Presentation is loading. Please wait.

Presentation is loading. Please wait.

Centralizing and Automating PeopleSoft Authority Management (Security) Session #20647 March 14, 2006 Alliance 2006 Conference Nashville, Tennessee.

Published byNorman Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "Centralizing and Automating PeopleSoft Authority Management (Security) Session #20647 March 14, 2006 Alliance 2006 Conference Nashville, Tennessee."— Presentation transcript:

1 Centralizing and Automating PeopleSoft Authority Management (Security) Session #20647 March 14, 2006 Alliance 2006 Conference Nashville, Tennessee

2 2 Your Presenters Kevin Dale – Information System Analyst −At Stanford since July 2001 – Business Analyst for Financial Aid, Student Records and Security. Lead for the Authority Manager Automation Project. Minh Nguyen – Software Architect −At Stanford since June 1997 – Lead the development of Authority Manager, version 3.0 Part of the Signet core development

3 3 Stanford University Founded in 1891 Founded in 1891 Private university Private university 6,753 undergraduate 6,753 undergraduate 8,093 graduate 8,093 graduate 1,775 faculty 1,775 faculty 7,565 staff 7,565 staff Located 30 miles south of San Francisco and just north of Silicon Valley.

4 4 Your Organization and Oracle Campus Solutions 8 SP1 PeopleTools 8.22.05PeopleTools 8.22.05 Enterprise Portal 8.8 SP1 PeopleTools 8.44.03PeopleTools 8.44.03 Enterprise Learning Management 8.8 SP1 PeopleTools 8.45.12PeopleTools 8.45.12 Oracle e-Business Suite 11.5.9

5 5 Agenda Authority Manager – Signet What is Signet?What is Signet? FeaturesFeatures BenefitsBenefits ConceptsConcepts TechnologiesTechnologiesPeopleSoft Before AutomationBefore Automation Project GoalsProject Goals How it Works – Business ProcessHow it Works – Business Process DemoDemo How it Works - TechnicalHow it Works - Technical MetricsMetrics Questions and Answers

6 Signet Minh Nguyen

7 7 What is Signet? Privilege Management System Web application Toolkit/API XML Schema Open Source Project from NMI-EDIT Consortium Based on Stanford’s Authority Manager

8 8 NMI-EDIT Consortium Comprises Internet2 and EDUCAUSE −NSF Middleware Initiative (NMI)-Enterprise and Desktop Integration Technologies Consortium (EDIT) Funded in 2001 by NSF Middleware Initiative Researches and develops inter-institutional Identity and Access Management tools Guided by MACE – Middleware Architecture Committee for Education −Group of R&E IT architects from US, Europe, and Australia

9 9 Features Grant/Revoke Privileges Grant-only Distributed Delegation Rules-Based Conditions Proxy Grant to Groups

10 10 Benefits Standard user interface for users to grant privileges Consistent, simplified policy definition via role- based privileges Improved visibility, understandability, and audit ability of privileges across the enterprise Reduces latency in access privileges lifecycle events (activating/deactivating)

11 11 Building Blocks - Concepts Function - things a person can do; what they are getting privileges for. Scope - organizational hierarchy governing distributed delegation Limits - qualifiers, constraints for a privilege. Permission - atomic units of control that map to specific access rules in systems.

12 12 Building Blocks – Concepts (cont.) Condition Must be true to retain a privilege Provides automatic revocation of privileges Based on date, person’s status, affiliation, etc. Pre-requisite - pre-conditions that must be met to activate privileges, e.g., training

13 13 Example By authority of the Dean grantor principal investigators grantee (group/role) who have completed training prerequisite can approve purchases function in the School of Medicine scope up to $100,000 limit until January 1, 2007 as long as a faculty member at… conditions

14 14 Technologies Java Language Servlet Container, e.g. Tomcat Struts MVC Framework Tiles for UI Customization Hibernate for Data Access Layer

15 15 Resources NMI-EDIT – http://www.nmi-edit.org MACE – http://middleware.internet2.edu/MACE Signet – http://middleware.internet2.edu/signet

16 PeopleSoft & Authority Manager Kevin Dale

17 17 Before Automation Totally Manual Process Email No Tracking Potential for Incorrect Assignment Delay in Assignment No Audit / Validation Process

18 18 Automation Benefits Prerequisites – Enforcement Assignment Expiration Acting As Auto Revocation - Identity Management Loss of Single Sign-On = Loss of PS Security

19 19 PeopleSoft - Project Goals Assignments or changes made in authority manager update PeopleSoft directly. The process will no longer require manual intervention. Minimal changes to the Authority Manager user interface, Student Admin will no longer use limit data. Speed up the authority process. Assignments to PeopleSoft are made in near real time.

