Council of Australian University Directors of Information Technology Promoting and advancing the use and support of information technology in higher education.

Slides:

Advertisements

Similar presentations

The intersectoral approach within the OAS Inter-American Council for Integral Development (CIDI) First Meeting of Ministers and High Authorities of Social.

Advertisements

Options appraisal, the business case & procurement

Toolkit. Definition of corporate volunteering Any effort by an employer to encourage and assist employees to volunteer in the community.

PROVINCIAL COACHING COMMISSIONS STRUCTURE AND TERMS OF REFERENCE.

Develop an Information Strategy Plan

International Federation of Accountants International Education Standards for Professional Accountants Mark Allison, Executive Director Institute of Chartered.

IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

Functional component terminology - thoughts C. Tilton.

Scrutiny Scrutiny is a major tool for evaluating and then effecting change. Reviewing and evaluating what is done and measuring its success is key to better.

Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.

Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.

CRICOS Provider No 00025B Strategies for enhancing teaching and learning: Reflections from Australia Merrilyn Goos Director Teaching and Educational Development.

InCommon and Federated Identity Management 1

Challenge Questions How good is our operational management?

The South Australian Public Library Network. Agenda Governance Funding Reforms – PLS & Councils Network features Role of Public Library Services State-wide.

Alabama GIS Executive Council November 17, Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.

Networks ∙ Services ∙ People John DYER TF-MSP Video Conference Community Procurement Support Building on the SPOT-ON Proposal Smart Procurement,

How can projects be controlled?

Pilot – Professional Mentoring Program The American Association of Blacks in Energy.

1 Data Strategy Overview Keith Wilson Session 15.

Digital Signature Technologies & Applications Ed Jensen Fall 2013.

Corporate Governance: Beyond Compliance at a time of Recession Prof. Ashley G. Frank BA(Econ)[Magna Cum Laude], MDPA (Cum Laude], MBA, MCom [Cum Laude],

Internal Auditing and Outsourcing

UNIVERSITY ACCOUNTABILITY An Ontario and New Zealand Perspective.

Functional Model Workstream 1: Functional Element Development.

Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.

Welcome Regional Skills Policy and Sector Skills Councils – An LSC Viewpoint 19 October Chris Minett Regional Skills Director.

The InCommon Federation The U.S. Access and Identity Management Federation

Government of CanadaGouvernement du Canada Service Transformation through Government On-Line Helen McDonald Director General, Office of the Chief Information.

Introduction to sparqs Hannah Clarke sparqs Development Advisor Heeding the Student Voice at universities Friday 15 th May 2015.

Reform and change in Australian VTE and implications for VTE research and researchers By Aurora Andruska 20 April 2006.

Management challenges and strategies: Unit M4. Learning outcomes By the end of this section, you will be able to; – Identify the key management challenges.

Demystifying the Business Analysis Body of Knowledge Central Iowa IIBA Chapter December 7, 2005.

Standards for Internal Control in the Government Going Green Standards for Internal Control in the Federal Government 1.

Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper.

Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.

March 2015 Inter-American Network for the Prevention of Violence and Crime.

Introduction to the CALD Aged Care Strategy Bruce Shaw Senior Policy Officer, Aged Care Federation of Ethnic Communities’ Councils of Australia (FECCA)

Garry Compton Manager Government Authentication ANTA Workshop 05/08/03 Canberra, Australia An update on Commonwealth Authentication.

Kevin Novak, Chair W3C Electronic Government Interest Group April 17, 2009.

Metrolina PMI Mentoring Program Metrolina PMI wants to provide avenues for members to get to network and grow professionally by developing contacts in.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

Improving Integration of Learning and Management Systems Paul Shoesmith Director of Technical Strategy Becta.

E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.

Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.

Higher Education PKI Summit Meeting August 8, 2001 The ABA PAG Rodney J. Petersen, J.D. Director, Policy and Planning Office of Information Technology.

Corporate Social Responsibility LECTURE 25: Corporate Social Responsibility MGT

Sustainable Urban Transport Planning General Presentation.

State of e-Authentication in Higher Education August 20, 2004.

AuEduPerson Schema Schema Derived from: - eduPerson - person [RFC 4517, RFC 4519] - organizationalPerson [RFC 4517, RFC 4519] - inetOrgPerson [RFC 2798]

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

CHARTER – User Intelligence Groups Group Objectives Scope & Activities Key Areas For Success  Visibility of expenditure on goods and services across the.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

Enterprise & Environment Directorate TRANSPORT FOR REGIONAL GROWTH 5 NOVEMBER 2015 Keith Winter, Executive Director, Enterprise and Environment, Fife Council.

Government and Industry IT: one vision, one community Vice Chairs April Meeting Agenda Welcome and Introductions GAPs welcome meeting with ACT Board (John.

CALD Inclusion in the Implementation of Aged Care Reform Bruce Shaw Senior Aged Care Policy Officer - Reforms Federation of Ethnic Communities’ Councils.

Workshop For Reviewers Operating the Developmental Engagements Prof. Dr. Hala SalahProf. Dr. Hoda ELTalawy.

Unpacking the Australian Professional Standard for Principals and the Leadership Profiles “If you don’t have a powerful point of view about what high quality.

Swimming SA Board Strategy Workshop 27 October 2012.

1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)

B IOCHEMICAL T ECHNOLOGY L EADERSHIP R OUNDTABLE (BTLR) Vision: A sustainable chemicals economy Scope: Chemicals made using bio-based and renewable technologies.

PROTECTING THE INTERESTS OF CONSUMERS OF FINANCIAL SERVICES Role of Supervisory Authorities Keynote Address to the FinCoNet Open Meeting 22 April 2016.

