Enterprise Directory Services A Common Registry (Identity Management) & Common Source of Authoritative Attributes Presentation to the Office of the President.

Slides:



Advertisements
Similar presentations
PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.
Advertisements

A Unified Approach to Combat Counterfeiting: Use of the Digital Object Architecture and ITU-T Recommendation X.1255 Robert E. Kahn President & CEO CNRI,
1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.
Enterprise Architecture 2013 ITLC & ITAG Leadership Meeting Discussion Points April 9, 2013.
Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.
Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida.
S&I Framework Provider Directories Initiative esMD Work Group October 19, 2011.
Active Directory: Final Solution to Enterprise System Integration
Information Technology Architecture Group (ITAG)‏ David Walker Information & Educational Technology University of California, Davis
CNI Fall 1998 Access Management Requirements and Approaches Joan Gargano California Digital Library
Enterprise Directory Services A Common Registry (Identity Management) A Common Person Directory.
May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Office of Science U.S. Department of Energy Grids and Portals at NERSC Presented by Steve Chan.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
July 12, 2005 CSU SIMI Workshop - Melding Policy and Technology to Manage Identity1 Provisioning Services Collaborative CSU, East Bay and CSU, San Bernardino.
Peter Deutsch Director, I&IT Systems July 12, 2005
Enterprise Portal Authentication: who are you? Authorization: what are you permitted to do? Personalization: the web pages you see are dynamically created.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Directory Services Project University of Colorado at Boulder.
LEVERAGING THE ENTERPRISE INFORMATION ENVIRONMENT Louise Edmonds Senior Manager Information Management ACT Health.
Understanding Active Directory
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
CAMP Integration Reflect & Join A Case Study The University of Texas Health Science Center at Houston William A. Weems Assistant Vice President Academic.
ITAG and EA Update ITLC – Oct. 23
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
1 EDUCAUSE Midwest Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit Mark.
Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.
Sierra Systems itSMF Development Days Presentation March 4 th, 2014 Colin James Assyst Implementation Specialist.
E-Referral enabled collaborative health care Opportunities and considerations Presented by: Sasha Bojicic Emerging Technology Group Canada Health Infoway.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
The GPAA RFP to implement Enterprise Data Management 1 GPAA15/2015.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
The Directory A distributed database Distributed maintenance.
CSC271 Database Systems Lecture # 4.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Chapter 1 Overview of Database Concepts Oracle 10g: SQL
USM Regional PeopleSoft Conference
National Infrastructure Tina Yule Technical Assurance Co-ordinator 21 st Century Government Unit.
UC Middleware Needs David Walker Information & Educational Technology University of California, Davis
I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.
Architecture for a Database System
Lecture 2 An Overview of Relational Database IST 318 – DB Admin.
GatorLink Password Management Policy March 31, 2004.
KUALI IDENTITY MANAGEMENT Provides services for Identity and Access Management in Kuali Integrated Reference Implementations User Interfaces An “integration.
Proposal for device identification PAR. Scope Unique per-device identifiers (DevID) Method or methods for authenticating that device is bound to that.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
Client Registry An enterprise master patient index (EMPI), or Client Registry manages the unique identity of citizens receiving health services with the.
The DSpace Course Module – User management and authentication options.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
OpenHIE Improving health for the underserved. The Open Health Information Exchange (OpenHIE) Community: A diverse community enabling interoperable health.
PS Security By Deviprasad. Agenda Components of PS Security Security Model User Profiles Roles Permission List. Dynamic Roles Static Roles Building Roles/Rules.
FEDERATIONS Clair Goldsmith, Ph.D., Associate Vice Chancellor and CIO September 27,
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
FSU Metadirectory Project The Issue of Identity Management Executive Overview.
Middleware CAMP Day 2. Current Research Research that develops th e…
As-Is To-Be Advisory Committee Refinement CommunicationERPCurrent ProjectsIMO ActivitiesIMO EstablishmentPre-IMO Prep Advisory Committee Activities Funding?
Introduction to Active Directory
NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions and services that benefit.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
University of Colorado An Approach for Deploying Multi- campus Directory Services.
ITAG Status Report David Walker Information & Educational Technology University of California, Davis
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
University of Southern California Identity and Access Management (IAM)
University of Southern California Identity and Access Management (IAM)
Presentation transcript:

Enterprise Directory Services A Common Registry (Identity Management) & Common Source of Authoritative Attributes Presentation to the Office of the President (4/26/02)

Project Goals Provide a common source of identity information for persons associated with the University.Provide a common source of identity information for persons associated with the University. Enable the implementation of the New Business Architecture.Enable the implementation of the New Business Architecture. Enable collaboration among the campuses of the University of California.Enable collaboration among the campuses of the University of California. Improve the campus system security architectureImprove the campus system security architecture Enable data warehousing.Enable data warehousing.

Progress Advanced Technology ProjectAdvanced Technology Project –Completed March 2001 and involved significant collaboration within the campus –Investigation of campus needs –Possibilities for the architecture –Schema considerations Project Charge to Develop Enterprise Directory Services for the CampusProject Charge to Develop Enterprise Directory Services for the Campus Pre-Feasibility Analysis and Project Work planPre-Feasibility Analysis and Project Work plan

Proposed Enterprise Directory Services PropertiesProperties –A Common Identity Management (Person Registry) and Common Authoritative Attributes (LDAP Directory) –Applications are Directory Enabled and Read and Write to an LDAP directory –Eliminates Need for Extraction from multiple Source Data Repositories

The Person Registry Key to Success A central database of identity information for all persons within the University CommunityA central database of identity information for all persons within the University Community Creates a Unique ID for every person for whom a computer record is generated. The Unique ID follows that person from “cradle to grave”.Creates a Unique ID for every person for whom a computer record is generated. The Unique ID follows that person from “cradle to grave”. Establishes a resolution process to insure unambiguous and accurate records.Establishes a resolution process to insure unambiguous and accurate records. Campus computing systems adopt the Unique ID to identify that person in the system.Campus computing systems adopt the Unique ID to identify that person in the system.

Person Registry (Common Identity Management)

Directory Services Once Registry processes for creation and maintenance of the Unique ID are adopted, we have many options for creating and configuring directory services.Once Registry processes for creation and maintenance of the Unique ID are adopted, we have many options for creating and configuring directory services. –Central System Architecture –Referral System Architecture –Chained System Architecture – etc...

Possible Directory Models

Pre-Feasibility Analysis

Discussion Points Can we collectively achieve UC-wide unique identities?Can we collectively achieve UC-wide unique identities? How will we integrate the middleware components and business applications into the New Business Architecture?How will we integrate the middleware components and business applications into the New Business Architecture? Will UC maintain a Directory of Directories for our campuses?Will UC maintain a Directory of Directories for our campuses? How will we resolve inter-realm (UC-wide) authentication and authorization?How will we resolve inter-realm (UC-wide) authentication and authorization? Are there opportunities for UC Davis and Office of the President to work together to address identity issues?Are there opportunities for UC Davis and Office of the President to work together to address identity issues?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.