OpenRegistry LSM 10/7/09 1 OpenRegistry Revisiting the Management of Electronic Identity Benjamin Oshrin Rutgers University July 2009.

Slides:



Advertisements
Similar presentations
AR – Issues for Attention Tactical and Strategic Guidance documents – what is the agreed approval/ publication process? –Strategic Guidance will.
Advertisements

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
Presenter(s): Candace Soderston Matt Sargent Bill Yock Date:November 16, 2011 Time:2:30 to 3:30 pm Help Shape the Future of Open Source Identity and Access.
NSF Middleware Initiative: Managing Identity on Campus Michael R Gettes, Duke University Tom Barton, University of Chicago.
Copyright Dave Steiner and Jeremy Rosenberg This work is the intellectual property of the authors. Permission is granted for this material to be.
1 The Evolving Definition of "Student": Identity Management at Duke University Klara Jelinkova Director, Computing Systems Office of Information Technology.
Peter Deutsch Director, I&IT Systems July 12, 2005
 SAP AG 2000 FAQ.ppt / 1 FAQ LSMW Frequently Asked Questions concerning LSMW.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 17 Slide 1 Rapid software development.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
 Wikipedia Says… “Single Sign On (SSO) is a property of access control of multiple, related, but independent software systems. With this property a user.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Open Source for Government Alexander C. Pitzner Sr. Network Engineer Harrisburg University of Science and Technology
June 10-15, 2012 Growing Community; Growing Possibilities Dedra Chamberlin, UCSF/UC Berkeley Eric Westfall, Indiana University.
ENTERPRISE DATA INTEGRATION APPLICATION ARCHITECTURE COMMITTEE OCTOBER 8, Year Strategic Initiatives.
University of Michigan MCommunity Project Liz Salley Product Manager, Michigan Administrative Information Services Luke Tracy
State of Information Technology Presentation for Faculty Council November 14, 2013 Mike Carlin Vice Chancellor for IT and CIO.
1 Kuali Identity Management Advanced CAMP: Identity Services Summit for Higher Ed Open / Community-Source Projects.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
The rSmart Group Kuali Days Successful Financial System Implementation Indianapolis April 11,
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
SOA in Higher Education Workshop Service-Oriented Architecture with Thomas Erl, SOA Systems Inc. University of British Columbia Vancouver BC Canada |
Vision Wouldn’t it be great if …. Vision … all of the networks were on the same ILS platform for both collaborative staff training purposes and patron.
Uniting Cultures, Technology & Applications A Case Study University of New Hampshire.
University of Michigan MCommunity Project Liz Salley Product Manager, Michigan Administrative Information Services Luke Tracy
An Online Knowledge Base for Sustainable Military Facilities & Infrastructure Dr. Annie R. Pearce, Branch Head Sustainable Facilities & Infrastructure.
NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID By Jonathan Higgins Presentation Template available from.
California Statewide Prevention and Early Intervention (PEI) Projects Overview May 20, 2010.
KUALI IDENTITY MANAGEMENT Provides services for Identity and Access Management in Kuali Integrated Reference Implementations User Interfaces An “integration.
June 10-15, 2012 Growing Community; Growing Possibilities Dedra Chamberlin, UCSF/UC Berkeley Eric Westfall, Indiana University.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
