Download presentation
Presentation is loading. Please wait.
Published byHugo Henry Modified over 9 years ago
1
© 2011 The University of Chicago InCommon Silver Implementation at UChicago Tom Barton 1
2
Which people will need Silver? Time frame sooner later User group size smaller larger NI H TeraGri d Open Science Grid CILogon NSCNat’l Labs CIC shared storage CIC CourseShare Payroll caBIG Benefits Student Loans Financial aid TIAA- CREF research.go v
3
Support research & scientific collaborations Ability to deliver SaaS solutions with higher LoA Enhance local confidence in our ability to manage access Eg, allay Registrar’s concerns with students using UChicago netIds for transcript delivery All faculty, staff, and students needing Silver should be able to get it, easily But most won’t need it right away, so don’t make them do anything special until they do 3 UChicago Silver Objectives
4
Central IdM one of several activities supported by a staff pool – inability to sustain focus on IdM Inadequate operating practices and doc Unknown if HR on-boarding process good enough to leverage as-is Student admissions process most likely not ID Card office co-operative with ITS & Library UC Medical Center IdM user account management integrated with central IdM but separate password store 4 Circumstances – Initial State
5
Re-org IdM Use existing username/password credentials Stored in LDAP and in Active Directory Leverage ID card issuing process to meet Silver identity vetting & credential issuance requirements Strengthen management of ID Card office Assimilate ID Card back-end operations into central IdM 5 Implementation Approach
6
Move IdM servers to central sysadmin group Document operating practices of both groups Provide IT Security an opportunity to define good operating practices Plan IdM audit with Risk Management Extend IdMS to track who has met which Silver pre-requisites (ID vetting, good password, no security hold) 6 Implementation Approach
7
Managing password exposure browserIdP/logi n authN service 1 app authN service 2 app IdM S password sync VaTech-style policy to apply to all apps
8
Medical Center Unlikely to be needed soon (Drs are BSD faculty and have centrally-issued credentials) identity vetting options independent ID Card office eventually to be assimilated leverage HR on-boarding process ID vetting for remote people needing Silver Predicated on anticipated specifications in InCommon Silver IAP v1.1 8 Unknowns
9
Are you organized to enable a Silver implementation (if you wanted to do it)? And are the necessary stakeholder relationships in good shape? 9
10
What would motivate you to start a Silver implementation? What obstacles hinder that? 10
11
Do you already have the right set of tools, operating practices, and technologies to fold into a Silver implementation? 11
12
The CIC has found it extremely helpful to go together, as a cohort. Do you have any friends to share the experience with? Do you want some? 12
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.