Tom Barton, Senior Director for Integration, University of Chicago

Slides:



Advertisements
Similar presentations
Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.
Advertisements

How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
Going for the Silver Winter 2010 CSG January 13, 2010.
Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago.
1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
InCommon and Federated Identity Management 1
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney
Winter 2011 CSG Workshop: InCommon Silver January 12, 2011.
3/20/20071 IT Strategy and Leadership in Higher Education: Two Case Studies Case 1: Roberts Wesleyan College. Presented by Pradeep (Peter) Saxena, CIO.
Shibboleth and InCommon Copyright Texas A&M University This work is the intellectual property of the author. Permission is granted for this material.
1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
© 2011 The University of Chicago InCommon Silver Implementation at UChicago Tom Barton 1.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Serving MERLOT on Your Campus Gerry Hanley California State University and MERLOT Seminars on Academic Computing August 7, 2002 Snowmass CO Copyright Gerard.
Ten Thing IT Staff Need to Know About Education Records Privacy Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
National Science Foundation Chief Information Officer CIO Fall Update for the Advisory Committee for Business and Operations: Identity Management 2.0 George.
The InCommon Federation The U.S. Access and Identity Management Federation
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Secure Access to Research Infrastructure via the InCommon Federation.
Center for Planning and Information Technology T HE C ATHOLIC U NIVERSITY of A MERICA ERP Systems: Ongoing Support Challenges and Opportunities Copyright.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
Safeguarding Research Data Policy and Implementation Challenges Miguel Soldi February 24, 2006 THE UNIVERSITY OF TEXAS SYSTEM.
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Copyright [Dr. Michael Hoadley, Chat Chatterji, and John Henderson ] [2004]. This work is the intellectual property of the authors. Permission is granted.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
Copyright Statement Copyright Robert J. Brentrup This work is the intellectual property of the author. Permission is granted for this material to.
Managing Access at the University of Oregon : a Case Study of Scholars’ Bank by Carol Hixson Head, Metadata and Digital Library Services
Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
Trusted Electronic Communications for Federal Student Aid Mark Luker Vice President EDUCAUSE Copyright Mark Luker, This work is the intellectual.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
1 EDUCAUSE Mid-Atlantic Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit.
University of Southern California Identity and Access Management (IAM)
Preparing For An InCommon Silver Audit – Lessons From the First Phase
Federated Identity Management at Virginia Tech
Educause/Internet 2 Computer and Network Security Task Force
University of Texas System
CIO Constituent Group Meeting
California State University CSUconnect Federation
John O’Keefe Director of Academic Technology & Network Services
Decentralization in a Centralized IT Environment
Federating with NIH, NSF, and the National Student Clearinghouse
Federated Identity to Support Collaboration in the CIC
University of Southern California Identity and Access Management (IAM)
Ass’t Director for Technology Collaboration
PASSHE InCommon & Federated Identity Workshop
Registrars are a Barrier to Collaboration: Truth or CIO Pretext?
Shibboleth as Attribute Delivery for Authorization
Open Source Web Initial Sign-On Packages
HIMSS National Conference New Orleans Convention Center
Managing Enterprise Directories: Operational Issues
Presentation transcript:

Enhancing Campus Services Through Federated Identity Management Collaborations March 15, 2010 Tom Barton, Senior Director for Integration, University of Chicago Ron Kraemer, CIO, University of Wisconsin, Madison

Agenda Introduction to InCommon and federated identity management Challenges and benefits Enabling more services for our campuses Learning more and getting involved

Full Disclosure This presentation uses many resources from the experts in this area of work, in particular Kevin Morooney (Penn State) Renee Shuey (Penn State) Jack Suess, University of Maryland, Baltimore County

The CIC’s Demonstrated Commitment To Identity Management June, 2006, the CIC CIOs hosted a meeting that brought together hundreds of people from the CIC Human Resources Enrollment Management Financial Aid Medical Centers Research Offices ID Card Offices Information Technology

InCommon Mission The mission of the InCommon Federation is to create and support a common framework for trustworthy shared management of access to on-line resources in support of education and research in the United States.

