1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”

Slides:



Advertisements
Similar presentations
1. 2 August Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.
Advertisements

Copyright Kathy J. Lang and Ed Mahon, This work is the intellectual property of the authors. Permission is granted for this material to be shared.
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
Linda Ricks Managing Director, Information Systems May 25, 2006 Project and Resource Portfolio Management.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
1 The Evolving Definition of "Student": Identity Management at Duke University Klara Jelinkova Director, Computing Systems Office of Information Technology.
Serving the Research Mission: An Approach to Central IT’s Role Matthew Stock University at Buffalo.
Alliance for Strategic Technology (AST) SUNY Business Intelligence Initiative January 8, 2009.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
ECM Project Roles and Responsibilities
Identity Management: The Legacy and Real Solutions Project Overview.
UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, This work is the intellectual property of the author.
Pam Downs Ajay Gupta The Pennsylvania Prince George’s State University Community College "Copyright Penn State University This work is the intellectual.
IT Strategic Planning From Technical Dreams to Institutional Reality
Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Steve Neiheisel Industry Consultant Creating a Technology Forum for the Whole Campus Presented by Executive Services of Jenzabar (c) Copyright 2006 Jenzabar,
Integrating IT with Institutional Mission at Catholic Colleges & Universities Challenges & Opportunities: Thomas Skill, Associate Provost & CIO University.
David Sweeney, Director Brooke Woodruff, IT Manager
National Research Agenda to Support Transformation National Learning Infrastructure Initiative Focus Session June, 2003 Copyright Jillian Kinzie, 2003.
1 sm Using E-Business Solutions to Meet Management Challenges: Interoperability & Flexibility Bring Success to the Implementation of Specialized Components.
EDUCAUSE 10/29/01 The University of Hartford Initiating Transformation at Your Institution Copyright Paul R. Hagner and Joel L. Hartman, This work.
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.
Moving Out of The Shadows: Shining a Light on Data David Rotman Director of Computer Services Mark Mazelin Web Development Coordinator Copyright David.
1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.
Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.
Putting the We in… We are Penn State! Copyright [Carol Findley, Lisa Dibert] [2003]. This work is the intellectual property of the authors. Permission.
Intellectual Property Protocol and Assessment for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the.
1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
1 Data Strategy Overview Keith Wilson Session 15.
Lynette Olson, Assessment & Effectiveness Director & Gary Langer, Associate Vice Chancellor, Office of the Chancellor, Minnesota State Colleges and Universities.
Serving MERLOT on Your Campus Gerry Hanley California State University and MERLOT Seminars on Academic Computing August 7, 2002 Snowmass CO Copyright Gerard.
Moving Your Paperwork Online University of California, Irvine presents PayQuest Copyright UC,Irvine This work is the.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Incorporating IT Standards into the Planning Process: A Collaborative Model Information Technology Systems Division Copyright Beverly Vagnerini and Bobby.
Penn State Identity and Access Management - Identity & Access Management Update Non Student Lifecycle and Relationships Meeting March.
Identity and Access Management PM COP Forum May 20, 2014Tuesday10100 AMLamont Library.
Managing Intellectual Property for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the University System.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
Leading an Effort to Define Roles A “Tripod” View of IAM.
PROJECT OBJECTIVES Identify, procure, and implement software that provided a common system for students, faculty, and staff to enter and measure.
Value & Excitement University Technology Services Oakland University Information Technology Strategic Planning Theresa Rowe October 2004 Copyright Theresa.
Center for Planning and Information Technology T HE C ATHOLIC U NIVERSITY of A MERICA ERP Systems: Ongoing Support Challenges and Opportunities Copyright.
Welcome to CAMP: Charting Your Authentication Roadmap Mike Grady Senior Technology Architect and Strategist Campus Information Technologies and Educational.
UWM CIO Office Where Did These Customizations Come From? Do We Need Them? March 14, 2007 Jill Unglaub, Senior Application Analyst Information and Media.
IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015.
March 21, 2006 NERCOMP 2006 Worcester, Massachusetts 1 Copyright Sunny Donenfeld, This work is the intellectual property of the author. Permission.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
Copyright [Dr. Michael Hoadley, Chat Chatterji, and John Henderson ] [2004]. This work is the intellectual property of the authors. Permission is granted.
Strategic Planning, Policy, Public Safety, and a Shared Vision for IU’s Regional Campuses.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
Trusted Electronic Communications for Federal Student Aid Mark Luker Vice President EDUCAUSE Copyright Mark Luker, This work is the intellectual.
New Faculty Orientation Dr. Nicholas P, Jones, Executive Vice President and Provost Thursday, August 20, 2015 OFFICE OF THE EXECUTIVE VICE PRESIDENT AND.
University of Southern California Identity and Access Management (IAM)
Breaking Down Barriers & Building Bridges Improves Customer Satisfaction & Efficiency Wendy Woodward | March 15, 2011 Copyright Wendy Woodward 2011.
Moving Towards Information Literacy Through Data Governance
Tom Barton, Senior Director for Integration, University of Chicago
Mgt Project Portfolio Management and the PMO Module 8 - Fundamentals of the Program Management Office Dr. Alan C. Maltz Howe School of Technology.
Jill Forrester and David Kelly| October 20, 2011
Federated Identity Management at Virginia Tech
John O’Keefe Director of Academic Technology & Network Services
Decentralization in a Centralized IT Environment
Federating with NIH, NSF, and the National Student Clearinghouse
University of Southern California Identity and Access Management (IAM)
Employee engagement Delivery guide
Presentation transcript:

1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”

