
Family Educational Rights and Privacy Act What you need to know...
Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.
EDUCAUSE Nov, 2003 Directory-Enabling Applications: Techniques from the Trenches Brendan Bellina Senior Systems Engineer University of Notre Dame This.
FERPA: Family Educational Rights and Privacy Act.
FERPA Skidmore College Family Education Rights & Privacy Act What is FERPA? It is the Family Educational Rights and Privacy Act of Is also referred.
What is FERPA? Family Educational Rights and Privacy Act.
Directory-Enabling Applications: Techniques from the Trenches Brendan Bellina Senior Systems Engineer University of Notre Dame This presentation is available.
Self-Service Privacy Using LDAP at The University of Notre Dame CUMREC 2003 Brendan Bellina Office of Information Technologies University of Notre Dame.
2/16/2010 The Family Educational Records and Privacy Act.
Presented by Dave O'Guinn and Kip Drew Indiana University
1 FERPA and Student Privacy in Records of University Research ECURE March 1, 2005 Richard Rainsberger, Ph.D. Consultant, Education Records Law and Privacy.
FERPA Overview for CANR Business Managers Rob Kent, MSU Assistant General Counsel October 7, 2014.
The Family Educational Rights and Privacy Act (FERPA) The Importance of Protecting Student Records This session will help you better understand the law.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
Copyright Anthony K. Holden, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
FERPA 101 Student Records: Institutional Responsibility and Student Rights What Every University Employee Should Know Prepared by the Office of the Registrar.
FERPA Training. What is FERPA? FERPA (the Family Educational Rights and Privacy Act of 1974), also known as the Buckley Amendment, is a Federal law that.
1 No More Paper, No More Stamps: Targeted myWSU Communications Lavon R. Frazier April 27, 2005 Copyright Lavon R. Frazier, This work is the intellectual.
Page 1 Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for.
Managing Enterprise Directories: Operational Issues Performance Monitoring Brendan Bellina, University of Notre Dame Base CAMP – Tempe, Arizona February.
Ten Thing IT Staff Need to Know About Education Records Privacy Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
8/28/2015 The Family Educational Rights and Privacy Act (FERPA)  Also known as the Buckley Amendment.  Statute: 20 U.S.C. 1232g; Regulations: 34 CFR.
Understanding the IRS 990n e-Postcard COPYRIGHT 2010 Gold Wing Road Riders Association, Inc. All rights reserved under International and Pan-American Copyright.
The Family Educational Rights and Privacy Act FERPA Tutorial online:
FERPA Family Educational Rights and Privacy Act and Rebecca Macon Registrar University of Georgia Presentation for GASFAA October.
FERPA at The Catholic University of America Presented by Laura Jacobs Anderson Associate Registrar Office of Enrollment Services.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
Confidentiality and Public Information Act LISD Special Education Department Training SY
The Family Educational Rights & Privacy Act (FERPA) Presented by: Diane Mendoza.
FERPA Ramapo Style Everything You Wanted to Know But Were Afraid To Ask… And Shouldn’t Tell!
NERCOMP 2002 Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith University Registrar University of Connecticut.
Family Educational Rights and Privacy Act. From the moment a child enters the school system, sensitive information is collected about the child (and even.
Protecting Privacy of Institutional Data Being aware of and respecting student, faculty and staff requests for privacy of personal data in LAN/NOS environments.
Family Educational Rights and Privacy Act (FERPA) UNION COLLEGE.
FERPA Basics From the University of Northern Iowa and Office of the Registrar.
State FERPA Agreements Using Data & Protecting Privacy SHEEO / NCES Data Conference April 2005.
1 CONFIDENTIALITY. 2 Requirement Under IDEA 34 CFR Sec (c) All staff collecting or using personally identifiable information in public education.
Family Educational Rights and Privacy Act.  What is FERPA?  What Information May Be Released?  Request Non-Release of Directory Information  What.
Recent Developments in Directories: Performance Monitoring with “Look” Brendan Bellina, University of Notre Dame Spring 2003 Internet2 Member Meeting.
Sharing Information (FERPA) FY07 REMS Initial Grantee Meeting December 5, 2007, San Diego, CA U.S. Department of Education, Office of Safe and Drug-Free.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
CONFIDENTIALITY. Three Confidentiality Laws 1.FERPA-Family Education Rights and Privacy Act (State Policy 4350: Procedures for the Collection, Maintenance.
TASFAA 2016 Legacy of Leadership. TASFAA 2016 Legacy of Leadership Family Educational Rights and Privacy Act (FERPA) An Overview Molly Thompson Associate.
The Georgia Open Records Act and ferpa
FERPA Family Educational Rights and Privacy Act of 1974 (also known as the Buckley Amendment)
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT (FERPA) What Faculty and Staff Should Know.
Middleware: Directories Metadirectories Related Work Brendan Bellina, University of Notre Dame.
University of Southern California Identity and Access Management (IAM)
Federating with NIH, NSF, and the National Student Clearinghouse
FERPA Family Educational Rights and Privacy Act of 1974
University of Southern California Identity and Access Management (IAM)
Welcome to the FERPA training for Faculty and Staff.
myIS.neu.edu – presentation screen shots accompany:
FERPA For New Faculty Lawrence F. Glick Sr. Associate General Counsel
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