What this means to me as a user… I can use the credentials provided to me by my organization to gain access to systems and services from others in the federation

Overview Of Identity Management Systems California State University definition - An identity management infrastructure is a collection of technology and policy that enables networked computer systems to determine who has access to them, what resources the person is authorized to access, while protecting individual privacy and access to confidential information. 7

Definition Components Infrastructure - software and hardware Collection - not just technology Technology and policy – policy plays a critical role and is an essential element of the solution Networked computer systems - implies distributed technology systems communicating over a network Access - Who am I Authorized - What can I do Protecting - limiting access and protecting information

Identity Management Use In Higher Ed Students, Faculty and Staff Student/Employee directories Learning resources (course management systems, library, etc.) Emergency notification systems Online student and staff administrative systems Federal research agencies, funding, and data resources Alumni and Donors Email for life Alumni directories and services

Identity Management Factors Policy and Governance Technology Identity Management Ability to Implement Information Technology Service Infrastructure

Federated Access in 30 seconds 4. If attributes are acceptable to resource policy, access is granted! 3. Authorization: Privacy-preserving exchange of agreed upon attributes 2. Federation-based trust exchange to verify partners and locations 1. Authentication: single-sign-on at home institution Online Resource Attributes: Anonymous ID, Staff, Student, … Metadata, certificates, common attributes & meaning, federation registration authority, Shibboleth Home Institution – user signs in

15 March 2010

4 million end users 153 Universities 6 Labs or Agencies 51 Sponsored Partners

What does a Federation Do? Scaling beyond the technology Rules of Engagement Information about how to connect Vetting organizations and representatives Common Data/Attributes Shared Technology Maintain Member Information 14

The CIC and InCommon Silver CIC CIOs decided in August 2009 that all CIC schools should be Silver certified by Fall 2011 Why? Expand inter-institutional collaboration among CIC schools Influence emerging standards & practices in cloud and above campus services and elevate prominence of the CIC in connection with that Sustain adoption of best IdM practices at CIC schools

Which campus people need Silver assurance? CIC CourseShare Payroll later Benefits Student Loans CIC storage cloud Timeframe Financial aid OSG CILogon sooner NSC Nat’l Labs NIH TeraGrid caBIG smaller larger User group size

Pieces of Silver Piece A: Documentation of policies and procedures and standard operating practices Piece B: Strength of authentication and shared secrets Piece C: Registering identity subjects and issuing credentials to them

Silver isn’t free … Requirements Issues or risks Comprehensive IdM policies and procedures Unclear who gets to decide, weak documentation practice Audit Scheduling & funding Password complexity, lifetime, account lockout Resistance to change Credential issuance process Change online credential issuance process; new link with existing business processes

The view from Fall 2011 Energize collaborative efforts across the CIC CIC campuses provide best possible support for scientific and scholarly collaboration CIC campuses poised to take full advantage of cloud/shared services For a large university, achieving Silver compliance can boost confidence on campus too

All CIC Schools Are Participants In InCommon Undertaking three projects: Enabling our campuses to support InCommon Silver Developing a pilot with Teragrid Enabling federated/roaming wireless among CIC campuses.

From a recent letter from the CIC CIOs to Internet 2 “The CIC’s commitment to identity management and federation of identities through InCommon is strong and our future dependency on InCommon is clear.”

Resources http://www.incommonfederation.org http://www.educause.edu Google any of the InCommon steering committee or technical advisory committee names A presentation by Dick Hardt (Sxip Identity) http://www.identity20.com/media/OSCON20 05/

THANK YOU

Copyright Tom Barton and Ron Kramer, 2010 Copyright Tom Barton and Ron Kramer, 2010. This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the authors.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.