Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gudrun Buchholz Dr. Christoph Wall electronic Administration and Services Therefore IAM Identity and Access Freie Universität Berlin.

Published byCaroline Senter Modified over 9 years ago

Similar presentations

Presentation on theme: "Gudrun Buchholz Dr. Christoph Wall electronic Administration and Services Therefore IAM Identity and Access Freie Universität Berlin."— Presentation transcript:

1 Gudrun Buchholz Dr. Christoph Wall electronic Administration and Services Therefore IAM Identity and Access Management @ Freie Universität Berlin

2 2 1637 International HERUG 2014, IAM @ FU Berlin

3 3 2014 International HERUG 2014, IAM @ FU Berlin

4 4 More typical in administrative environments: International HERUG 2014, IAM @ FU Berlin I have a contract, therefore I am

5 5 Proof of Identity International HERUG 2014, IAM @ FU Berlin

6 6 Now after I made sure that I am … …I need to determine who or what I am.

7 7 Characteristics of Identity International HERUG 2014, IAM @ FU Berlin

8 8 Theoretical Groundwork "Every thing is what it is, and not another thing." Fifteen Sermons Preached at the Rolls Chapel (1726) Joseph Butler (1692–1752) English Bishop and Philosopher

9 9 More typical in administrative environments: International HERUG 2014, IAM @ FU Berlin Characteristics of identity are determined by roles

10 10 Why would anybody in IT care? International HERUG 2014, IAM @ FU Berlin

11 11 International HERUG 2014, IAM @ FU Berlin

12 12 International HERUG 2014, IAM @ FU Berlin The Confederation of independent Systems @ FU Berlin HR FI SLcM SAP Web HIS Publikations DB MyVV Profil DB Black- board FU Portal eSA Intranet Helpline Aleph IT-V DB SBK VoIP oRA BSCW

13 13 International HERUG 2014, IAM @ FU Berlin Independent Systems @ FUB HR FI SLcM SAP Web HIS Publikations DB MyVV Profil DB Black- board FU Portal eSA Intranet Helpline Aleph IT-V DB SBK VoIP oRA BSCW Lack of transparency of system access - No central documentation of users and authorizations Lack of IT-Security - No conclusice centrally administered deactivation of retired staff Lack of efficiency - User administration needed in every individual system

14 14 Integration as central task of IT in HER „For a long time increase of efficiency was attained by casting processes hitherto unsupported by IT into hard- and software based systems without much change to the process in question. Today the focus lies on cross-linking and integration. Thus integrated information management has become the central task for planning and deployment of modern information technology at Universities.“ „Informationsverarbeitung an Hochschulen“ Empfehlungen der Kommission für IT-Infrastruktur für 2011 – 2015 Deutsche Forschungsgemeinschaft DFG (my translation, chw) International HERUG 2014, IAM @ FU Berlin

15 15 FUDIS FU Directory Service SAP Web FI HR SLcM HIS Publikations DB MyVV Profil DB FU Portal SBK Aleph Intranet Black- board oRA eSA Helpline IT-V DB VoIP BSCW 1st step of Integration: Identity Management International HERUG 2014, IAM @ FU Berlin

16 16 Onboarding & Authorization (legacy architecture) International HERUG 2014, IAM @ FU Berlin CUASLcM HIS HR FUDIS (FU Account) Students Employees Business Partner Student User User Ext. Teachers User Personnel Data FI User SAP Web User Teachers Employees Students Departments Authoriz. Authoriz SAP Admininstration Personnel Data Identity Data Authorization Data

17 17 Black- board SOS ZUL Aleph Org.Man. oRA BIOS CLAKS Info- DB oBi iLV SLcM HCM PSM CO FI Server and Storage Internet Services FUDIS Networks Mail ISIS Integriertes Steuerungs Informationssystem CMS CAFM Wikis, Blogs Extension of SAP Footprint SAP basiert FUDIS / IdM Systeme für Lehre und Forschung: Info-DBs: - Forschungsdatenbank - Profildatenbank - Publikationsdatenbak oBi: online Bibliothekssysteme Aleph: Bibliotheksverwaltung iLV: Lehr- und Raumplanung SLcM: Prüfungsverwaltung SOS: Studentenadministration ZUL: Zulassungsverwaltung Blackboard: e-learning Plattform CMS: FU Webauftritt Verwaltungssysteme: CO: Controlling HCM: Personalsystem (Abrechnung) Org. Man.: Organisations Management (HCM plus Grafiksystem) oRA: online Rechnungs- und Auskunftssystem FI: Finanzbuchhaltung PSM: Public Sector Management BIOS: elektr. Warenkorb CLAKS: Gefahrstoff Kataster mit Chemikalien-Bestellung CAFM: Facility Management Ablösung durch SAP