20 20 How it works – Business Process 1.Grantor inputs Assignment 2.Authority Sends Data to PS to update Security (Application Messaging) 3.Row Level / Data Permission Security is updated 4.Application Sends Security to Portal

21 Start Demo Start Demo

22 22 125 objects in project. 30 Records 20 Fields 2 Translate Values 9 Pages 2 Menus 8 Components 24 Record PeopleCode 2 Process Definitions 8 SQL 2 Application Engine Programs 10 Application Engine Sections 1 Message Node 1 Message Channel 1 Message Definition 2 Subscription PeopleCode 2 Application Engine PeopleCode 1 Page PeopleCode

23 23 How it works – XML from authority  Transformed (XLST)  Application Messaging  Message Definition (STF_USER_PROFILE)  PeopleCode  Security Gets Assigned

24 24 XML – XLST - XML XML snippet from Authority Manager XML snippet From XSLT XML snippet from PS

25 25 Application Messaging

26 26 Metrics Volume On average 38 (includes HR, Student and Financials) new / changes to security assigned each day Latency Events harvested every 10 minutes All updates completed within 1-2 minutes

27 End Demo End Demo

28 Questions?

29 29 Contacts Kevin Dale Information Systems Analyst, Administrative Systems Stanford University E-mail: kdale@stanford.edu Minh Nguyen Software Architect, Administrative Systems Stanford University E-mail: mnguyen@stanford.edu

30 This presentation and all Alliance 2006 presentations are available for download from the Conference Site Presentations from previous meetings are also available

Download ppt "Centralizing and Automating PeopleSoft Authority Management (Security) Session #20647 March 14, 2006 Alliance 2006 Conference Nashville, Tennessee."

Similar presentations

USM Oracle/PeopleSoft MidAtlantic Regional Conference Gettysburg College – June 2, 2009.

USM Oracle/PeopleSoft MidAtlantic Regional Conference Gettysburg College – June 2, 2009.
LeadManager™- Internet Marketing Lead Management Solution May, 2009.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.
ISV Partner Alliance Value Policy Policy Management for Microsoft® System Center.

ISV Partner Alliance Value Policy Policy Management for Microsoft® System Center.
Copyright Ann West 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Ann West This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Privilege Management with Signet: Steps to an Application Keith Hazelton University of Wisconsin-Madison Internet2 MACE Broomfield, Colorado 1-July-04.

Privilege Management with Signet: Steps to an Application Keith Hazelton University of Wisconsin-Madison Internet2 MACE Broomfield, Colorado 1-July-04.
Lynn McRae Stanford University Lynn McRae Stanford University Stanford Authority Manager Privilege management use.

Lynn McRae Stanford University Lynn McRae Stanford University Stanford Authority Manager Privilege management use.
What can PeopleSoft do for You Tools developed at CSU, San Marcos.

What can PeopleSoft do for You Tools developed at CSU, San Marcos.
Enterprise Financial System Project Update Council of Research Associate Deans January 17, 2008 www.finsys.umn.edu.

Enterprise Financial System Project Update Council of Research Associate Deans January 17,
© 2005, Cornell University. Rapid Application Development using the Kuali Architecture (Struts, Spring and OJB) A Case Study Bryan Hutchinson

© 2005, Cornell University. Rapid Application Development using the Kuali Architecture (Struts, Spring and OJB) A Case Study Bryan Hutchinson
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
SiS Technical Training Development Track Technical Training(s) Day 1 – Day 2.

SiS Technical Training Development Track Technical Training(s) Day 1 – Day 2.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Open source administration software for education software development simplified KRAD Kuali Application Development Framework.

Open source administration software for education software development simplified KRAD Kuali Application Development Framework.
Signet and Grouper for Distributed Attribute Administration

Signet and Grouper for Distributed Attribute Administration
Document Management Within PeopleSoft: How the U of Alberta Merged Paper and Personnel eForms Session #26484 March 25, 2009 Anaheim, California.

Document Management Within PeopleSoft: How the U of Alberta Merged Paper and Personnel eForms Session #26484 March 25, 2009 Anaheim, California.
ArcGIS Workflow Manager An Introduction

ArcGIS Workflow Manager An Introduction
Creating Business Workflow Using SharePoint Designer 2007 Presented by Tarek Ghazali IT Technical Specialist Microsoft SQL Server MVP Microsoft SQL Server.

Creating Business Workflow Using SharePoint Designer 2007 Presented by Tarek Ghazali IT Technical Specialist Microsoft SQL Server MVP Microsoft SQL Server.
Portal User Group Meeting September 14, 2011. Agenda Welcome Updates Reminders.

Portal User Group Meeting September 14, Agenda Welcome Updates Reminders.
Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.

Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.
Trimble Connected Community

Trimble Connected Community

Similar presentations

Ads by Google