LDAP-Enabled Privacy at The University of Notre Dame EduCAUSE conference, October 2002 Brendan Bellina Office of Information Technologies University of Notre Dame du Lac Copyright © Brendan Bellina, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

October, 2002Copyright © 2002, University of Notre Dame du Lac2 Confidentiality in U.S. Higher Education

October, 2002Copyright © 2002, University of Notre Dame du Lac3 Family Educational Rights and Privacy Act (FERPA) Institution definition of “Directory Information” –Full name –Address –Telephone number –Day and place of birth –College, major, or level –Participation in officially recognized activities and sports –Weight and height of members of athletic teams –Dates of attendance –Full or part-time status –Degrees and awards received –Most recent previous educational agency or institution attended by the student –Other similar information such as a photograph

October, 2002Copyright © 2002, University of Notre Dame du Lac4 Family Educational Rights and Privacy Act (FERPA) Publish Official Request Process: Notre Dame’s process requires that the student must file written notification that he/she wishes to prevent disclosure of the designated directory information with the Registrar’s Office.

October, 2002Copyright © 2002, University of Notre Dame du Lac5 Initiating FERPA Protection: The Student Request FERPA protection at registration or… Submit formal request for FERPA protection to the Office of the Registrar providing name and/or login id Wait for request to be processed.

October, 2002Copyright © 2002, University of Notre Dame du Lac6 Initiating FERPA Protection: The Office of the Registrar Update Student Information System record to indicate that the student has requested FERPA protection Contact the Office of Information Technologies to have electronic directories & services updated

October, 2002Copyright © 2002, University of Notre Dame du Lac7 Limitations Complex and slow– multiple steps and points of failure and delay Available only during office hours M-F 8-5 Cumbersome – requires student visit Dependent on availability of system administrators for multiple systems (core middleware, ) Limited granularity – phone, address, spouse name, or all

October, 2002Copyright © 2002, University of Notre Dame du Lac8 Unwanted Side Effects Disabled functions reliant upon ph entry information, including forwarding and WebCT Created errors during listserv processing Required coding modifications for each request Required configuration modifications for each request Separated user account from source systems, preventing automated disablement

October, 2002Copyright © 2002, University of Notre Dame du Lac9 Goals Self-service web application Multi-level opt-out Automate processes Reduce administrator involvement Eliminate need for coding and configuration changes 7x24x365 availability Immediate effect – no latency Attribute level granularity Eliminate need for office visit No restrictions on services caused by privacy

October, 2002Copyright © 2002, University of Notre Dame du Lac10 Steps Taken to Date Script written to perform several of the administrator functions Implementation of Enterprise Directory Service with redundant iPlanet LDAP Sun E250 Servers Elimination of X.500 directories and Eudora ndbm database to further reduce administrator involvement

