NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

Slides:



Advertisements
Similar presentations
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
Advertisements

1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.
Office of Information Technology Affiliates/Guests – Who are these people and how do we give them services? Copyright, Barbara Hope, University of Maryland,
SIU School of Medicine Identity Protection Act and Associated SIU Policy.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,
February 2006 copyright Michael Welch, Blinn College This work is the intellectual property of the author. Permission is granted for this material to be.
Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.
An Identity Management Vision for California Education A. Michael Berman, Cal Poly Pomona Mark Crase, CSU Office of the Chancellor Copyright A. Michael.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.
The Business of Identity Management Barry R. Ribbeck Director Systems Architecture & Infrastructure Rice University
Shibboleth and InCommon Copyright Texas A&M University This work is the intellectual property of the author. Permission is granted for this material.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.
Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.
LionShare Presented by Eric Ferrin, Sr Director, Digital Library Technologies Feb 3, 2004 Copyright Penn State University, This work is.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
Classroom Technologies Re-organization Copyright Kathy Bohnstedt, This work is the intellectual property of the author. Permission is granted for.
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Page 1 Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for.
The Influence of Intellectual Property Rights Over Distance Education Jonathan Alger University of Michigan April 17, 2002 Copyright Jonathan Alger, 2002.
Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
EDUCAUSE Midwest Regional March 24, 2003 Copyright Ann West This work is the intellectual property of the author. Permission is granted for this.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
Welcome to CAMP: Charting Your Authentication Roadmap Mike Grady Senior Technology Architect and Strategist Campus Information Technologies and Educational.
March 26, 2003The Navigo Project Hans C. Masing, The University of Michigan Lance D. Speelmon, Indiana University An IMS and OKI Compliant Open Source.
FEDERATIONS Clair Goldsmith, Ph.D., Associate Vice Chancellor and CIO September 27,
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
Copyright © 2003, The University of Texas at Austin. This work is the intellectual property of the author. Permission is granted for this material to be.
Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.
Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.
1 Effective Incident Response Presented by Greg Hedrick, Manager of Security Services Copyright Purdue University This work is the intellectual property.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
Legal Issues in the “E-Learning Business” Jonathan Alger University of Michigan October 29, 2001 Copyright Jonathan Alger This work is the intellectual.
Copyright Statement Copyright Robert J. Brentrup This work is the intellectual property of the author. Permission is granted for this material to.
Copyright © 2011 Rachel Fourny. This work is the intellectual property of Rachel Fourny. Permission is granted for this material to be shared for non-commercial,
Quickly Establishing A Workable IT Security Program EDUCAUSE Mid-Atlantic Regional Conference January 10-12, 2006 Copyright Robert E. Neale This.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
© Scottsdale Community College Leveraging the Power of E-Learning Taking your course to a higher level Presented by Sidne Tate Director, Instructional.
Resources to CAMP: Charting Your Authentication Roadmap.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
University of Southern California Identity and Access Management (IAM)
Tom Barton, Senior Director for Integration, University of Chicago
Federated Identity Management at Virginia Tech
Educause/Internet 2 Computer and Network Security Task Force
University of Texas System
John O’Keefe Director of Academic Technology & Network Services
Federating with NIH, NSF, and the National Student Clearinghouse
Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.
University of Southern California Identity and Access Management (IAM)
Project for OnLine Instructional Support (POLIS)
myIS.neu.edu – presentation screen shots accompany:
EDUCAUSE Networking 2002 Washington, D.C. April 17, 2002
Managing Enterprise Directories: Operational Issues
Presentation transcript:

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure Rice University Copyright Barry R Ribbeck 2005 This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

NMI-EDIT Key Points Institutions implementing identity management should consider how their local policies, processes, and technology deployments can be leveraged to participate in broader higher education federations. This session offers information about the UT federation, as well as participating campus policy structures, technology implementations, and caveats to automation. This session is sponsored by the NMI-EDIT Consortium of EDUCAUSE, Internet2, and SURA.

NMI-EDIT Events in Texas - UT Federation 16 Institutions under one governing board No legal issues (All under state OGC) Policy requirements  Identity Trusts  Attribute release and data exchange  Logging and appropriate use Current Use –  Inter Campus wireless access  Access to intercampus security information  Access to cross campus applications  Library resources

NMI-EDIT NMI-EDIT Extending the Reach Grant 2 goals  Outreach  Case Studies Small school identity management – UT Tyler HAM-TMC Library Shibboleth enable EZProxy UTHSC-Houston/Baylor CoM – resident evaluation Application Sharing

NMI-EDIT What we learned Polices need to be updated New procedures need to be outlined Common understanding needs to be in place for Identity Management Use Cases exists already – you need a champion to drive them to production using the federated model Good project management and cross institutional goal setting is required. Go for the easy wins - once the infrastructure is in place, others will quickly follow.

NMI-EDIT How to approach policies Leverage what is already in place  Most institutions that already have a use case don’t need to reinvent the wheel to create inter institutional policies and procedures. These already exist, they just need to extend the current policy or procedure to take into consideration elements added by electronic commerce.

NMI-EDIT Policies/Procedures – What should be there An understanding of each institutions methods for Identity Management Definitions of procedures for  How a valid user on campus is defined?  How user accounts are managed?  Agreement on how attributes will be populated (eduPerson)  How each institutions manage guest accounts?

NMI-EDIT Some Hints for Identity management Allow source systems to define user relationship with the institution  Rules are transitive across systems  Procedures already exists  Vetting processes may need some tweaking  Involve source system managers in the process

NMI-EDIT Security and Privacy What about privacy after the attribute exchange? Require an inter institutional acceptable use policy ? – maybe, it depends! How is the meta-data collected, protected by the Resource Provider? What about cross institutional members – people who are already have identity defined at both institutions?

NMI-EDIT Post encounter procedures – Application Provider How are systems de-provisioned? What happens to the data from previous encounters? What document retention requirements exist? How long is log data maintained? Are there opt out procedures?

NMI-EDIT Technology - Shibboleth does a great job at attribute exchange – what about authentication LOA? Error diagnostics – better Changing the way we work do support. Private attribute extensions? How are people identified when they really need to be identified, is eppn sufficient?

NMI-EDIT Identity Management – TRUST Foundations Summary We need to know who OUR people are before we can allow others to trust us. We need automation to enhance account management and make our process trustworthy We need accurate data from source systems in order to trust federated authorization decisions. We need to know that when a person leaves an institution that we trust, that they no longer have access to our systems.

NMI-EDIT Where do we start? - Sharing NMI-EDIT – Directory Roadmap NMI-EDIT – Authentication Roadmap Educause – Policies and Security Internet 2 – Shibboleth and Security task Force

NMI-EDIT and Rice University Contact Information Barry Ribbeck

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.