1 / 11

Advancements in Penn State's Future Guest System: A New Era in Identity Management

The Future Guest System (FGS) is set to revolutionize identity management at Penn State, replacing the existing FPS authentication system. With over 1.6 million identities, FPS provides web-based account management and developer APIs but faces challenges like data collection and migration. The new Central Person Registry (CPR) will integrate identities from various sources, ensuring seamless identity provisioning and enhanced security measures. Key benefits include faster identity issuance, improved matching processes, and a uniform name space, eliminating past migration issues.

forbes
Télécharger la présentation

Advancements in Penn State's Future Guest System: A New Era in Identity Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Future Guest System (FGS)not FPS NOTE: the FGS does not represent a real name. I just made it up.

  2. What is FPS? • An authentication system that allows users outside of Penn State to access Web-based applications inside of Penn State. • Currently FPS has 1.6+ million identities. • Features include: • Web-based account management system (https://fps.psu.edu/). • Developer APIs.

  3. Today’s Architecture Kerberos Access CACTUS LDAP Access Kerberos FPS FPS LDAP FPS

  4. FPS Benefits • Mitigates risk in that FPS users cannot use wireless and computer labs. • Provides an identity instantly as opposed to the standard University process which can take up to 1-3 days.

  5. FPS Problems • Data Collection • Matching • Migration • Disjoint Name Space

  6. The future

  7. The Future • Penn State is currently developing a new Central Person Registry (CPR) that will consolidate identity information that is currently stored in separate non-integrated sources throughout the University.

  8. CPR Architecture Service Provisioners Systems of Record Service Providers Systems of Record Database Web Services Web Services Database Data Views Registration Authorities Central Person Registry Data Views Registration Authorities

  9. Future Architecture Kerberos Access CPR LDAP Access Kerberos Guest FPS LDAP FPS

  10. Benefits • New system still mitigates risk as users cannot get on wireless or use lab machines. • Matching is improved because it is done in the CPR as opposed to FPS, CIDR and CACTUS. • A uniform name space will exist, the CPR will be responsible for provisioning identities, not the individual systems.

  11. Benefits • Migration will be a thing of the past. • The user will always have the same identity.

More Related