18 18 Consequences of pervasive SAP Use: International HERUG 2014, IAM @ FU Berlin We never saw users in such numbers

19 19 Increase of Student Users with SLcM Roll Out International HERUG 2014, IAM @ FU Berlin

20 20 Increase of staff and teachers as SAP users International HERUG 2014, IAM @ FU Berlin

21 21 Challange: External Teachers not documented in HR International HERUG 2014, IAM @ FU Berlin

22 22 Onboarding & Authorization (legacy architecture) International HERUG 2014, IAM @ FU Berlin CUASLcM HIS HR FUDIS (FU Account) Students Employees Business Partner Student User User Ext. Teachers User Personnel Data FI User SAP Web User Teachers Employees Students Departments SAP Admininstration Personnel Data Identity Data Authorization Data Authoriz. Authoriz

23 23 IT: „Something has to be done !“ International HERUG 2014, IAM @ FU Berlin

24 24 Implementation of new Identity and Access Management Top 1: New Onboarding Architecture (Proof of Identity) International HERUG 2014, IAM @ FU Berlin

25 25 Proof of Identity at Universities International HERUG 2014, IAM @ FU Berlin Gudrun

26 26 The of External Teachers International HERUG 2014, IAM @ FU Berlin

27 27 The of External Teachers International HERUG 2014, IAM @ FU Berlin Elections Masterdata Course Planning Capacity Planning

28 28 2011 – 2013 Reimplementation of Academics Dataflow International HERUG 2014, IAM @ FU Berlin  Improvement of data quality  Avoiding of duplicates  Reduction of user accounts to the needed number

29 29 Distributed Master Data Management (legacy architecture) International HERUG 2014, IAM @ FU Berlin User SLcM Teacher Data HCM User Personnel Data User Evento Teacher Data Ext. Teachers FUDIS (FU Account) Academic Employees FacultiesCentral HR

30 30 International HERUG 2014, IAM @ FU Berlin Gudrun

31 31 Masterdata where? International HERUG 2014, IAM @ FU Berlin EVENTO HCM SLcM FUDIS CRM

32 32 Masterdata who? International HERUG 2014, IAM @ FU Berlin Central HR Dept Faculties

33 33 Improvement of data quality International HERUG 2014, IAM @ FU Berlin FUDIS FU Account Ext. Teachers HCM Academic Employees Central HR Faculties Web Dynpro

34 34 International HERUG 2014, IAM @ FU Berlin

35 35 International HERUG 2014, IAM @ FU Berlin Teaching

36 36 International HERUG 2014, IAM @ FU Berlin Teaching Employed Non Academics Employed Academics External Teachers Associate Professors

37 37 International HERUG 2014, IAM @ FU Berlin Employed Academics External Teachers Associate Professors

38 38 The Introduction of the Central Person International HERUG 2014, IAM @ FU Berlin Central Person # 1 HCM Person # 2HCM Person # 3HCM Person # 1 Marcus Miller External Teacher Marcus Miller Employed Academic Marcus Miller Associate Professor

39 39 Initial Master Data Migration FUDIS => HCM International HERUG 2014, IAM @ FU Berlin FUDIS 9300 Teacher-Ids 2300 Ext. Teachers HCM 2400 Inactive Teacher-IDs 3100 (Academic) Employees 1500 Both: Employees and Ext.Teachers

40 40 Avoiding of Duplicates International HERUG 2014, IAM @ FU Berlin FUDIS FU Account Ext. Teachers HCM Academic Employees Central HR Faculties Central Person Duplicate Check User SLcM Teacher Data User Evento Teacher Data

41 41 Active Teachers? International HERUG 2014, IAM @ FU Berlin Employed Academics Teaching Contract Period of the contract External Teachers Teaching contract for single courses Semester Ext. Teachers HCM List of courses per semester Academic Employees Hire Fire Dates Who?Why?When?How?

42 42 Reduction of user accounts to the needed number International HERUG 2014, IAM @ FU Berlin Ext. Teachers: 2300 HCM 2400 Inactive Teacher-Ids (Academic) Employees: 3100 Both: 1500 Activity Control 3700 Ext. Teachers: 800 HCM Academic Employees: 2400 (Teaching) Employees: 500 April 2013: 6900 April 2014:

43 43 A Matter of Perspective International HERUG 2014, IAM @ FU Berlin I‘m going to teach soon, therefore I am I‘m going to teach soon, therefore I am I still need to grade, therefore I am I still need to grade, therefore I am

44 44 Masterdata where? International HERUG 2014, IAM @ FU Berlin EVENTO HCM SLcM FUDIS CRM Was the decision for HCM a good one?

