KEAS K-State Enterprise Authentication System CITAC April 26, 2002.

Slides:



Advertisements
Similar presentations
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Advertisements

Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.
Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.
Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.
Identity Management Realities in Higher Education NET Quarterly Meeting January 12, 2005.
Password?. Project CLASP: Common Login and Access rights across Services Plan
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.
Active Directory: Final Solution to Enterprise System Integration
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
CNI Fall 1998 Access Management Requirements and Approaches Joan Gargano California Digital Library
The PKI Lab at Dartmouth. Dartmouth PKI Lab R&D to make PKI a practical component of a campus network Multi-campus collaboration sponsored by the Mellon.
Public Key Infrastructure at the University of Pittsburgh Robert F. Pack, Vice Provost Academic Planning and Resources Management March 27, 2000 CNI Spring.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
Security and Policy Enforcement Mark Gibson Dave Northey
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
Middleware & Enterprise Services at College Park David Henry Office of Information Technology November 16, 2001.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
System Architecture University of Maryland David Henry Office of Information Technology December 6, 2002.
SIMI: ISO Perspective Al ISO CSU Northridge
Identity Management and PKI Credentialing at UTHSC-H Bill Weems Academic Technology University of Texas Health Science Center at Houston.
Streamlining Support and Management through the Implementation of Active Directory Educause 2003 Mid-Atlantic Regional Gale D. Fritsche –
Information Technology Challenges in ERP - Duke University 1 IT Challenges in ERP Chris Meyer Duke University.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
Inside the PKI Framework: * Activating the Puzzle Pieces PKI Summit Snowmass August
Web Application Authentication with PKI & Other Functions Bill Weems & Mark B. Jones Academic Technology University of Texas Health Science Center at Houston.
Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.
Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.
Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.
Unified Student-Centric Authentication and Authorization Nathan Wilder Special Assistant - Technology Office of the CIO.
ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan
Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.
1 Simon: What, How and Why Jon Finke Communication and Middleware Technology.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
1 Personal Digital Certificates at Virginia Tech: Who Are You? Mary Dunker Internet-2 December 4, 2006
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
PeopleSoft 101 A preview for CSUDH faculty November 2007 By Tim Farris and Marion Smith CSUDH Administrative Information Systems.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
GatorLink Password Management Policy March 31, 2004.
HAKA project HAKA User administration inside Finnish Higher Education Institutes results from the KATO project Barbro Sjöblom EDS 2003 Uppsala.
USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
Single Sign-On
Password? CLASP Project FOCUS Meeting, 12 October 2000 Denise Heagerty, IT/IS.
1 Choosing the Right Wand (or for those who like boring titles – Managing Account Passwords: Policies and Best Practices) Harvard Townsend IT Security.
FSU Metadirectory Project The Issue of Identity Management Executive Overview.
Jim Farmer As presented at the Portals2007 “Up and Running” Conference 7 June 2007 | Gettysburg College, Gettysburg PA USA From pilot to enterprise portal.
Information Technology Current Work in System Architecture January 2004 Tom Board Director, NUIT Information Systems Architecture.
FSU Metadirectory Project The Issue of Identity Management Executive Overview
Middleware CAMP Day 2. Current Research Research that develops th e…
A Unified Digital Campus: Marshall University’s Solution Presented by: Terri L. Tomblin-Byrd Bradley Morgan.
Identity Management and RIAS November 2010 Don Smith OIT, Rutgers University.
Copyright Statement Copyright Robert J. Brentrup This work is the intellectual property of the author. Permission is granted for this material to.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Virtual Directory Services and Directory Synchronization May 13 th, 2008 Bill Claycomb Computer Systems Analyst Infrastructure Computing Systems Department.
Secure Enterprise Technology Initiatives e-Provisioning Group
Identity Management at the University of Florida
Recruiting and Onboarding Project
Presentation transcript:

KEAS K-State Enterprise Authentication System CITAC April 26, 2002

CITAC Briefing2 Project Management Staff Harvard Townsend Senior Management Sponsor Neil Erdwien Senior Technical Sponsor Chuck Gould Project Manager Project Web Site: keas.cns.ksu.edu