October, 2002Copyright © 2002, University of Notre Dame du Lac11 Steps Taken to Date Web pages implemented to allow user to edit entry content and update privacy options in the Enterprise Directory Service real-time, 7x24x365. Provide LDAP-enabled applications with service id’s authorized to access private entries Windows Active Directory domain policy to redirect Active Directory searches to the EDS

October, 2002Copyright © 2002, University of Notre Dame du Lac12 Screen Samples

October, 2002Copyright © 2002, University of Notre Dame du Lac13 EDS Authentication Screen

October, 2002Copyright © 2002, University of Notre Dame du Lac14 Directory Entry Display

October, 2002Copyright © 2002, University of Notre Dame du Lac15 Directory Entry Edit

October, 2002Copyright © 2002, University of Notre Dame du Lac16 Privacy Options

October, 2002Copyright © 2002, University of Notre Dame du Lac17 Display Preferences

October, 2002Copyright © 2002, University of Notre Dame du Lac18 Opt-out Options Entry level and Attribute Level –Private – The entry/attribute is visible only to the owner and to authorized applications. This is a selectable option for active student and departmental accounts. –ND-Only – The entry/attribute is visible to authenticated searches and to authorized applications. This is a selectable option for all active accounts.

October, 2002Copyright © 2002, University of Notre Dame du Lac19 How It Works

October, 2002Copyright © 2002, University of Notre Dame du Lac20 Directory Attributes: dn Directory dn is comprised of: –ndGuid – a uniquely defined string of characters derived in part from University id –Directory base Intentionally avoided basing on name or login id in order to: –(1) reduce chance of dn changes when name changes occur, and –(2) allow anonymity without requiring entire entry to be restricted.

October, 2002Copyright © 2002, University of Notre Dame du Lac21 Directory Attributes: ndEntryStatus Multi-valued attribute used to control access to the entry from applications. Allowable values: –active –restrictEDS – indicates entry restricted to owner and authorized applications –restrictndonly – indicates entry restricted to authenticated searches

October, 2002Copyright © 2002, University of Notre Dame du Lac22 Directory Attributes: ndVisibilityControl Multi-valued attribute used to record access level for specific attributes Allowable values: Attribute name, + –private – indicates attribute restricted to owner and authorized applications –ndonly – indicates attribute restricted to authenticated searches

October, 2002Copyright © 2002, University of Notre Dame du Lac23 Directory Attributes: ndDisplayPreferences Multi-valued attribute used to record user preferences for the directory entry display screen Allowable values: –maskpriorsurname – indicates that common name values based on prior surname should not be displayed –maskuid – indicates that uid (login is) should not be displayed

October, 2002Copyright © 2002, University of Notre Dame du Lac24 Directory Attributes: aci Entry level aci’s used to control access to entry attributes as specified in ndVisibilityControl Ou level aci’s used to prevent unauthorized access to restricted attributes such as ndUniversityid, ndPermid, ndRolesAssigned

October, 2002Copyright © 2002, University of Notre Dame du Lac25 Directory Attribute Access Types Always restricted –exp. ndUniversityid, ndPermid, ndRolesAssigned Never restricted –exp. dn, uid Restrictions based on user preference

October, 2002Copyright © 2002, University of Notre Dame du Lac26 Directory Attribute Access Groups Groups are used to allow applications to have access to entries and attributes. Use of groups reduces directory maintenance/administrative time Groups are not visible anonymously

October, 2002Copyright © 2002, University of Notre Dame du Lac27 Steps Remaining Elimination of public access to ph Inclusion of FERPA opt-outs in the EDS Implement a tie between the EDS opt-out and FERPA settings and Registrar notification

Links ND Enterprise Directory Service, ND EDS Documentation, ND EDS Schema Documentation, ND EDS Search, eduPerson object class, Internet2,

Contact Information Brendan Bellina Office of Information Technologies University of Notre Dame du Lac Website: Directory Entry: vCard:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.