Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”

Published byJohnathan Fisher Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”"— Presentation transcript:

1 1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”

2 2 Presentation Overview Brief Introduction to Identity & Access Management (IAM) Concepts Why IAM is important to Penn State Starting Up the IAM Effort Working on IAM Together Eight Key Recommendations Keeping the Momentum Going

3 3 IAM Defined “An administrative process coupled with a technological solution which validates the identity of individuals and allows owners of data, applications, and systems to either maintain centrally or distribute responsibility for granting access to their respective resources to anyone participating within the IAM framework.” - NYS Forum

4 4 Three Core Concepts People and Relationships Creation and Management of Identities Access to Data and Applications

5 5 People and Relationships Different types of affiliations –Formal vs. Casual Multiple affiliations Affiliation life-cycles

6 6 Creation & Management of Identities Vetting – collection and validation of identity information Proofing – aligning collected data and matching an actual person Issuance of credentials –ID/password pair –ID card –2 nd factor token

7 7 Access to Data & Applications Connecting people to data and services Authentication decisions –Knowing who Authorization decisions –Affiliation type, status, level of assurance, roles and other attributes.

8 8 Why IAM is Important to Penn State Four foundational goals –Increase collaboration and innovation –Improve customer service –Increase efficiency –Improve security of digital assets and mitigation of risk

9 9 Real Life Examples New faculty and staff hires face an unmet need to access University systems, to choose benefit options, setup syllabi, and prepare for classes--before they set foot on a Penn State campus.

10 10 Real Life Examples Distance education students across Pennsylvania, and around the world, face significant challenges in gaining access to the required online University resources needed for their education.

11 11 … Started With Many Long Walks & Great Discussions IAM Initiative – The Beginning

12 12 Executive Vice President and Provost R. Erickson Vice Provost & CIO Information Technology Services K. Morooney Information Technology Services Sponsored by Position of Authority

13 13 Co-Leading the IAM Effort Auxiliary & Business Services Information Technology Services

14 14 Identifying Stakeholders Auxiliary and Business Services College of Agricultural Sciences Commonwealth Campuses Development and Alumni Relations Information Technology Services Intercollegiate Athletics International Programs Office of Human Resources Office of Sponsored Programs Office of Student Aid Office of the Corporate Controller Office of the Physical Plant Office of the University Bursar Office of the University Registrar Outreach and Cooperative Extension Penn State Great Valley Penn State Milton S. Hershey Medical Center Privacy Office (Office of the Corporate Controller) The Graduate School Undergraduate Admissions Office Undergraduate Education University Libraries University Police Services

15 15 The Invitation We recognize that this is a very broad topic and believe that your organization's participation will be critically important to successfully understanding Penn State's needs, challenges, and future directions in IAM. “ …” The individuals representing each area should have a basic understanding of digital identities, knowledge of the business processes in your area, and an eagerness to collaborate to find a solution that will provide a strategic direction for Penn State and IT. “

16 16 Vice Provost’s Initial Charge Develop a Penn State roadmap for Identity and Access Management that can be used to help marshal the energy necessary to get to where we all need to go Establish a community of people and organizations who understand each others pressures, needs, and desires in identity and access management for the purposes of maintaining and developing as nimble a set of infrastructures possible to facilitate academic, business, and collaborative processes

17 17 IAM Initiative Logistics Full Committee Meetings every 6 weeks Deliverables in less than 1 year Education of Committee Members Sub Groups –Report back to larger group –Shared wiki space –Co-leaders meeting with each group Co-Leaders and Sub Group leader meetings

18 18 IAM Sub Groups Levels of Assurance Governance and Policy Vetting, Proofing, and Registration Authorities Risk Assessment Lifecycles and Affiliations Provisioning of Access Education and Awareness

19 19 Eight Strategic Recommendations 19

20 20 Strategic Recommendations #1 Create a Comprehensive Policy for Identity & Access Management – A comprehensive policy, covering all aspects of Identity & Access Management, does not exist today and needs to be developed. This policy framework is crucial for the project’s success.

21 21 Strategic Recommendations #2 Create a Central Person Registry – A single centralized person registry is needed to combine identity data records from disparate systems, ensuring the integrity and availability of person records.

22 22 Strategic Recommendations #3 Streamline Vetting, Proofing, and Issuance of Digital Credentials – Significant gains in efficiency could be realized by overhauling the current processes for creating accounts and issuing credentials.

23 23 Strategic Recommendations #4 Automate the Provisioning (and De- provisioning) of Access Rights – Customer service and security could both be significantly increased by automating the provision of access based on affiliation, roles, and attributes.

24 24 Strategic Recommendations #5 Develop a Plan for Formal Risk Assessment – A systematic risk management process is needed to evaluate the technology and information systems that are critical to the University’s mission.

