USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.

Slides:

Advertisements

Similar presentations

Secure Videoconferencing Jill Gemmill, UAB. Room for Improvement… Videoconferencing applications today No resource discovery – need to already know address.

Advertisements

Experiences in Middleware Deployment: Teach a man to fish… Mary Fran Yafchak NMI Integration Testbed Manager SURA IT Program Coordinator.

Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.

Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.

Planning: Project Readiness and Costs Mike Conlon Director of Data Infrastructure University of Florida Copyright Michael Conlon, This work is the.

Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.

Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida.

FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University

1 Collaborators at the Gates of Troy: Extending eServices at USC.

A.Vandenberg August 7, 2001 HE PKI Summit State of Georgia and PKI Art Vandenberg Director, Advanced Campus Services Information Systems & Technology.

Active Directory: Final Solution to Enterprise System Integration

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

Understanding Active Directory

Presented by: Mark Hendricks

UPortal.Cornell Using uPortal to integrate disparate campus systems Jon Atherton, Cornell Information Technologies

June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

KEAS K-State Enterprise Authentication System CITAC April 26, 2002.

GatorAid: Identity Management at the University of Florida Mike Conlon Director of Data Infrastructure

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

Active Directory at the University of Michigan Data Population and Kerberos Interoperability MaryBeth Stuenkel LAN/NOS/Groupware Services.

Campus Management Portal and Online Higher Education Cardean Learning Group.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Georgia State University Case.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Get Started With Marketing!. Marketing on Your Mind?  This presentation will include: Info for New and Experienced Users Ideas for marketing to Students.

The UF Directory Project Project Leader: Warren Curry, Information Systems Project Project Web Site:

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.

Final Steps in the NMI Integration Testbed Program Mary Fran Yafchak SURA IT Program Coordinator NMI Integration Testbed Manager

U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.

Windows 2000 Operating System -- Active Directory Service COSC 516 Yuan YAO 08/29/2000.

GatorLink Password Management Policy March 31, 2004.

Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.

U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.

Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers

UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

Capture the Movement: Banner 7.0 and Beyond Susan LaCour, Senior Vice President, Solutions Development California Community Colleges Banner Group.

PubCookie Strategy and Tactics Mike Conlon Director of Data Infrastructure University of Florida.

The Blade Server decision at the University of Florida September 19, 2005 FAEDS 2005 Conference Palm Harbor, Florida.

Erie 1 BOCES / WNYRIC eBOCES applications Visit us at:

Identity and Access Management Roadmap Presentations for Committee on Technology and Architecture March 21, 2012 Amy Day, MBA Director of GME IAM Committee.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.

Integrating the Healthcare Enterprise Personnel White Pages Profile Name of Presenter IHE affiliation.

FSU Metadirectory Project The Issue of Identity Management Executive Overview.

FSU Metadirectory Project The Issue of Identity Management Executive Overview

Campus Experience: Pubcookie University of Alabama at Birmingham Academic Computing Zach Garner.

Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.

Planning the Portal Project Overview of the Plan Presentation to ALL-IT-Managers April 3, 2002 Gould Auditorium.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

NMI Integration Testbed Mary Fran Yafchak NMI Integration Testbed Manager Southeastern Universities Research Association

2-Oct-0101 October 2001 Directories as Middleware Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect.

WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.

Internet2 Spring Meeting, Washington DC April NMI R2 Directory Services Components Overview Art Vandenberg Director, Advanced Campus Services Information.

Integrating the Healthcare Enterprise Title of Presentation Name of Presenter IHE affiliation.

Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.

NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.

University of Southern California Identity and Access Management (IAM)

Printing (Net-Print) Joanne Button August 23rd 2016.

