Presentation is loading. Please wait.

Presentation is loading. Please wait.

ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan

Published byTyrone Paul Modified over 8 years ago

Similar presentations

Presentation on theme: "ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan"— Presentation transcript:

1 ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan watanabe@is.saga-u.ac.jp

2 16/02/2012The 33rd APAN Meeting 5 Faculties Approx. 7,000Students 2,000 Faculty Members

3 ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

4 Backgrounds Information Literacy Education (1990 〜 ) Deployments of Self-maintained Online Systems with Web (2000 〜 ) 16/02/2012The 33rd APAN Meeting

5 Contents What is ID ? Backgrounds of ID Management History ID Management Systems in Saga University Issues in Implementations Conclusion 16/02/2012The 33rd APAN Meeting

6 What is ID ? ID is an identifier for each user – A symbol of yourself in ICT world – Known as “User ID” ID is used in authentication procedure with a password – Login 16/02/2012 The 33rd APAN Meeting

7 ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

8 Backgrounds of ID Management History Information Literacy Education (1990 〜 ) Deployments of Self-maintained Online Systems with Web (2000 〜 ) 16/02/2012The 33rd APAN Meeting

9 PC Room History in Saga University 16/02/2012The 33rd APAN Meeting 1990 〜 19941994 〜 1998

10 16/02/2012The 33rd APAN Meeting Windows & UNIX dual boot system (1998 – 2002)

11 ID Management Technologies UNIX – /etc/passwd – NIS (Network Information Service) Microsoft Windows – DC (Domain Controller) – AD (Active Directory) The 33rd APAN Meeting For small system For networked system For novel system For stand-alone system 16/02/2012

12 Different IDs and passwords The 33rd APAN Meeting sato1 pw1 sato2 pw2 Inconvenient !! Windows UNIX 16/02/2012

13 Same ID and password without Synchronization The 33rd APAN Meeting sato pw1 sato pw1 Inconvenient !! Not changed UNIX Windows sato pw2 Change! 16/02/2012

14 Same ID and password with Synchronization The 33rd APAN Meeting Convenient !! UNIX Windows Directory Server authentication Password change 16/02/2012

15 ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

16 Deployments of Self-maintained Online Systems with Web Online Systems – E-mail – Educational affairs Syllabus, Evaluation, Registration – Digital Library Teachers’ DB What ware changed ? – More personalized – Self-maintained 16/02/2012The 33rd APAN Meeting

17 e.g. Teachers’ DB Teachers’ directory – Gathering activities of all professors – Research, Education, Social activities, etc.. These outcomes become basics and evidences for the evaluation of university Who inputs data ? – By themselves 16/02/2012The 33rd APAN Meeting

18 16/02/2012The 33rd APAN Meeting

19 ID Management History of Saga University 1998, ID for all students 2001, ID for all faculty members 1998, ID Integration for Windows and UNIX 2002, Integrated authentication system 2010, Shibboleth 16/02/2012The 33rd APAN Meeting

20 Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) NIS/NIS+AD General WindowsLinux IMAP4S FTP POP3S Other Servers (e.g. PHP based) Saga Univ. @ 2002 16/02/2012

21 Unified User DB Master database for user attributes – User ID – Initial password – Full name – Affiliation – Title – Position – etc … Authentication Infrastructure The 33rd APAN Meeting 16/02/2012

22 The 33rd APAN Meeting Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) NIS/NIS+AD General WindowsLinux IMAP4S FTP POP3S Other Servers (e.g. PHP based) Saga Univ. @ 2002 16/02/2012

23 The 33rd APAN Meeting

24 Shibboleth Increasing Web-based systems Inconvenience – Entering User ID and Password many times – More secure way Opengate – A captive portal type network user authentication system 16/02/2012The 33rd APAN Meeting

25 16/02/2012The 33rd APAN Meeting

26 Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga Univ. @ 2010 16/02/2012

27 The 33rd APAN Meeting

28 16/02/2012The 33rd APAN Meeting

29 Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting

30 16/02/2012The 33rd APAN Meeting Research associate PhD course student Case 1 2 IDs Case 2 1 ID has 2 attributes user1user2 Research associate PhD course student

31 ID Naming Rules Random based ? Name based ? Same family and personal name ? Same with Student ID ? 16/02/2012The 33rd APAN Meeting

32 Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting

33 16/02/2012The 33rd APAN Meeting

34 Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga Univ. @ 2010 16/02/2012

35 Data Transfer Method Online ? – Data format CSV ? XML ? – Real-time transactions or Batch jobs ? Both ? Offline ? – Data format ? – Media type DVD ? MO ? 16/02/2012The 33rd APAN Meeting

36 Unified User DB (PostgreSQL) Operation (Add, Remove, Modify) LDAP LDAP (Replica) IdPAD General Windows Solaris IMAP4S FTP POP3S Other Servers (e.g. PHP based) SPs Saga Univ. @ 2010 16/02/2012

37 Issues in Implementations Consolidation of multiple accounts to a single entry – Identification – Clear scheme definitions of ID – ID naming rules Cooperation with various sections – What section has authority ? – Data Transfer method Decision making 16/02/2012The 33rd APAN Meeting

38 Conclusion What is ID ? Backgrounds of ID Management History ID Management Systems in Saga University Issues in Implementations 16/02/2012The 33rd APAN Meeting

39 Acknowledgements NTT DATA KYUSHU Corporation Net One Systems CO. LTD. 16/02/2012The 33rd APAN Meeting

40 16/02/2012The 33rd APAN Meeting

41 ID Management Technologies LDAP ( Lightweight Directory Access Protocol ) – Directory services Active Directory has LDAP functions – Windows 2003 server and later versions The 33rd APAN Meeting UNIX Windows User authentication User authentication 16/02/2012

Download ppt "ID Management in University ID Management in University Kenzi Watanabe Saga University, Japan"

Similar presentations

Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.

Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.
EIONET Training Beginners Zope Course Miruna Bădescu Finsiel Romania Copenhagen, 27 October 2003.

EIONET Training Beginners Zope Course Miruna Bădescu Finsiel Romania Copenhagen, 27 October 2003.
AD User Import From SIMS.NET

AD User Import From SIMS.NET
Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Extern name server - translates addresses of e-mails messages - enables users to use e-mail aliases - … ID cards system - controls entrance to buildings,

Extern name server - translates addresses of s messages - enables users to use aliases - … ID cards system - controls entrance to buildings,
Inter-Institutional Registration UNC Cause December 4, 2007.

Inter-Institutional Registration UNC Cause December 4, 2007.
Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.

Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.
CNRIS CNRIS 2.0 Challenges for a new generation of Research Information Systems.

CNRIS CNRIS 2.0 Challenges for a new generation of Research Information Systems.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Ch 12 Distributed Systems Architectures

Ch 12 Distributed Systems Architectures
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
System Architecture University of Maryland David Henry Office of Information Technology December 6, 2002.

System Architecture University of Maryland David Henry Office of Information Technology December 6, 2002.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.

LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
Securing Access in a Heterogeneous Network Environment Providing Interoperability between Microsoft Windows 2000 and Heterogeneous Networks Securing Authentication.

Securing Access in a Heterogeneous Network Environment Providing Interoperability between Microsoft Windows 2000 and Heterogeneous Networks Securing Authentication.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.

Similar presentations

Ads by Google