1 / 11

Identity and Access Management

Identity and Access Management. IAM. Definition. Identity and Access Management provide the following: Mechanisms for identifying, creating, updating and storing identity information for each individual who might require access to technology resources.

aladdin-francis
Télécharger la présentation

Identity and Access Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity and Access Management IAM

  2. Definition • Identity and Access Management provide the following: • Mechanisms for identifying, creating, updating and storing identity information for each individual who might require access to technology resources. • Mechanisms for determining which individuals’ identities should be allowed to access which technology resources.

  3. Goal • To design and implement an identity and access management (IAM) middleware infrastructure that • Improves the user experience, through timeliness and correctness • Based on roles, grants access to appropriate technology resources • Increases our security and audit capability • Opens the door to different levels of access

  4. Identity and Access Management Drivers • Portals • Workflow applications • Eliminate implicit “denial of service”; improve timeliness of getting new users into the system • Separate the two critical components of access management: authentication and authorization • E-Authentication – Federal granting agencies and the National Department of Education with require compliance within 5 years • Federations • Better security and auditing capability • Digital library access

  5. Benefits • Reduction in the number of credentials we require users to know • Speed up in getting new people into the system • Automated provisioned access to technology services based on role • Mechanism to quickly remove or change a user’s access to all technology services at once • Mechanism to compute a “level of assurance” that the user who provides credentials is the person s/he claims to be through “identity proofing”

  6. Benefits continued • Improved security with better logging • Facilitates unified access to multiple applications • Enables initial-sign-on (also called single-sign-on) • With initial-sign-on, it is a straightforward step to a campus portal • Applications will be easier to build, will be more consistent with each other, and provide a common user experience around authentication and authorization

  7. IAM – The Proposal • The model that we are pursuing to solve the Identity and Access Management problem is based on the work of the NSF Middleware Initiative and Internet 2. • We are committed to an open standards and extensible solution.

  8. IAM – The Proposal • We will address initial sign-on for web applications • We will attempt to address initial sign-on for desktop/client applications • We will address the affiliate user issue and provide mechanisms for adding such users to the database to allow access to only those services that they should receive

  9. Identity and Access Management Steering Committee • We have established an IAM Steering Committee to ensure that the work we are doing in this area is consistent with the needs of the University • First meeting of this group will occur on February 13.

  10. IAM – Phase 1 • IAM Phase 1 project is in flight. Goals include: • Design and specification of the IAM system • Request for Information has been written to determine what the market offers • Administrative and academic groups have been identified to assist in determining standard roles and the services that should be provisioned to them. • The project web site is: http://iam.uconn.edu

  11. IAM – Who will be involved? • UITS staff • Staff from various administrative and academic areas

More Related