Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project.

Slides:



Advertisements
Similar presentations
Athens and Shibboleth ® : the choices Phil Leahy Athens Product Manager.
Advertisements

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.
FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
College An insight Into the College VLE Graham Mason
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
Sponsored by the National Science Foundation Campus Policies for the GENI Clearinghouse and Portal Sarah Edwards, GPO March 20, 2013.
1 Collaborators at the Gates of Troy: Extending eServices at USC.
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.
Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
A case for Shibboleth and grid security: are we paranoid about identity? UK e-Science All Hands Meeting, 2006 Mark Norman 19 Sept 2006.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Shibboleth access management: a replacement for Athens and more? Mark Norman and Christian Fernau OUCS 21 June 2007.
Federated Shibboleth, OpenID, oAuth, and Multifactor | 1 Federated Shibboleth, OpenID, oAuth, and Multifactor Russell Beall Senior Programmer/Analyst University.
Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.
TRANSACTION SERVICES ADVISORY Romania conference – IPO process Victor Kevehazi, Senior Partner 18 October 2005.
1 EDUCAUSE Midwest Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit Mark.
Chapter 10: Authentication Guide to Computer Network Security.
Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Supporting further and higher education Current A&A Developments in the UK Alan Robiette, JISC Development Group.
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
Identity and Access Management PM COP Forum May 20, 2014Tuesday10100 AMLamont Library.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper.
Prepared for IAC Scott Baily, Interim Director of ACNS August 13, 2008.
PIV 1 Ketan Mehta May 5, 2005.
Supporting further and higher education Middleware and AA within the JISC Environment Nicole Harris, JISC Development Group.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
UK Access Management Federation Matthew Dovey Programme Director, Digital Infrastructures (Research) 10 June 2011 CERN.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
THE SELF-STUDY “OUR EXPERIENCE” MAJAN COLLEGE (UNIVERSITY COLLEGE )
United Nations Workshop on Principles and Recommendations for a Vital Statistics System, Revision 3, for African English-speaking countries Addis Ababa,
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.
Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
Richard Walker, University of York Jebar Ahmed, University of Huddersfield Julie Voce, Imperial College London ALT-C September 2012.
Major Project Governance Assessment Toolkit Mark Ritchie, University of Edinburgh Pauline Woods-Wilson, Lancaster University Project and Change Management.
Ad-hoc Lists / Opt-In Problem Definition Access rules for many applications and services cannot be derived from an authoritative source and must therefore.
1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.
QAA COLLABORATIVE PROVISION AUDIT DRAFT REPORT. QAA CPA Process Submission by the University of Self Evaluation Document (SED) (December 2005) Selection.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
University of Southern California Identity and Access Management (IAM)
Configuration Management
Identity Management (IdM)
e-Infrastructure Workshop 28th March 2006, University of Leeds
State of e-Authentication in Higher Education Bernie Gleason
Grid Security M. Jouvin / C. Loomis (LAL-Orsay)
University of Southern California Identity and Access Management (IAM)
NSF Middleware Initiative: GridShib
Identity Management at the University of Florida
Supporting Institutions Towards a Shibbolized Infrastructure
KC-ROLO Project Kidderminster College – Repository Of Learning Objects
Presentation transcript:

Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project

2 What is identity? The sameness of a person or thing at all times or in all circumstances; the condition or fact that a person or thing is itself and not something else (Oxford English Dictionary) Which is not to say that attributes attached to an identity cannot change e.g. address

3 What is identity management (IdM)? Establishing, verifying and maintaining identity –Informal: self-assertion / hearsay –Official: birth certificates, passports, ID cards, biometrics –IT: passwords, certificates, chip cards, biometrics Access management –Authentication, policies, roles, groups, privileges, federations Targeting –Push / pull of data / services that are relevant and appropriate Provisioning –Timely, consistent and accurate data throughout systems Auditing –Who did what, when and under what authority?

4 The Identity Project JISC sponsored. Undertaken by LSE and Cardiff. Produced: –a comprehensive broad survey of the current state of IdM in UK academic institutions; –a set of in-depth audits of IdM in a representative set of institutions. and also: –investigated practice and policy around institutional membership; –investigated how having NHS links affects an institution's requirements from IdM –investigated how having Grid Infrastructure affects an institution's requirements from IdM –identified common problems (and their solutions if possible) with regards to institutional IdM –attempted to establish consensus on best practice in IdM –identified areas where further work is required

5 Why a toolkit? Bristol wanted concrete recommendations – similar to the UCISA Information Security Toolkit JISC keen to use results of Identity Project to help institutions implement best practice IdM Cardiff and LSE will largely produce the toolkit. Bristol and Kidderminster will road test the toolkit 18 month project starting from January 2009 Production Toolkit to be published/launched at JISC and UCISA annual conferences in March 2010

6 Structure of the toolkit 1.Definitions (including constituent components) 2.Requirements 3.How to conduct a readiness audit 4.How to conduct a gap analysis 5.How to make a business case 6.How to create a roadmap 7.Summary of available system solutions 8.Walk-in users & network access

7 Example issues Bristol would like to solve 1.Grey users 2.Roles and relationships 3.Duplication and consistency

8 Issue 1: grey users A grey user is someone who is not an official student or member of staff but who needs access to University systems e.g. Library, VLE Sometimes made an honorary member of staff Often given local accounts on individual systems Would like to: –mainstream users in central system without having to make everyone an honorary member of staff –use federated (Shibboleth) identities when available –apply appropriate policies to different classes of user

9 Issue 2: roles and relationships Departments know which staff (including grey users) teach which students, when, and where, but, when we do vertical projects e.g. timetabling, id cards (for buildings access), VLE, CMS and Portal, there is little appropriate central data and no guarantee that what we have is up-to-date Don’t know structures below organisational unit or who manages who

10 Issue 3: duplication and consistency Bristol has a very devolved structure – so faculties, departments and other units often develop separate systems and policies We are in danger of solving similar problems in different (incompatible) ways for different systems – and we would rather not do that! Need central system which can support the devolved structure but allow common policies

11 Links Identity Project – frastructure/identity.aspxhttp:// frastructure/identity.aspx Identity Management Toolkit Project – m/idmtoolkit.aspxhttp:// m/idmtoolkit.aspx UCISA Information Security Toolkit –

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.