David L. Wasley Office of the President University of California Shibboleth Safe delivery of reliable authorization data David L. Wasley University of.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
Capture the Movement: Banner 7.0 and Beyond Susan LaCour, Senior Vice President, Solutions Development California Community Colleges Banner Group.
CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Considering Community and Open Source Lois Brooks Stanford Terry Ryan UCLA A Decision Framework for Selecting.
Presenter(s): Candace Soderston Matt Sargent Bill Yock Date:November 16, 2011 Time:2:30 to 3:30 pm Help Shape the Future of Open Source Identity and Access.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
June 10-15, 2012 Growing Community; Growing Possibilities Dedra Chamberlin, UCSF/UC Berkeley Eric Westfall, Indiana University.
Open Source - The Next Wave A next generation student services system Richard Spencer PESC 3 rd Annual Conference on Technology and Standards Washington.
Information Technology Current Work in System Architecture January 2004 Tom Board Director, NUIT Information Systems Architecture.
The State of Identity Management on Your Campus Session Moderators Jacob Farmer, Indiana University Theresa Semmens, North Dakota State University November.
Keeping Up With Moore’s Law 1 Keeping Up With Moore’s Law: Course Management Panel Robert Cartolano Manager, Academic Technologies, Academic Information.
A Strategy for Moving from Commercial to an Open Source Environment Jeshua Pacifici, GEDI Assistant Director and Learning Systems Consultant.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Portal Services & Credentials at UT Austin CAMP Identity and Access Management Integration Workshop June 27, 2005.
Current Middleware Picture Tom Barton University of Chicago Tom Barton University of Chicago.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
June 10-15, 2012 Growing Community; Growing Possibilities Dedra Chamberlin, UC Davis Eric Westfall, Indiana University.
Vision to Reality: How Knowledge Sharing Promotes Efficiencies Through Process Improvement  History of the Knowledge Collaboration Centre (KCC)  The.
ImageNow -- An Overview --. What is ImageNow?  Loyola’s document imaging and workflow application  Primary application (web based and desktop) of the.
OpenRegistry MACE-Dir 5/18/09 1 OpenRegistry Initiative Revisiting the Management of Electronic Identity Benjamin Oshrin Rutgers University May 2009.
Open-Source Identity Management MACE Grouper, Shibboleth and OpenRegistry Benjamin Oshrin Rutgers University Copyright © James Cramton Benjamin Oshrin.
OpenRegistry Jasig Dallas OpenRegistry Initiative Revisiting the Management of Electronic Identity Benjamin Oshrin Rutgers University March 2009.
… the next generation student system is coming! Kuali Days V November 14, 2007.
FIFER Jasig May FIFER: The Free Identity Framework For Education and Research: Blackened Swan Benjamin Oshrin The Oshrinium LLC.
Introduction The concept of a web framework originates from the basic idea that every web application obtains its foundations from a similar set of guidelines.
OpenRegistry: What’s New Jasig San Diego 3/10 1 What’s New With OpenRegistry Scott Battaglia Benjamin Oshrin March 2010.
Electronic Business Systems
MED-V - Managing virtual PCs for IT Pros
OpenRegistry Initiative
Current Campus Issues – From My Horizon
O S S I D M 4 H E June 2010 ACAMP Benn Oshrin, I2+Jasig Intersection
PASSHE InCommon & Federated Identity Workshop
Central Authorization System (Grouper) June 2009
Identity Management at the University of Florida
Kuali Student: Student System Solutions Already Making a Difference
Rapid software development
ORCID: ADDING VALUE TO THE GLOBAL RESEARCH COMMUNITY
Presentation transcript:

