FSU Metadirectory Project The Issue of Identity Management Executive Overview

Slides:



Advertisements
Similar presentations
Creating CSUIDs for Associates Eric Galyon ACNS
Advertisements

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
 Physical Logical Access  Physical and Logical Access  Total SSO and Password Automation  Disk/Data Encryption  Centralized management system  Biometric.
Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.
Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida.
FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University
Protecting Identities at FSU Principles of SSN replacement Jeff Bauer Florida State University
STREAMLINING DATA INPUT FOR HRMS USING ROBOT Session Number 1027 presented by Sandra Hurlburt and Alice Pelkman.
Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:
Copyright © 2008 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Andrew Stone Common Security.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
UPortal.Cornell Using uPortal to integrate disparate campus systems Jon Atherton, Cornell Information Technologies
Middleware & Enterprise Services at College Park David Henry Office of Information Technology November 16, 2001.
Integrating Oracle Collaboration Suite into the Identity Management Infrastructure Dan Malone Cal Poly, San Luis Obispo Integrating.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Peter Deutsch Director, I&IT Systems July 12, 2005
Technology Steering Group January 31, 2007 SHU Summer 2008 Technology Upgrades Presented to the College of Arts and Science Chairs April 8, 2008.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
KEAS K-State Enterprise Authentication System CITAC April 26, 2002.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Identity and Access Management
© 2015 albert-learning.com Human Resource Management System HUMAN RESOURCE MANAGEMENT SYSTEM.
PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security
Account Management, The Next Generation Unified Directories at the Rochester Institute of Technology Dan Tobin Matt Campbell.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
Page 1 CITS Active Directory Implementation UMass Dartmouth.
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Overview of Access and Information Protection
FSU’s Portal Project Secure Applications in Blackboard Jeff Bauer Office of Technology Integration 5/24/2005.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
Coppin State University Integration Strategies for PeopleSoft Enterprise Portal June 7, 2006 at 10:45 AM Portal 2006 Conference Gettysburg, PA.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Office of Technology Integration Information Services – Application Development IS programmers use a variety of environments, most with at least a “development”,
Uniting Cultures, Technology & Applications A Case Study University of New Hampshire.
ITS NCID Next Generation (NG) Project Overview February 24, 2010.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
Implementing Identity Management, Provisioning, and LDAP Authentication for PeopleSoft June 8, 2007 USM Conference Coppin State University.
PostalOne! / FAST Data Exchange - Vision 02/15/05.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
GatorLink Password Management Policy March 31, 2004.
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
FSUID & AD Integration Partnering with the College of Human Sciences Jeff Bauer, AIS
Erie 1 BOCES / WNYRIC eBOCES applications Visit us at:
Migrating to Kerberos 5 Steve Devine Manager, Storage Systems Academic Computing and Network Services Michigan State University.
FSU’s Portal Project Secure Login in Blackboard Jeff Bauer Office of Technology Integration 4/26/2005.
Password? CLASP Project FOCUS Meeting, 12 October 2000 Denise Heagerty, IT/IS.
FSU Metadirectory Project The Issue of Identity Management Executive Overview.
Securing Sensitive Information Data Security Dashboards often contain the most important data in the company Securing that information makes business.
Office of Technology Integration Mission The mission of the Florida State University Office of Technology Integration (OTI)
Information Technology Current Work in System Architecture January 2004 Tom Board Director, NUIT Information Systems Architecture.
Campus Experience: Pubcookie University of Alabama at Birmingham Academic Computing Zach Garner.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
FROM MIT KERBEROS TO MICROSOFT ACTIVE DIRECTORY The Pennsylvania State University’s move from a lower case MIT Kerberos realm to a Standard Microsoft Active.
Portal Services & Credentials at UT Austin CAMP Identity and Access Management Integration Workshop June 27, 2005.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
RAPT RFID based Asset and Personnel Tracker Team 24.
Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.
Education Solution.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Success with Collaboration Software
Presentation transcript:

FSU Metadirectory Project The Issue of Identity Management Executive Overview

The Problems 1.Individuals have to remember too many different names and passwords to access our systems 2.We have too many electronic directories 3.Many of our systems (electronic and in- person) still rely on asking an individual for their Social Security Number as a method for authentication

The SSN Problem SSN is used as a method for authenticating students and employees via web and in-person challenges Mandates to protect SSN abound SSN is still required for certain business processes (HR, external identity of students, etc.)

The SSN Problem Some progress towards downplaying SSN use has been implemented: –Modify certain systems to use phrases like “student number” or “employee ID” –SSNs have been removed when not absolutely necessary for various reports –PeopleSoft only uses SSNs as required for business purposes and not as an identity challenge

The Proposal This proposal is an attempt to define identity terms and solve the SSN/multiple identity problem Proposal: –FSUID = new public “login name”/password –FSUSN = new “SSN-like” private number –Metadirectory will manage this information

The Identity Problem C.A.R.S. (”ldap1”) –All students, faculty & staff plus visitors –Tied into automated systems on campus, such as FSUCard, HRMS, etc. –Used for authorizing “garnet/mailer” servers, dialup service

The Identity Problem C.A.R.S. (”ldap1”) –Blackboard authentication

The Identity Problem O.P.S. (Secure Login; ”ldap2”) –All students, faculty & staff plus visitors –Tied into automated systems on campus, such as FSUCard, HRMS, etc. –Used for authorizing many administrative applications (many, but not all of which, will be initially replaced by PeopleSoft functionality)

The Identity Problem Web registration for classes (SSN)

The Identity Problem Administrative –Managed in the enterprise “FSU” Microsoft Active Directory (Outlook users) –Semi-manual account management –Mostly used by some ~6,000 administrative employees

The Identity Problem Netware Account –Provides file service –Managed by User Services in OTI –Manual account management –Mostly used by some ~6,000 administrative employees

The Identity Problem PeopleSoft Account(s) –Many instances exist –Driving the need for a common directory

The Identity Management Solution The metadirectory provides us with the technology and flexibility to merge our different electronic identities We will convert to using one FSU Identity; one “FSUID”, with one password (this is known in the business as “Single Signon”) Our users will be able to log into our current systems and especially the new PeopleSoft instances using one common name and password

The FSU Metadirectory

Metadirectory and SSN The metadirectory also provides a great framework for migrating away from using SSN as a “private authentication number” We will generate a new private number (call it your “FSUSN”), that can be used to authenticate people

Metadirectory Project Resources Integrated with ERP project planning Required technology infrastructure is integrated with ERP and OTI infrastructures Security and reliability are utmost concerns Joint effort with OTI (ACNS, AIS, US, IRM), ERP, Registrar/Admissions and ODDL personnel actively participating

Metadirectory Project Timeframe Scheduled to have LDAP1/LDAP2/AD/PS Metadirectory in production by mid-March and available for PeopleSoft authentication Deepter PS integration by HR “go-live” Full CARS/Secure Login/Active Directory/Novell integration by July of 2005 Complete conversion from SSN to FSUSN by January of 2006 Track project at

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.