45 45 Activity Matrix International HERUG 2014, IAM @ FU Berlin Interface toGroupBefore Course After Course After hired in HCM After fired in HCM SLcM Employed (Academics) 3 month7 month Associate Professors 7 month External Teachers 6 month7 month Academic Supervisors 12 month Evento Employed (Academics) 3 month External Teachers 6 month7 month IDM Employed (Academics) 7 month Associate Professors 7 month External Teachers 6 month7 month Academic Supervisors 12 month HCM has to define and provide the acticity period of the teachers for other systems. It offers no standard functionality for this. The function that computes the activity of a teacher has to be implemented in all the reporting, the web dynpros for teachers, the interfaces and the query tools.

46 46 Structured Information about Teachers for IDM International HERUG 2014, IAM @ FU Berlin

47 47 Implementation of new Identity and Access Management Top 2: Introduction of Roles (Characteristics of Identity) International HERUG 2014, IAM @ FU Berlin

48 48 Authorization before … Authorization International HERUG 2014, IAM @ FU Berlin

49 49 Introduction of Roles Authorization International HERUG 2014, IAM @ FU Berlin

50 50 Introduction of Roles Authorization Group 1Group 2Group 3 International HERUG 2014, IAM @ FU Berlin

51 51 Introduction of Roles Group 1Group 2Group 3Business Role 1Business Role 2Business Role 3 International HERUG 2014, IAM @ FU Berlin

52 52 Role Approval Workflow AuthorizationUserApplicant IdM Key User ok Application International HERUG 2014, IAM @ FU Berlin

53 53 Did it help ? International HERUG 2014, IAM @ FU Berlin

54 54 Identity Management at work: International HERUG 2014, IAM @ FU Berlin

55 Gudrun Buchholz Dr. Christoph Wall electronic Administration and Services Strategic Goals reached with the new IAM  Information online available about who has which rights in what system since when and awarded by whom Comprehensive offer of information  Web based role request and provisioning Mobile Information  Trans-departmental process of onboarding with single point of entry for information Smarte Processes  Automated process of user deactivation upon end of employee status Secure data  No more fees for licenses for inactive users Sustainable use of ressources International HERUG 2014, IAM @ FU Berlin

56 56 International HERUG 2014, IAM @ FU Berlin Dr. Christoph Wall Director administrative IT-Services Boltzmannstraße 18 14195 Berlin Germany Tel: +49 30 838 58000 Web: www.fu-berlin.de/easwww.fu-berlin.de/eas Gudrun Buchholz Team Lead HCM-Services Boltzmannstraße 18 14195 Berlin Germany Tel: +49 30 838 54764 Web: www.fu-berlin.de/easwww.fu-berlin.de/eas

Download ppt "Gudrun Buchholz Dr. Christoph Wall electronic Administration and Services Therefore IAM Identity and Access Freie Universität Berlin."

Similar presentations

Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.

Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.
Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.

Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.
Repaso: Unidad 2 Lección 2

Repaso: Unidad 2 Lección 2
Symantec 2010 Windows 7 Migration Global Results.

Symantec 2010 Windows 7 Migration Global Results.
1 A B C 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52.

1 A B C
Scenario: EOT/EOT-R/COT Resident admitted March 10th Admitted for PT and OT following knee replacement for patient with CHF, COPD, shortness of breath.

Scenario: EOT/EOT-R/COT Resident admitted March 10th Admitted for PT and OT following knee replacement for patient with CHF, COPD, shortness of breath.
3rd Annual Plex/2E Worldwide Users Conference 13A Batch Processing in 2E Jeffrey A. Welsh, STAR BASE Consulting, Inc. September 20, 2007.

3rd Annual Plex/2E Worldwide Users Conference 13A Batch Processing in 2E Jeffrey A. Welsh, STAR BASE Consulting, Inc. September 20, 2007.
AP STUDY SESSION 2.

AP STUDY SESSION 2.
1

1
Select from the most commonly used minutes below.

Select from the most commonly used minutes below.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Author: Julia Richards and R. Scott Hawley

Author: Julia Richards and R. Scott Hawley
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
September 2013 ASTM Officers Training Workshop September 2013 ASTM Officers Training Workshop ASTM Member Website Tools September 2013 ASTM Officers Training.

September 2013 ASTM Officers Training Workshop September 2013 ASTM Officers Training Workshop ASTM Member Website Tools September 2013 ASTM Officers Training.
David Burdett May 11, 2004 Package Binding for WS CDL.

David Burdett May 11, 2004 Package Binding for WS CDL.
Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.

Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.
Create an Application Title 1Y - Youth Chapter 5.

Create an Application Title 1Y - Youth Chapter 5.
Custom Statutory Programs Chapter 3. Customary Statutory Programs and Titles 3-2 Objectives Add Local Statutory Programs Create Customer Application For.

Custom Statutory Programs Chapter 3. Customary Statutory Programs and Titles 3-2 Objectives Add Local Statutory Programs Create Customer Application For.
CALENDAR.

CALENDAR.

Similar presentations

Ads by Google