ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan

Slides:



Advertisements
Similar presentations
Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.
Advertisements

EIONET Training Beginners Zope Course Miruna Bădescu Finsiel Romania Copenhagen, 27 October 2003.
AD User Import From SIMS.NET
Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Extern name server - translates addresses of s messages - enables users to use aliases - … ID cards system - controls entrance to buildings,
Inter-Institutional Registration UNC Cause December 4, 2007.
Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.
CNRIS CNRIS 2.0 Challenges for a new generation of Research Information Systems.
Password?. Project CLASP: Common Login and Access rights across Services Plan
Active Directory: Final Solution to Enterprise System Integration
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Ch 12 Distributed Systems Architectures
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
System Architecture University of Maryland David Henry Office of Information Technology December 6, 2002.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
Securing Access in a Heterogeneous Network Environment Providing Interoperability between Microsoft Windows 2000 and Heterogeneous Networks Securing Authentication.
Chapter 7 WORKING WITH GROUPS.
Windows 2000 and Active Directory Services at UQ Scott Sinclair Senior Systems Programmer Software Infrastructure Group
Todd K. Watson Information Technology Services LDAP Authentication 2003 IT Fall Retreat Associated Colleges of the.
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:
Chapter 11: Directory Services. Directory Services A directory service is a database that contains information about all objects on the network. Directory.
August 25, SSO with Microsoft Active Directory Presented by: Craig Larrabee.
Linux Windows Integration Can’t we all just get along?
AAI with simpleSAMLphp
Internet-Based Client Access
About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.
Networked Application Architecture Design. Application Building Blocks Application Software Data Infrastructure Software Local Area Network Server Desktop.
1 Web Server Administration Chapter 1 The Basics of Server and Web Server Administration.
LOGO Server. Contents Introduction 1 Problem Definition 2 Proposed Solution 3 Architecture Diagram 4 Server Technology 5 Hardware and Software.
NETWORK FILE ACCESS SECURITY Daniel Mattingly EKU, Dept. of Technology, CEN/CET.
Current State Of NetID By Jonathan Higgins Presentation Template available from Microsoft A low cost Identity Management Implementation Guide.
FTP Server and FTP Commands By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.
In the web address box enter Enter your user ID (first and last initial 7 digit ID number) Select Log in.
Directory and File transfer Services By Jothi. Two key resources Lightweight Directory Access Protocol (LDAP) File Transfer protocol Secure file transfer.
authenticated networked guided environment for learning - secure integration of learning environments with digital libraries - Current.
10.1 Silberschatz, Galvin and Gagne ©2005 Operating System Principles 10.4 File System Mounting A file system must be mounted before it can be accessed.
1 Welcome to CSC 301 Web Programming Charles Frank.
10/25/20151 Single Sign-On Web Service Supervisors: Viktor Kulikov Alexander Sherman Liana Lipstov Pavel Bilenko.
Accelerating the introduction of e-learning services in Upatras The challenges of integration with telematic infrastructure Dr Victoria Daskalou
VirtuaGrades A Web-Based Gradebook Application Don Tinsley CS 470 Project.
LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.
Using RADIUS as a AAA backbone for Windows networks Kostas Kalevras NTUA Network Operations Centre.
Permissions Lesson 13. Skills Matrix Security Modes Maintaining data integrity involves creating users, controlling their access and limiting their ability.
Intranets, Extranet, Internet and Portals Prof. Sujata Rao Lesson 15.
© 2005,2006 NeoAccel Inc. Partners Presentation Authentication & Access Control.
Integrating Active Directory with eDirectory ™ Using Novell Account Manager Reid Oakes Technical Team Manager Novell, Inc.
® IBM Software Group ©IBM Corporation IBM Information Server Architecture Overview.
Configuring and Deploying Web Applications Lesson 7.
Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw.
The Pennsylvania State University © 2007 Web-Based Access Control for ITS Web Services, Present and Future Jeffrey C. D’Angelo, Programmer/Analyst, Enabling.
ICC eTerms Repository Supporting the PKI infrastructure and secure electronic commerce Janjaap Bos Dublin, June 2000.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.
Samba
DCE Deployment at PSU Steven Kellogg Director, Advanced Information Technologies Center for Academic Computing
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
New Developments in Central Directory Service and Account Provisioning Dan Menicucci Enterprise Architect - University of Pittsburgh.
Federated Identity Management at Virginia Tech
ACTIVE DIRECTORY ADMINISTRATION
Working at a Small-to-Medium Business or ISP – Chapter 7
Working at a Small-to-Medium Business or ISP – Chapter 7
ESA Single Sign On (SSO) and Federated Identity Management
Working at a Small-to-Medium Business or ISP – Chapter 7
Dartmouth College Status Report
ACTIVE DIRECTORY An Overview.. By Karan Oberoi.
Managing a Distributed Environment
Developing with uConnect
Presentation transcript:

ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan

16/02/2012The 33rd APAN Meeting 5 Faculties Approx. 7,000Students 2,000 Faculty Members

ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

Backgrounds Information Literacy Education (1990 〜 ) Deployments of Self-maintained Online Systems with Web (2000 〜 ) 16/02/2012The 33rd APAN Meeting

Contents What is ID ? Backgrounds of ID Management History ID Management Systems in Saga University Issues in Implementations Conclusion 16/02/2012The 33rd APAN Meeting

What is ID ? ID is an identifier for each user – A symbol of yourself in ICT world – Known as “User ID” ID is used in authentication procedure with a password – Login 16/02/2012 The 33rd APAN Meeting

ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

Backgrounds of ID Management History Information Literacy Education (1990 〜 ) Deployments of Self-maintained Online Systems with Web (2000 〜 ) 16/02/2012The 33rd APAN Meeting

PC Room History in Saga University 16/02/2012The 33rd APAN Meeting 1990 〜 〜 1998

16/02/2012The 33rd APAN Meeting Windows & UNIX dual boot system (1998 – 2002)

ID Management Technologies UNIX – /etc/passwd – NIS (Network Information Service) Microsoft Windows – DC (Domain Controller) – AD (Active Directory) The 33rd APAN Meeting For small system For networked system For novel system For stand-alone system 16/02/2012

Different IDs and passwords The 33rd APAN Meeting sato1 pw1 sato2 pw2 Inconvenient !! Windows UNIX 16/02/2012

Same ID and password without Synchronization The 33rd APAN Meeting sato pw1 sato pw1 Inconvenient !! Not changed UNIX Windows sato pw2 Change! 16/02/2012

Same ID and password with Synchronization The 33rd APAN Meeting Convenient !! UNIX Windows Directory Server authentication Password change 16/02/2012

ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

Deployments of Self-maintained Online Systems with Web Online Systems – – Educational affairs Syllabus, Evaluation, Registration – Digital Library Teachers’ DB What ware changed ? – More personalized – Self-maintained 16/02/2012The 33rd APAN Meeting

e.g. Teachers’ DB Teachers’ directory – Gathering activities of all professors – Research, Education, Social activities, etc.. These outcomes become basics and evidences for the evaluation of university Who inputs data ? – By themselves 16/02/2012The 33rd APAN Meeting

16/02/2012The 33rd APAN Meeting

ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) NIS/NIS+AD General WindowsLinux IMAP4S FTP POP3S Other Servers (e.g. PHP based) Saga /02/2012

Unified User DB Master database for user attributes – User ID – Initial password – Full name – Affiliation – Title – Position – etc … Authentication Infrastructure The 33rd APAN Meeting 16/02/2012

The 33rd APAN Meeting Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) NIS/NIS+AD General WindowsLinux IMAP4S FTP POP3S Other Servers (e.g. PHP based) Saga /02/2012

The 33rd APAN Meeting

Shibboleth Increasing Web-based systems Inconvenience – Entering User ID and Password many times – More secure way Opengate – A captive portal type network user authentication system 16/02/2012The 33rd APAN Meeting

16/02/2012The 33rd APAN Meeting

Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga /02/2012

The 33rd APAN Meeting

16/02/2012The 33rd APAN Meeting

Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting

16/02/2012The 33rd APAN Meeting Research associate PhD course student Case 1 2 IDs Case 2 1 ID has 2 attributes user1user2 Research associate PhD course student

ID Naming Rules Random based ? Name based ? Same family and personal name ? Same with Student ID ? 16/02/2012The 33rd APAN Meeting

Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting

16/02/2012The 33rd APAN Meeting

Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga /02/2012

Data Transfer Method Online ? – Data format CSV ? XML ? – Real-time transactions or Batch jobs ? Both ? Offline ? – Data format ? – Media type DVD ? MO ? 16/02/2012The 33rd APAN Meeting

Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga /02/2012

Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting

Conclusion What is ID ? Backgrounds of ID Management History ID Management Systems in Saga University Issues in Implementations 16/02/2012The 33rd APAN Meeting

Acknowledgements NTT DATA KYUSHU Corporation Net One Systems CO. LTD. 16/02/2012The 33rd APAN Meeting

16/02/2012The 33rd APAN Meeting

ID Management Technologies LDAP ( Lightweight Directory Access Protocol ) – Directory services Active Directory has LDAP functions – Windows 2003 server and later versions The 33rd APAN Meeting UNIX Windows User authentication User authentication 16/02/2012

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.