A Business Case for Identity Management in Higher Education David Walker University of California Office of the President April 24, 2006
The Changing Environment Business Process Automation Business processes now span multiple IT-base systems Portals, workflow, etc. This creates interdependencies among automated systems and the organizations that support them. Common authentication (Single Sign-On) becomes very important
The Changing Environment An Example: eProcurement SciQuest Online Catalog Campus Purchasing Requisition and Ordering OfficeMax Online Order Processing
The Changing Environment Other Examples Library Contracts and Grants Course Management Financial Aid Employee Self-Service Federated Wireless Collaboration Tools Administrative Applications Travel, HR, Purchasing/eProcurement, etc.
New Business Implications Information Security Need new business rules governing (identity) information sharing among services Must span multiple services Requires risk assessment Need business and technology controls to ensure compliance
Other Issues Every application already does identity management Multiple repositories = security risk Duplication of effort Need to achieve high enough level of trust / assurance
Common Authentication InCommon National organization for higher education Enables access to other member institutions' services using your institution's login Recommends campus policy and business processes Minimal standards intended to allow broad participation; appropriate for services that do not require high assurance (e.g., library) The basis for UCTrust
Common Authentication UCTrust - Raising the Bar A collaborative service for UC Clarifies organizational responsibilities Establishes rules for the management and use of identity information Intended as the default authentication infrastructure for inter-campus online services Leverages campus authentication strategies