Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authorization in UCTrust

Published byPhebe Robinson Modified over 5 years ago

Similar presentations

Presentation on theme: "Authorization in UCTrust"— Presentation transcript:

1 Authorization in UCTrust
David Walker Information and Educational Technology University of California, Davis ucdavis.edu

2 The Problem How do we authorize people to use applications via UCTrust? Two possible scenarios Campuses make authorization decisions and transmit them to applications Application management makes authorization decisions, based on identities provided by campuses

3 Some Definitions Affiliation / group – A person's relationship to the organization Student, employee, PS201 class member, ... Role – A person's purpose for the organization Low-value purchaser, IdM administrator, parent, ... Entitlement / permission – Something a person is allowed to do Access library materials, view general ledger, ...

4 The Big Picture (I Think)‏
App IdM App App Signet Grouper App KIM Shib App IdM App AuthN App IdM Signet Grouper Auth Srcs Signet Grouper

5 CO-Manage Demo

Download ppt "Authorization in UCTrust"

Similar presentations

From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…

From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…
1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.

1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.
Multi-Organizational Authorization Services RL “Bob” Morgan, University of Washington Internet2/Educause Advanced CAMP Boulder, Colorado July 2003.

Multi-Organizational Authorization Services RL “Bob” Morgan, University of Washington Internet2/Educause Advanced CAMP Boulder, Colorado July 2003.
Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.

Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.
Information Resources and Communications University of California, Office of the President Information Technology Services The California State University.

Information Resources and Communications University of California, Office of the President Information Technology Services The California State University.
A Middleware Unified Field Theory Identity Management / Directories Privileges / Groups Single Sign-On / Federation Enterprise Integration from network.

A Middleware Unified Field Theory Identity Management / Directories Privileges / Groups Single Sign-On / Federation Enterprise Integration from network.
UABgrid Identity Infrastructure John-Paul Robinson, David Shealy, UAB, IT Infrastructure Services Educause.

UABgrid Identity Infrastructure John-Paul Robinson, David Shealy, UAB, IT Infrastructure Services Educause.
UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.

UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Introduction to Grouper. Open source, community-driven project of the Internet2 Middleware Initiative Initial release v0.5 in December 2004 Grouper originally.

Introduction to Grouper. Open source, community-driven project of the Internet2 Middleware Initiative Initial release v0.5 in December 2004 Grouper originally.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Managing Information UT November 13-14, 2008 Campus Identity and Access Management Services.

Managing Information UT November 13-14, 2008 Campus Identity and Access Management Services.
A Model for Enterprise Group and Affiliation Management RL “Bob” Morgan University of Washington CAMP, June 2005.

A Model for Enterprise Group and Affiliation Management RL “Bob” Morgan University of Washington CAMP, June 2005.
Deciding Who’s on First?: Establishing the Identity Management Leadership Group October 11, 2006 Dallas.

Deciding Who’s on First?: Establishing the Identity Management Leadership Group October 11, 2006 Dallas.
Technical Overview of Kuali Rice UC Davis, Information & Educational Technology January 2009.

Technical Overview of Kuali Rice UC Davis, Information & Educational Technology January 2009.
1 A Case for Collaborative Identity Management in a Complex Decentralized Environment Andrea Beesing Assistant Director, IT Security and David Yeh Assistant.

1 A Case for Collaborative Identity Management in a Complex Decentralized Environment Andrea Beesing Assistant Director, IT Security and David Yeh Assistant.
Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.

Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.
Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.

Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.
1 Early Adopters / Deployers Patterns and criteria for distinguishing roles and groups-based access control vs. privilege management. Why use one or the.

1 Early Adopters / Deployers Patterns and criteria for distinguishing roles and groups-based access control vs. privilege management. Why use one or the.

Similar presentations

Ads by Google