OpenRegistry LSM 10/7/09 1 OpenRegistry Revisiting the Management of Electronic Identity Benjamin Oshrin Rutgers University July 2009

OpenRegistry LSM 10/7/09 2 About Rutgers University State University of New Jersey Three Main Campuses –New Brunswick (main) FT, 7000 PT Students –Newark 7000 FT, 4000 PT Students –Camden 3500 FT, 1700 PT Students ¾ Undergraduate Faculty/Staff Alumni Many visitors, guests, conference attendees, etc Need to assign NetIDs (logins) and ID Cards

OpenRegistry LSM 10/7/09 3

OpenRegistry LSM 10/7/09 4 We’re Not That Unique Lots of other US Higher Ed looks similar –Multiple Systems of Record (SORs) –Heterogenous Downstream Systems (DSSs) OpenSource: Kerberos, OpenLDAP, CAS, Shibboleth, Sakai, Kuali,... Proprietary: Active Directory, Banner, Endeavor, Lenel,... –Complex, poorly documented rules and procedures –Limited resources And also in Canada, UK, Sweden, Brazil,...

OpenRegistry LSM 10/7/09 5

OpenRegistry LSM 10/7/09 6 Rutgers University Identity Goals Capture Identity Data for all populations affiliated with the University, including regular students, continuing ed students, joint program students, alumni, new employees, faculty, staff, retirees, and guests –Now: Primarily students, faculty/staff, and some “guests” Faster propagation of data, real time where possible –Now: Nightly to biweekly batch feeds Consistent data definitions, contracted via versions –Now: Hard to find definitions, unclear when they change Delegated operations where possible –Now: Heavy dependency on Help Desk and Central IT

OpenRegistry LSM 10/7/09 7 What Is OpenRegistry? An OpenSource Identity Management System, a place for data about people affiliated with your institution Core functionality –Interfaces for web, batch, and real-time data transfer –Identity data store –Identity reconciliation from multiple systems of record –Identifier assignment for new, unique individuals Additional functionality –Data beyond Persons: Groups, Courses, Credentials, Accounts –Business Rule based data transformations

OpenRegistry LSM 10/7/09 8 What Is OpenRegistry? More than just a Registry, some periphery too –Directory Builder –Provisioning and Deprovisioning Generally not authoritative for data –SORs are authoritative for most data –OR reflects single, reconciled view of data from multiple SORs –Exceptions include some identifiers, results of business rule calculations, populations with no real SOR (eg: visitors)

OpenRegistry LSM 10/7/09 9 Inspirations Columbia University Identity Management System Rutgers People Database Georgetown Model* Higher Ed Standards (eg: eduPerson) Evolving Standards (eg: NIST LoA) Review of interested peer institutions Decades of combined experience from before the field was called “Identity Management”

OpenRegistry LSM 10/7/09 10 I2 Identity & Access Management Model OpenRegistry Core OpenRegistry Periphery

OpenRegistry LSM 10/7/09 11

OpenRegistry LSM 10/7/09 12 Data Model Generic enough to work for multiple institutions Specific enough to work for yours Internationalized Well documented

OpenRegistry LSM 10/7/09 13 Data Model Overview

OpenRegistry LSM 10/7/09 14 Data Model Excerpt

OpenRegistry LSM 10/7/09 15

OpenRegistry LSM 10/7/09 16 OpenRegistry Approach Communicate openly and transparently Design based on supportable, end-user focused, efficient processes and ease of maintenance Adhere to open standards wherever possible Leverage other higher ed efforts Favor iterative development where appropriate Implement highly available, highly scalable, cost efficient technologies

OpenRegistry LSM 10/7/09 17 OpenRegistry Approach Generic architecture and data model –More than Rutgers needs, but makes OR more useful for others Multiple levels of engagement with the community –Discuss: Review design documents, identify gaps and changes –Develop: Help write code, documentation, etc –Deploy: Run OR as an IDMS (when released) –Donate: Contribute resources to help with development and outreach Transparent, agile development process –Work done on Jasig servers, not Rutgers Get the ball rolling, encourage others to join Build on lessons learned from CAS

OpenRegistry LSM 10/7/09 18

OpenRegistry LSM 10/7/09 19

OpenRegistry LSM 10/7/09 20

OpenRegistry LSM 10/7/09 21

OpenRegistry LSM 10/7/09 22

OpenRegistry LSM 10/7/09 23

OpenRegistry LSM 10/7/09 24 OpenRegistry Initiative Milestones √ Requirements √ Design √ Project Infrastructure R1: Core Services, REST API, Initial UI, Initial Business Rules –Meets Rutgers RIAR-1 requirements R2: Enhanced Core Services, UI, Business Rules, Initial Provisioning R3: Batch Interface, Enhanced Business Rules, Enhanced Provisioning

OpenRegistry LSM 10/7/09 25 Intersection With Your Institution Potential for collaboration could take many forms –Participation in or vetting of OR design –Evaluation for migration and adoption as OR matures –Adjustment of OR milestones according to your needs, with your resources Benefits of Migration to OR –Provides long term, sustainable model –Elimination of programmer-specific knowledge concerns –Avoidance of vendor lock-in Commercial solutions aren't drop-in, customization work needed Easier to tailor to future needs –Community of similar institutions in similar situations

OpenRegistry LSM 10/7/09 26 Additional Information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.