November | 1 CONTINUING CARE COUNCIL Report to Forum Year

Agency Briefing - Overview

Shared Services and Third Party Assurance: Panel May 19, 2016.

Connected Identity & the role of the Identity Bus Prabath Siriwardena Director of Security Architecture WSO2.

Task Design in Undergraduate Mathematics Leigh Wood Chair, Standing Committee on Mathematics Education Australian Mathematical Society Associated Dean,

Mary Montoya, CIO Bogi Malecki, Project Manager

Appropriate Access InCommon Identity Assurance Profiles

Presentation transcript:

Council of Australian University Directors of Information Technology Promoting and advancing the use and support of information technology in higher education Council of Australian University Directors of Information Technology An IAM Framework for Australian and NZ Higher Education and Research Patricia McMillan and Rodney McDuff The University of Queensland Presented at TNC 2009

Council of Australian University Directors of Information Technology What is CAUDIT? IT Directors & CIOs from higher education & research 57 members All Australian & NZ universities Some research organisations South Pacific & Papua New Guinea

Council of Australian University Directors of Information Technology CAUDIT Mission To enhance its members’ ability as key strategic advisers on the use of information technology in higher education.

Council of Australian University Directors of Information Technology CAUDIT Activities Procurement Benchmarking Green IT Professional development Technical standards –Newest committee, formed in 2008 –Chaired by Nick Tate, UQ

Council of Australian University Directors of Information Technology Technical Standards Committee Provides a process for agreeing and maintaining technical standards across higher education & research sector IAM framework Attributes for data exchange –Including auEduPerson specification eduroam policy for Australia

Council of Australian University Directors of Information Technology Why an IAM framework? IAM among the most important issues facing higher ed CIOs on annual surveys. –Number 3 CAUDIT issue this year, after Strategic Planning and Information Management Universities face greater IAM challenges than many other organisations. Federation means IAM is no longer an internal issue.

Council of Australian University Directors of Information Technology What are we building? An online compendium of IAM resources A wiki designed to grow through community contributions Information providing the benefit of the community's prior experiences A common language and shared vision A framework for prioritising actions

Council of Australian University Directors of Information Technology What the compendium contains Business case for IAM Glossary Framework for the spectrum of IAM processes Advice – evaluating technologies; federating with other organisations A set of resources

Council of Australian University Directors of Information Technology Some thoughts on identity The real meditation is the meditation on one’s identity. You try it. You try finding out why you’re you and not somebody else. And who in the blazes are you anyhow? Ezra Pound, US poet,

Council of Australian University Directors of Information Technology IAM lifecycle is? A sequence of orchestrated business processes –Performed by many actors –Governed by some set of policies –Implemented using some array of technologies All so that an individual can gain authorised access to some set of resources.

Council of Australian University Directors of Information Technology Prior to authorised access… Many processes & many actors Actors & relying parties may not understand their roles or how they fit into the bigger IAM picture Need a way to allow interested parties to understand the bigger picture –Relationships across business processes –Policies, technologies, actors –How to measure improvement

Council of Australian University Directors of Information Technology The Framework

Council of Australian University Directors of Information Technology Governance and policy The most important of the 6 classes –Often the most neglected How are the enterprise’s IAM business processes to be achieved? How may the enterprise’s policies constrain or shape this achievement? Who within the enterprise is responsible for the various IAM processes and sub-processes? When are these processes enacted?

Council of Australian University Directors of Information Technology Identification and credentialing How to identify the “digital subject” Associating a set of claims and attributes with the digital subject Issuing credentials to the digital subject to bind the subject and its “digital identity” to some level of assurance

Council of Australian University Directors of Information Technology Attribute aggregation As soon as a subject is identified it can start to accrue attributes –Firstname, surname, etc Attributes are stored in Systems of Record Even within a single enterprise, digital identities are often scattered across many Systems of Record An aggregator such as a metadirectory can construct a consolidated view

Council of Australian University Directors of Information Technology Authentication & assertions Authentication is the act of proving possession of the authentication credentials –Binds the subject to its digital identity for the duration of the transaction When the subject authenticates an assertion is normally constructed –May range from a simple OK response to a digitally signed SAML assertion

Council of Australian University Directors of Information Technology Transport Once an assertion has been constructed it must be transported to the relying party –Possibly to make an informed authorisation decision Relying parties need to understand the risks of the transport mechanism –Same server? High assurance –Over a network? May not be as high

Council of Australian University Directors of Information Technology Relying parties & resources Relying parties shoulder most of the risk in an IAM transaction Relying parties process assertions according to –The information in the assertion –The ability to verify the truth of the assertion –Their own business needs, processes, risk analysis, obligations, etc

Council of Australian University Directors of Information Technology IAM Compendium Six volumes, one for each framework class. –Policy considerations –Risk assessment, risk management, LoAs –Relevant standards –Evaluating technology solutions –Maturity model –Federating with other organisations –Communication and education –Resources for further information

Council of Australian University Directors of Information Technology Current status Overview of the framework Glossary Business case to support enterprise IAM projects Around 30 participants in Australia & NZ

Council of Australian University Directors of Information Technology Contributors welcome! Case studies on IAM in your organisation Policy considerations and risk management for IAM Good IAM processes and practices extending to all parts of an enterprise How to evaluate technology solutions Pointers to useful resources on IAM Comments and feedback as sections are added

Council of Australian University Directors of Information Technology How to participate Accepts authentication credentials from –Australian Access Federation Pilot –ProtectNetwork –OpenID –Agreements with other federations in progress or for authorisation and to go on the mailing

Council of Australian University Directors of Information Technology A final thought on identity Americans may have no identity, but they do have wonderful teeth. Jean Baudrillard, French semiologist