Download presentation
Presentation is loading. Please wait.
Published byTyrone Paul Modified over 9 years ago
1
ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan watanabe@is.saga-u.ac.jp
2
16/02/2012The 33rd APAN Meeting 5 Faculties Approx. 7,000Students 2,000 Faculty Members
3
ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting
4
Backgrounds Information Literacy Education (1990 〜 ) Deployments of Self-maintained Online Systems with Web (2000 〜 ) 16/02/2012The 33rd APAN Meeting
5
Contents What is ID ? Backgrounds of ID Management History ID Management Systems in Saga University Issues in Implementations Conclusion 16/02/2012The 33rd APAN Meeting
6
What is ID ? ID is an identifier for each user – A symbol of yourself in ICT world – Known as “User ID” ID is used in authentication procedure with a password – Login 16/02/2012 The 33rd APAN Meeting
7
ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting
8
Backgrounds of ID Management History Information Literacy Education (1990 〜 ) Deployments of Self-maintained Online Systems with Web (2000 〜 ) 16/02/2012The 33rd APAN Meeting
9
PC Room History in Saga University 16/02/2012The 33rd APAN Meeting 1990 〜 19941994 〜 1998
10
16/02/2012The 33rd APAN Meeting Windows & UNIX dual boot system (1998 – 2002)
11
ID Management Technologies UNIX – /etc/passwd – NIS (Network Information Service) Microsoft Windows – DC (Domain Controller) – AD (Active Directory) The 33rd APAN Meeting For small system For networked system For novel system For stand-alone system 16/02/2012
12
Different IDs and passwords The 33rd APAN Meeting sato1 pw1 sato2 pw2 Inconvenient !! Windows UNIX 16/02/2012
13
Same ID and password without Synchronization The 33rd APAN Meeting sato pw1 sato pw1 Inconvenient !! Not changed UNIX Windows sato pw2 Change! 16/02/2012
14
Same ID and password with Synchronization The 33rd APAN Meeting Convenient !! UNIX Windows Directory Server authentication Password change 16/02/2012
15
ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting
16
Deployments of Self-maintained Online Systems with Web Online Systems – E-mail – Educational affairs Syllabus, Evaluation, Registration – Digital Library Teachers’ DB What ware changed ? – More personalized – Self-maintained 16/02/2012The 33rd APAN Meeting
17
e.g. Teachers’ DB Teachers’ directory – Gathering activities of all professors – Research, Education, Social activities, etc.. These outcomes become basics and evidences for the evaluation of university Who inputs data ? – By themselves 16/02/2012The 33rd APAN Meeting
18
16/02/2012The 33rd APAN Meeting
19
ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting
20
Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) NIS/NIS+AD General WindowsLinux IMAP4S FTP POP3S Other Servers (e.g. PHP based) Saga Univ. @ 2002 16/02/2012
21
Unified User DB Master database for user attributes – User ID – Initial password – Full name – Affiliation – Title – Position – etc … Authentication Infrastructure The 33rd APAN Meeting 16/02/2012
22
The 33rd APAN Meeting Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) NIS/NIS+AD General WindowsLinux IMAP4S FTP POP3S Other Servers (e.g. PHP based) Saga Univ. @ 2002 16/02/2012
23
The 33rd APAN Meeting
24
Shibboleth Increasing Web-based systems Inconvenience – Entering User ID and Password many times – More secure way Opengate – A captive portal type network user authentication system 16/02/2012The 33rd APAN Meeting
25
16/02/2012The 33rd APAN Meeting
26
Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga Univ. @ 2010 16/02/2012
27
The 33rd APAN Meeting
28
16/02/2012The 33rd APAN Meeting
29
Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting
30
16/02/2012The 33rd APAN Meeting Research associate PhD course student Case 1 2 IDs Case 2 1 ID has 2 attributes user1user2 Research associate PhD course student
31
ID Naming Rules Random based ? Name based ? Same family and personal name ? Same with Student ID ? 16/02/2012The 33rd APAN Meeting
32
Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting
33
16/02/2012The 33rd APAN Meeting
34
Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga Univ. @ 2010 16/02/2012
35
Data Transfer Method Online ? – Data format CSV ? XML ? – Real-time transactions or Batch jobs ? Both ? Offline ? – Data format ? – Media type DVD ? MO ? 16/02/2012The 33rd APAN Meeting
36
Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga Univ. @ 2010 16/02/2012
37
Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting
38
Conclusion What is ID ? Backgrounds of ID Management History ID Management Systems in Saga University Issues in Implementations 16/02/2012The 33rd APAN Meeting
39
Acknowledgements NTT DATA KYUSHU Corporation Net One Systems CO. LTD. 16/02/2012The 33rd APAN Meeting
40
16/02/2012The 33rd APAN Meeting
41
ID Management Technologies LDAP ( Lightweight Directory Access Protocol ) – Directory services Active Directory has LDAP functions – Windows 2003 server and later versions The 33rd APAN Meeting UNIX Windows User authentication User authentication 16/02/2012
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.