Identity Management: The Legacy and Real Solutions Project Overview.

Slides:



Advertisements
Similar presentations
Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
Advertisements

Web Application Management Moving Beyond CMS Douglas Clark Director, Web Applications Copyright Douglas Clark 2003 This work is the intellectual property.
Copyright Dave Steiner and Jeremy Rosenberg This work is the intellectual property of the authors. Permission is granted for this material to be.
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
Copyright Judith Spencer This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
On Beyond Z Building a Directory Service educause presentation #074 University of Colorado at Boulder Deborah Keyek-Franssen Marin Stanek Paula J. Vaughan.
1 Extending Authenticated Online Services with "Friend Accounts" at Washington State University Brian Foley Technology Architect/Application Developer.
Multi-Organizational Authorization Services RL “Bob” Morgan, University of Washington Internet2/Educause Advanced CAMP Boulder, Colorado July 2003.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Peter Deutsch Director, I&IT Systems July 12, 2005
The Homegrown Single Sign On (SSO) Project at UM – St. Louis.
JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright.
Copyright Steve Brandt This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
MIT ROLES DB Internet 2 Authority Architectures CAMP, June 2004.
1 No More Paper, No More Stamps: Targeted myWSU Communications Jack Alilunas, Lavon Frazier October 20, 2004.
Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.
GatorAid: Identity Management at the University of Florida Mike Conlon Director of Data Infrastructure
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
1 No More Paper, No More Stamps: Targeted myWSU Communications Jack Alilunas, Lavon Frazier May 17, 2004 Copyright Jack Alilunas, Lavon Frazier This.
You’ve Built The Pieces, Now Integrate Your Enterprise! Mid-Atlantic Regional Conference January 17, 2003 Patty Gertz, Princeton University
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
The Team Approach: A Paradigm Shift for Designing Successful Online Courses NERCOMP 2005 College for Lifelong Learning, Manchester, NH.
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.
ProACT : High Tech, High Touch Prospect and Communication Tracking System CUMREC 2004 “Spicing Up Technology” Austin, Texas May 17, 2004 Van Follette Washington.
1 No More Paper, No More Stamps: Targeted myWSU Communications Lavon R. Frazier April 27, 2005 Copyright Lavon R. Frazier, This work is the intellectual.
Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.
GWEB “The George Washington University Enterprise Portal Solution” - GWEB.GWU.EDU - Francesco de Leo Copyright Francesco de Leo, This work is the.
Moving Your Paperwork Online University of California, Irvine presents PayQuest Copyright UC,Irvine This work is the.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Georgia State University Case.
Quarterly Customer Meeting Active Directory Federation Services (ADFS) April 2015.
Issues Associated with ePortfolios in Small Colleges EDUCAUSE Mid-Atlantic Regional Conference 2006 Ed Barboni, Senior Advisor, Council of Independent.
Middleware 101 Dave Tomcheck UC Irvine. Overview Drivers and Assumptions Objectives The Components of the Business Architecture Implications for Stakeholders.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Identity Management: The Legacy and Real Solutions MIIS Implementation.
Enterprise Directories: Design, Implementation, and Operational Strategies Dr. Tom Barton.
Discussion Panelists: Justin C. Klein Keane Sr. Information Security Specialist University of Pennsylvania Jonathan Hanny Application Security Specialist.
Taking Cyber Security Awareness to the Street Community Aware.
Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.
Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
Copyright James Kulich This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Chief Information Officer Effectiveness in Higher Education Wayne Brown, Ph.D. Copyright Wayne Brown This work is the intellectual property of the.
© Scottsdale Community College Leveraging the Power of E-Learning Taking your course to a higher level Presented by Sidne Tate Director, Instructional.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
University of Southern California Identity and Access Management (IAM)
Breaking Down Barriers & Building Bridges Improves Customer Satisfaction & Efficiency Wendy Woodward | March 15, 2011 Copyright Wendy Woodward 2011.
Federated Identity Management at Virginia Tech
John O’Keefe Director of Academic Technology & Network Services
Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.
University of Southern California Identity and Access Management (IAM)
Project for OnLine Instructional Support (POLIS)
Open Source Web Initial Sign-On Packages
myIS.neu.edu – presentation screen shots accompany:
An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.
Technical Topics in Privilege Management
Managing Enterprise Directories: Operational Issues
Device Registration and Multi-Factor Authentication
Presentation transcript:

Identity Management: The Legacy and Real Solutions Project Overview

Washington State University This work is the intellectual property of WSU. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the copyright owner. To disseminate otherwise or to republish requires written permission.