2 Presentation Overview Brief Introduction to Identity & Access Management (IAM) Concepts Why IAM is important to Penn State Starting Up the IAM Effort Working on IAM Together Eight Key Recommendations Keeping the Momentum Going

3 IAM Defined “An administrative process coupled with a technological solution which validates the identity of individuals and allows owners of data, applications, and systems to either maintain centrally or distribute responsibility for granting access to their respective resources to anyone participating within the IAM framework.” - NYS Forum

4 Three Core Concepts People and Relationships Creation and Management of Identities Access to Data and Applications

5 People and Relationships Different types of affiliations –Formal vs. Casual Multiple affiliations Affiliation life-cycles

6 Creation & Management of Identities Vetting – collection and validation of identity information Proofing – aligning collected data and matching an actual person Issuance of credentials –ID/password pair –ID card –2 nd factor token

7 Access to Data & Applications Connecting people to data and services Authentication decisions –Knowing who Authorization decisions –Affiliation type, status, level of assurance, roles and other attributes.

8 Why IAM is Important to Penn State Four foundational goals –Increase collaboration and innovation –Improve customer service –Increase efficiency –Improve security of digital assets and mitigation of risk

9 Real Life Examples New faculty and staff hires face an unmet need to access University systems, to choose benefit options, setup syllabi, and prepare for classes--before they set foot on a Penn State campus.

10 Real Life Examples Distance education students across Pennsylvania, and around the world, face significant challenges in gaining access to the required online University resources needed for their education.

11 … Started With Many Long Walks & Great Discussions IAM Initiative – The Beginning

12 Executive Vice President and Provost R. Erickson Vice Provost & CIO Information Technology Services K. Morooney Information Technology Services Sponsored by Position of Authority

13 Co-Leading the IAM Effort Auxiliary & Business Services Information Technology Services

14 Identifying Stakeholders Auxiliary and Business Services College of Agricultural Sciences Commonwealth Campuses Development and Alumni Relations Information Technology Services Intercollegiate Athletics International Programs Office of Human Resources Office of Sponsored Programs Office of Student Aid Office of the Corporate Controller Office of the Physical Plant Office of the University Bursar Office of the University Registrar Outreach and Cooperative Extension Penn State Great Valley Penn State Milton S. Hershey Medical Center Privacy Office (Office of the Corporate Controller) The Graduate School Undergraduate Admissions Office Undergraduate Education University Libraries University Police Services

15 The Invitation We recognize that this is a very broad topic and believe that your organization's participation will be critically important to successfully understanding Penn State's needs, challenges, and future directions in IAM. “ …” The individuals representing each area should have a basic understanding of digital identities, knowledge of the business processes in your area, and an eagerness to collaborate to find a solution that will provide a strategic direction for Penn State and IT. “

16 Vice Provost’s Initial Charge Develop a Penn State roadmap for Identity and Access Management that can be used to help marshal the energy necessary to get to where we all need to go Establish a community of people and organizations who understand each others pressures, needs, and desires in identity and access management for the purposes of maintaining and developing as nimble a set of infrastructures possible to facilitate academic, business, and collaborative processes

17 IAM Initiative Logistics Full Committee Meetings every 6 weeks Deliverables in less than 1 year Education of Committee Members Sub Groups –Report back to larger group –Shared wiki space –Co-leaders meeting with each group Co-Leaders and Sub Group leader meetings

18 IAM Sub Groups Levels of Assurance Governance and Policy Vetting, Proofing, and Registration Authorities Risk Assessment Lifecycles and Affiliations Provisioning of Access Education and Awareness

19 Eight Strategic Recommendations 19

20 Strategic Recommendations #1 Create a Comprehensive Policy for Identity & Access Management – A comprehensive policy, covering all aspects of Identity & Access Management, does not exist today and needs to be developed. This policy framework is crucial for the project’s success.

21 Strategic Recommendations #2 Create a Central Person Registry – A single centralized person registry is needed to combine identity data records from disparate systems, ensuring the integrity and availability of person records.

22 Strategic Recommendations #3 Streamline Vetting, Proofing, and Issuance of Digital Credentials – Significant gains in efficiency could be realized by overhauling the current processes for creating accounts and issuing credentials.

23 Strategic Recommendations #4 Automate the Provisioning (and De- provisioning) of Access Rights – Customer service and security could both be significantly increased by automating the provision of access based on affiliation, roles, and attributes.

24 Strategic Recommendations #5 Develop a Plan for Formal Risk Assessment – A systematic risk management process is needed to evaluate the technology and information systems that are critical to the University’s mission.

25 Strategic Recommendations #6 Add Level of Assurance Component to Accounts and Access Decisions – A more granular approach to account creation and access decisions is needed. A Level of Assurance component will provide this flexibility and is also being required by federal agencies.

26 Strategic Recommendations #7 Promote Single Sign-on, Federated Identities, and Better Control of University Digital Credentials – Better control of Penn State digital credentials is needed—especially in regards to the use of these credentials with outside agencies, hosted vendor solutions, and other institutions of higher education. Single sign-on and federated identities will provide this control.

27 Strategic Recommendations #8 Promote Awareness and Education of the Importance of Identity & Access Management – Initial awareness and on- going education is needed to promote understanding of the importance of Identity & Access Management and achieve buy-in from stakeholders

28 Next Steps Awareness and Education –Matrix of Use Cases –Identify Priorities Pilot implementing Levels of Assurance –Gap analysis InCommon Silver, LoA 2 –NIH Applications Strategic Implementation Teams

29 Contact Information Joel Weidner Renee Shuey

30 Resources Penn State IAM Initiative – The Enterprise Authentication Implementation Roadmap – roadmap-03/index.html

31 Copyright Renee Shuey & Joel Weidner, March 2008 This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.