April 26, 2002CITAC Briefing3 Agenda Project scope – Harvard Authentication 101 – Neil Discussion/Questions

April 26, 2002CITAC Briefing4 The Goal Build a university-wide directory and authentication service to support authorized access to university information and technology resources. Store identity + role information about EVERYONE affiliated with K-State. Using state IT Project Management Methodology to guide the process Expect to complete phase I in April, 2003

April 26, 2002CITAC Briefing5 Why? Multiple IDs and passwords –Goal: One (few?) ID and password to remember –Goal: Uniform ID name space Complexity for user and for system administrators –Goal: Reduced frustration for users and simplified access to IT resources –Goal: Reduced management costs –Goal: Replace current CNS ID management system Support for distance students –Goal: Same access as resident students –Goal: Instant access

April 26, 2002CITAC Briefing6 Why? Support new applications –Foundation technology for III, SIS/FRS, digital library, portal, wireless networking, Peoplesoft 8, etc. Improve security –Fewer passwords to keep track of –Password stored in fewer places –Can force choosing “good” passwords –Simplifies shutting off people’s access

April 26, 2002CITAC Briefing7 Why? Authenticate with other universities –Goal: support EDUCAUSE EduPerson initiative –Goal: Inter-realm authentication with KU Transaction integrity (PKI) –Goal: encrypt –Goal: validate sender –Goal: guarantee message not altered

April 26, 2002CITAC Briefing8 Phase 1 Uniform ID/name space Build directory service with ID/password authentication Directory-enable central services managed by CNS: –Central server (POP/IMAP) –Central UNIX and Web servers –Netscape Calendar –SAMBA server –Remote access to library electronic journals and databases

April 26, 2002CITAC Briefing9 Phase 2 Possibilities K-State Online KATS Telecom dialup modems PeopleSoft Wireless network Novell NDS Microsoft Active Directory Departmental servers/applications

April 26, 2002CITAC Briefing10 Later Phases K-State Web Portal III SIS/FRS replacement Authenticate with other universities Public Key Infrastructure (PKI) for digital signatures, secure messaging Single sign-on where you authenticate once and get access to all the services you need without re- entering the authentication information

April 26, 2002CITAC Briefing11 Authentication 101 Neil Erdwien

April 26, 2002CITAC Briefing12

April 26, 2002CITAC Briefing13 Authentication vs. Authorization Authentication is checking credentials to verify identity Authorization is the use of identity to control access to resources

April 26, 2002CITAC Briefing14

April 26, 2002CITAC Briefing15

April 26, 2002CITAC Briefing16

April 26, 2002CITAC Briefing17

April 26, 2002CITAC Briefing18 Unified Name Space Existing systems have separate name spaces Integration with KEAS will have name conflicts Possible scenarios (3-8 character IDs) –Eliminate student license plate IDs? –Personal preference, first come, first serve for all faculty, staff, and students? –Standard naming convention? 1 st initial, first 7 characters of last name 1 st initial, 2 nd initial, first 6 characters of last name Conflict resolution, i.e. Steering committee will decide in June.

April 26, 2002CITAC Briefing19 Questions?

April 26, 2002CITAC Briefing20

April 26, 2002CITAC Briefing21 Who Is On The Steering Committee? John Streeter, ISO Mike Crow, Registrar Patricia Havenstein, Human Resources Tom Schellhardt, VPAF Roger Terry, IET Robert Burgess, Housing Pat Akard, Faculty Senate Karen Cole, Hale Library Rebecca Gould, iTAC Rob Caffey, DCE Dave Hillier, DIA Gail Simmonds, Salina Andrew Bell, Student Senate

April 26, 2002CITAC Briefing22 How Long Will The Project Take? Project plan approved January 25, Requirements defined – January through mid-May LDAP solutions tested and selected – January through February Design developed – mid-May through June LDAP server implemented – July through October Phase 1 applications converted to KEAS – November through mid-February –UNIX, UNIX , Samba server –Hale Library services –K-State web server, central calendar server – forwarding, White pages Documentation finalized, project closeout – mid-April 2003.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.