25 25 Strategic Recommendations #6 Add Level of Assurance Component to Accounts and Access Decisions – A more granular approach to account creation and access decisions is needed. A Level of Assurance component will provide this flexibility and is also being required by federal agencies.

26 26 Strategic Recommendations #7 Promote Single Sign-on, Federated Identities, and Better Control of University Digital Credentials – Better control of Penn State digital credentials is needed—especially in regards to the use of these credentials with outside agencies, hosted vendor solutions, and other institutions of higher education. Single sign-on and federated identities will provide this control.

27 27 Strategic Recommendations #8 Promote Awareness and Education of the Importance of Identity & Access Management – Initial awareness and on- going education is needed to promote understanding of the importance of Identity & Access Management and achieve buy-in from stakeholders

28 28 Next Steps Awareness and Education –Matrix of Use Cases –Identify Priorities Pilot implementing Levels of Assurance –Gap analysis InCommon Silver, LoA 2 –NIH Applications Strategic Implementation Teams

29 29 Contact Information Joel Weidner –jlw2@psu.edu Renee Shuey –rshuey@psu.edu

30 30 Resources Penn State IAM Initiative –http://its.psu.edu/IAM/http://its.psu.edu/IAM/ The Enterprise Authentication Implementation Roadmap –http://www.nmi-edit.org/roadmap/draft-authn- roadmap-03/index.html

31 31 Copyright Renee Shuey & Joel Weidner, March 2008 This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Download ppt "1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”"

Similar presentations

1. 2 August 2009 - Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.

1. 2 August Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.
Copyright Kathy J. Lang and Ed Mahon, 2006. This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Copyright Kathy J. Lang and Ed Mahon, This work is the intellectual property of the authors. Permission is granted for this material to be shared.
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.

How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
Linda Ricks Managing Director, Information Systems May 25, 2006 Project and Resource Portfolio Management.

Linda Ricks Managing Director, Information Systems May 25, 2006 Project and Resource Portfolio Management.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.

Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
1 The Evolving Definition of Student: Identity Management at Duke University Klara Jelinkova Director, Computing Systems Office of Information Technology.

1 The Evolving Definition of "Student": Identity Management at Duke University Klara Jelinkova Director, Computing Systems Office of Information Technology.
Serving the Research Mission: An Approach to Central IT’s Role Matthew Stock University at Buffalo.

Serving the Research Mission: An Approach to Central IT’s Role Matthew Stock University at Buffalo.
Alliance for Strategic Technology (AST) SUNY Business Intelligence Initiative January 8, 2009.

Alliance for Strategic Technology (AST) SUNY Business Intelligence Initiative January 8, 2009.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
ECM Project Roles and Responsibilities

ECM Project Roles and Responsibilities
Identity Management: The Legacy and Real Solutions Project Overview.

Identity Management: The Legacy and Real Solutions Project Overview.
UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, 2007. This work is the intellectual property of the author.

UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, This work is the intellectual property of the author.
Pam Downs Ajay Gupta The Pennsylvania Prince George’s State University Community College Copyright Penn State University-2008. This work is the intellectual.

Pam Downs Ajay Gupta The Pennsylvania Prince George’s State University Community College "Copyright Penn State University This work is the intellectual.
IT Strategic Planning From Technical Dreams to Institutional Reality

IT Strategic Planning From Technical Dreams to Institutional Reality
Copyright Statement © Jason Rhode and Carol Scheidenhelm. 2006. This work is the intellectual property of the authors. Permission is granted for this material.

Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Steve Neiheisel Industry Consultant Creating a Technology Forum for the Whole Campus Presented by Executive Services of Jenzabar (c) Copyright 2006 Jenzabar,

Steve Neiheisel Industry Consultant Creating a Technology Forum for the Whole Campus Presented by Executive Services of Jenzabar (c) Copyright 2006 Jenzabar,
Integrating IT with Institutional Mission at Catholic Colleges & Universities Challenges & Opportunities: Thomas Skill, Associate Provost & CIO University.

Integrating IT with Institutional Mission at Catholic Colleges & Universities Challenges & Opportunities: Thomas Skill, Associate Provost & CIO University.
David Sweeney, Director Brooke Woodruff, IT Manager

David Sweeney, Director Brooke Woodruff, IT Manager
National Research Agenda to Support Transformation National Learning Infrastructure Initiative Focus Session June, 2003 Copyright Jillian Kinzie, 2003.

National Research Agenda to Support Transformation National Learning Infrastructure Initiative Focus Session June, 2003 Copyright Jillian Kinzie, 2003.
1 sm Using E-Business Solutions to Meet Management Challenges: Interoperability & Flexibility Bring Success to the Implementation of Specialized Components.

1 sm Using E-Business Solutions to Meet Management Challenges: Interoperability & Flexibility Bring Success to the Implementation of Specialized Components.

Similar presentations

Ads by Google