ESA Single Sign On (SSO) and Federated Identity Management

University of Southern California Identity and Access Management (IAM)

Miami-Dade County Public Schools

Identity Management at the University of Florida

UF Directory Coordinator Training

Presentation transcript:

USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI components upon release Real life contexts - research projects, enterprise applications and infrastructure ? future expansion UAB UAH UFL FSU GSU UMich TACC UVA Sites NMI Integration Testbed (USC) DEVELOPERSSUPPORTERSCONTRIBUTORS

NMI Components Take on New Meaning Mike Conlon, Ph.D. Director of Data Infrastructure

NMI Components GlobusCondor-GNWSKX.509 GSI OpenSSHMyProxyMPICH-G2Grid Packaging Grid ConfigCPMLookOpenSAML PERMISPubCookieSibbolethLDAP Analyzer Cert Profile Registry eduPersoneduOrgcommObject Practice in Groups LDAP RecipeMetadirectory Best Practices Enterprise Impl Roadmap HEPKIPKI-Lite

NMI Components At UF GlobusCondor-GNWSKX.509 GSI OpenSSHMyProxyMPICH-G2Grid Packaging Grid ConfigCPMLookOpenSAML PERMISPubCookieSibbolethLDAP Analyzer Cert Profile Registry eduPersoneduOrgcommObject Practice in Groups LDAP RecipeMetadirectory Best Practices Enterprise Impl Roadmap HEPKIPKI-Lite

One Slide About UF  49,000 students in Gainesville Fl  Freshman class: 3.92 GPA, 1300 SAT  $1.8 Billion annual budget, $450 million in research -- growing at 12% per year. Health Sciences – 52% of research.  140 academic departments in 23 colleges  Land grant – extension in all 67 counties.  The Gators, Lady Gators, GatorAde

One Slide About UF Technology  500 IT professionals across campus  Very decentralized  Over 300 servers  30,000 devices on the open network  AD, NDS, iPlanet, OpenLDAP, Kerberos  Recent Directory Project  Current PeopleSoft implementation

Using the Components  Conventions and Best Practices Metadirectory Practices Enterprise Directory Roadmap Practices in Groups  Schema eduPerson eduOrg commObject

MetaDirectory Practices  Concepts of identity management Single Sign-On Security Provisioning Deactivate Attribute Use Identity resolution Identifers

UF Directory Project  Start planning August 2000  Finish report September 2001  Begin implementation October 2001  Deploy new directory January 23, 2003  ry ry

Directory Project Deliverables  New Registry  New LDAP schema (eduPerson, eduOrg)  New IDs – UFID and UUID tied to GatorLink  50,000 new Gator One cards  1,500 applications modified  New self-service apps  New directory coordinator apps  New APIs for directory-enabling business processes

UF Directory – Architecture

Identifiers  GatorLink – public username, address single sign-on. Revocable.  UFID. Eight digit random number assigned by UF. nnnn-nnnn. Used where SSN was used previously. Protected. Revocable, opaque.  UUID (GUID) “NDC”. Opaque, non- revocable. Not used outside central systems.

Enterprise Directory Implementation Road Map  Parallel Tracks for Technical Work and Functional work  Value proposition – why do this (UF spent $4.7 million). Selling “position” or future capability is tough. What can we actually do? Why is it better than what we have?  Use vignettes  Under promise, over deliver

A Vignette Bill is a physician faculty member in the College of Medicine. He and/or his department administrator can update his contact information using a web page. This information automatically populates/updates the personnel system, the Shands Communications system (CHRIS), the Shands HealthCare on-line directory of physicians, Bill’s entry in Netware Directory Services, Active Directory, the on-line phone book, the UF enterprise directory database, and the UF LDAP directory. People using programs and their address books always automatically access Bill’s current address. UF business processes have access to Bill’s current information. Bill’s information is updated once and is used and accessed consistently across the enterprise.

Functional Issues  Who can update data?  Who can replicate data?  Who resolves conflicting values?  Who owns data?  Who can access data?  What business processes are supported? What processes are not supported?

Recent Projects  LDAP infrastructure improvements  Library authorization via directory  VPN access via directory  UF Web Portal uses LDAP and LDAP groups  UF Housing Icarus system  Active Directory Provisioning

LDAP Groups  Practices in Groups  Currently using groups for Portal  Considering groups for  Considering groups for role information

Current Projects  LDAP infrastructure improvements v2  Help Desk integration  Authorization management  Active Directory Provisioning  commObject for video, VOIP  PubCookie  Location management  Password management

Rethinking Directory Services  Metadirectory Practices Identity management, identifier strategy  Enterpise Directory Road Map Functional issues dominate  Practices in Groups Second phase issues for improving services