The Legacy WSU Network ID Integrated Business Systems Multiple Authentication Stores Disparate Authorization Methods No Single Sign-On No Metadirectory Ad Hoc Provisioning

Business Drivers Strategic Goal: “Seamless, Intuitive, Integrated” Aging technology (DCE, custom programs) Performance and reliability Management of NIDs Management of WSU affiliates (not eligible for NIDs) Increasing reliance on Active Directory

Project History Core team construction (2004) Representatives from ITS, College of Business, Libraries, Center for Teaching Learning and Technology Six months information gathering Microsoft Technology Center invitation Clarification of project goals

Project History Project divided into sub-projects  Single sign-on  Metadirectory services  Group services  WSU Friend IDs

Key Components Microsoft Active Directory (AD)  Authoritative source for NIDs  Authorization group structure Microsoft Identity Information Server (MIIS)  Metadirectory services for NIDs  Provisions AD groups

Key Components Microsoft Active Directory Federation Services (ADFS)  Single sign-on, internal federation Microsoft Authorization Manager (Azman)  Used in conjunction with claims (AD group structure) for authorization

WSU Enterprise Directory Services Intelligence & Business Rules Source Systems Active Directory Feed Authentication, Authorization, Attribute and Group Services Metadirectory Services Person Registry ADABAS Active Directory Online Phonebook Portal Database Portal OID UPS LDAP DCE Apps & Services Portal Feed Online Phonebook Feed NID Create Asynchronous Sources WSU Identity Management Architecture 2004 Consumer Systems WSU Core Business Systems Design Concept Courtesy of Thomas J. Barton, University of Chicago

Secure UNIX Web Server Secure zOS/CICS Web Server myWSU Oracle Portal DCE Security Server DCE Authentication AD Security Server Kerberos or LDAP Authentication Active Directory Services zOS Data & Backend Apps or Other Data Sources Distributed Secure IIS Web Servers Online Learning Environments Distributed Data & Backend Apps Local SSO Oracle External Apps SSO Network Services User AD Domain SSO Local Domain SSO Local Domain SSO Local Domain SSO WSU Network ID Authentication and SSO Environment 2004 NID Active Directory Enabled Apps DCE rpc Direct Natural Attunity

WSU Enterprise Directory Services Source Systems MIIS Authentication, Authorization, Attribute and Group Services Metadirectory Services Person Registry ADABAS Portal Apps DB Portal OID UPS SunOne Active Directory Apps & Services Portal Feed NID Create Asynchronous Sources Core Business Systems WSU Identity Management Architecture 2007 Consumer Systems ADFS Azman Active Directory Feed Intelligence & Business Rules Design Concept Courtesy of Thomas J. Barton, University of Chicago

Active Directory Group Structure WSU Authorization Groups Application Groups Enterprise Groups Provisioned Groups Role Groups Employees Employees.Appointed Employees.Active Students Students.Admitted Students.Enrolled Term Groups 2007_sum 2007_fall 2008_spr

ITS Secure IIS.NET ADFS Web Servers myWSU Oracle Portal Online Learning Environments ADFS Authentication AD Security Server LDAP Authentication ADFS Enabled Apps (Potential) Distributed Secure IIS.NET ADFS Web Servers Distributed Data & Backend Apps Network Services User ADFS Federation SSO WSU Network ID Authentication and SSO Environment Internal Federation 2007 NID EntireX Connx WSU ADFS Federation Server EntireX Connx ADFS Federation SSO ADFS Federation SSO ADFS Federation SSO ADFS Federation SSO zOS Data & Backend Apps or Other Data Sources

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.