Federated Identity in Texas Paul Caskey The University of Texas System HEAnet National Conference Kilkenny, Ireland 13 November 2008.

Slides:

Advertisements

Similar presentations

Board Governance: A Key to Quality Organizations

Advertisements

GIS Executive Council and Advisory Committee Update November 2010.

Gaining Senior Leadership Support for Continuity of Operations

Strategic Plan Wappingers Central School District.

Paul Caskey Technology Architect June 21, 2007 The University of Texas System Federated Identity Management Initiative

1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.

Standard 13 Related Educational Activities Robert K. Clark Cumberland County College Vineland, NJ.

Advancing Our Profession INTRODUCTION Why Does It Matter?

BILL GATES’ CONTRIBUTION IN SKILL DEVELOPMENT

Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

The Business of Identity Management Barry R. Ribbeck Director Systems Architecture & Infrastructure Rice University

Application Security Management Functional Project Manager (s) ERP Project Director ERP Campus Executive University & Campus Administration Security Policy.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Federated Identity Management: Is The State of Texas Ready? Paul Caskey The University of Texas System System-wide Information Services TASSCC 2008 August.

State of Information Technology Presentation for Faculty Council November 14, 2013 Mike Carlin Vice Chancellor for IT and CIO.

Client Logo November 2006 GMLoB Pilot Experience and Lessons Learned Grants Applications Status Pilot National Science Foundation (NSF) USDA/Cooperative.

To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s.

Developing an Effective Ethics Program.  The responsibility of the corporation as a moral agent  The need for organizational ethics programs  An effective.

The InCommon Federation The U.S. Access and Identity Management Federation

Interfederation RL “Bob” Morgan University of Washington and Internet2 Digital ID World 2005 San Francisco.

NALHFA Conference, Austin, TX April 26, 2012 Mark Ulfers, Executive Director Dakota County Community Development Agency

CONNECTING SCIENCE TO DECISIONMAKING ON CLIMATE CHANGE David Blockstein, Ph.D., Senior Scientist, NCSE Executive Secretary Council of Environmental Deans.

Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.

ADFS in the U.T. System U.S. Federations Call - May 18, 2011 Paul Caskey System-wide Information Services.

Prepared for IAC Scott Baily, Interim Director of ACNS August 13, 2008.

Federations 101: The U.T. System Identity Management Federation Internet2 Member Meeting Fall 2006 Paul Caskey.

Marketing Sakai – Partie Deux Developing and Sharing Case Studies Mike Zackrison – rSmart Lois Brooks – Stanford University July 3, 2008.

Advancing Cooperative Conservation. 4C’s Team An interagency effort established in early 2003 by Department of the Interior Secretary Gale Norton Advance.

Crosswalk of Public Health Accreditation and the Public Health Code of Ethics Highlighted items relate to the Water Supply case studied discussed in the.

Advancing Our Profession INTRODUCTION Why Does It Matter?

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

AdvancED TM External Review Exit Report Polk Pre-Collegiate Academy April 16– 17, 2014.

Safeguarding Research Data Policy and Implementation Challenges Miguel Soldi February 24, 2006 THE UNIVERSITY OF TEXAS SYSTEM.

Integrated Institutional Identity Infrastructure: Implications and Impacts RL “Bob” Morgan University of Washington Internet2 Member Meeting, May 2005.

Thinking about Change Levels 1, 2, & 3 © Support Development Associates1.

1 CollegeKeys Compact: An Action Plan to Remove Barriers to College Access for Students from Low-Income Backgrounds Massachusetts Association of Student.

The International GNSS Service (IGS), June 2008: Perspectives and Key Issues John M. Dow Chair, IGS Governing Board.

Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009.

ANNOOR ISLAMIC SCHOOL AdvancEd Survey PURPOSE AND DIRECTION.

Title IV Administration is a Team Sport

Global Geospatial Information Management (GGIM) A UN-DESA Initiative in collaboration with Cartographic Section, DFS Stefan Schweinfest UNSD.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

Loudon County Schools External Review Exit Report February 19-21, 2013.

Federations: The New Infrastructure Speaker Name Here Date Here Speaker Name Here Date Here.

Overview of UN Initiative on Global Geospatial Information Management (GGIM) What, How and Why? Critical Issues Past Activities Present Status Future Plan.

Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.

VA Central IRB K. Lynn Cates, MD Assistant Chief Research & Development Officer Office of Research & Development Department of Veterans Affairs September.

Introduction to Shibboleth Attribute Delivery for Campuses New to Shibboleth Paul Caskey The University of Texas System.

Social Innovation and Self Directed Support (Dundee) Mark Han-Johnston 4 th February 2016.

The Federal Telework Program U.S. Office of Personnel Management.

“Crossroads Under Construction” - A Collaborative Approach Toward Designing an International Student Orientation Program - Presented by Philip Coleman-Hull,

INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.

Authentication and Authorisation for Research and Collaboration Heiko Hütter, Martin Haase, Peter Gietz, David Groep AARC 3 rd.

Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.

NREN CEO Forum Update: Global Services Joint Project by Eight NRENs to Exchange Cloud Services at Scale.

Security in Research Computing John Sandefur UAB Comprehensive Cancer Center John-Paul Robinson UAB Research Computing.

Law Enforcement Information Sharing Program (LEISP) Federated Identity Management Pilot February 27, 2006.

University of Texas System

A Business Case for Identity Management in Higher Education

U.T. System Federated Identity Management Update

Overview of The U.T. System Identity Management Federation

November AUL Open House

Presentation transcript:

Federated Identity in Texas Paul Caskey The University of Texas System HEAnet National Conference Kilkenny, Ireland 13 November 2008

Background What is the University of Texas (U.T.) System? –9 academic, 6 medical, 1 administration –190,000 students / 80,000 employees –1100 km apart geographically, but traditionally much further apart in terms of culture and sharing of resources What is LEARN? –L onestar E ducation A nd R esearch N etwork (Texas RON) –Participants come from public/private universities, community colleges, primary education (K-12), and service providers –33 Institutions as tier 1 members, many more at the lower tiers –A major part of their mission is promoting collaboration in Texas

Background (continued) Two federations in one state? –Different missions –Different populations –Shared goal of increasing collaboration across the state –Could “evolve” to support eGovernment in Texas as well (currently, there is no state-sponsored initiative to develop federation) –Interfederation is the key to achieving the goals

The U.T. System Federation Collaboration is a key goal. It all started with a “statement of direction” from our leaders and a small seed grant from the federal government Why our own federation (rather than InCommon, etc)? –We know our campuses best / clear administrative boundary –Level and elevate the overall strength of identity management policy, practice, and technology –Ensure that no campus is left behind –Direct control over policies and directions –Most of our initial apps were just for our campuses Current Status –Officially in production since 1 Sept 2006 –~40 applications (administrative, academic, medical, security, and collaborative apps, but no content sharing) –3 external vendors

The LEARN Federation Again, collaboration is a key goal Builds on the infrastructure and personal relationships already built with LEARN members Why a separate federation (from InCommon, UT)? –LEARN maintains a close relationship with its members –Help smaller campuses participate, including community colleges and K-12 as well –Can also include other entities as needed, including governmental agencies Current Status –In pilot operations since July 2008 –Initial draft of policies complete and pending approval –2 apps, with several more being implemented in the next 6 months

Lessons Learned (so far) Policy work is slow, but critical to establish an environment in which trust can develop. It’s important to address the support needs that grow out of a federated environment (federate the support too). Federated authorization is challenging and takes lots of time and effort (AppAdmin workflow app) – training and executive support are the keys. Interfederation policy work is worse than establishing policies for our own federation since these policies span administrative and governmental / legal boundaries. Everyone wants to build a house, but nobody wants to do housekeeping!

What benefits have we observed from our federation? User satisfaction –Fewer passwords to remember, increases the value of their campus credential Local autonomy –Supports differing technologies, policies, and business processes Increased security –No application-based loosely-coupled identities –More granular authorization Lower costs –Applications don’t have to develop and manage separate identities for their users Support secure collaboration across the world just as easily as across the state (well, almost) –SAML is a mature global standard

The future? More apps! –Vendors –eGovernment –Increased external collaborations Interfederation / peering –LEARN –InCommon –Others? (caBIG, etc) Compliance / verification –Standardized audit plan Improved authorization capabilities Policy revisions