1 / 41

ID Management in University

ID Management in University. Kenzi Watanabe Saga University, Japan watanabe@is.saga-u.ac.jp. 5 Faculties Approx. 7,000Students 2,000 Faculty Members. ID Management History of Saga University. 1998, ID for all students 2001, ID for all faculty members

march
Télécharger la présentation

ID Management in University

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ID Management in University Kenzi Watanabe Saga University, Japan watanabe@is.saga-u.ac.jp

  2. 5 Faculties Approx. 7,000Students 2,000 Faculty Members The 33rd APAN Meeting

  3. ID Management History ofSaga University The 33rd APAN Meeting • 1998, ID for all students • 2001, ID for all faculty members • 1998, ID Integration for Windows and UNIX • 2002, Integrated authentication system • 2010, Shibboleth

  4. Backgrounds The 33rd APAN Meeting Information Literacy Education (1990〜) Deployments of Self-maintained Online Systems with Web (2000〜)

  5. Contents The 33rd APAN Meeting • What is ID ? • Backgrounds of ID Management History • ID Management Systems in Saga University • Issues in Implementations • Conclusion

  6. What is ID ? • ID is an identifier for each user • A symbol of yourself in ICT world • Known as “User ID” • ID is used in authentication procedure with a password • Login The 33rd APAN Meeting

  7. ID Management History ofSaga University The 33rd APAN Meeting • 1998, ID for all students • 2001, ID for all faculty members • 1998, ID Integration for Windows and UNIX • 2002, Integrated authentication system • 2010, Shibboleth

  8. Backgrounds of ID Management History The 33rd APAN Meeting Information Literacy Education (1990〜) Deployments of Self-maintained Online Systems with Web (2000〜)

  9. PC Room History in Saga University 1990〜1994 1994〜1998 The 33rd APAN Meeting

  10. Windows & UNIX dual boot system (1998 – 2002) The 33rd APAN Meeting

  11. ID Management Technologies For stand-alone system For networked system For small system For novel system The 33rd APAN Meeting • UNIX • /etc/passwd • NIS (Network Information Service) • Microsoft Windows • DC (Domain Controller) • AD (Active Directory)

  12. Different IDs and passwords UNIX Inconvenient !! sato1 pw1 Windows sato2 pw2 The 33rd APAN Meeting

  13. Same ID and passwordwithout Synchronization UNIX Inconvenient !! Not changed sato pw1 Windows sato pw1 sato pw2 Change! The 33rd APAN Meeting

  14. Same ID and passwordwith Synchronization Directory Server authentication UNIX authentication Windows Password change Convenient !! The 33rd APAN Meeting

  15. ID Management History ofSaga University The 33rd APAN Meeting • 1998, ID for all students • 2001, ID for all faculty members • 1998, ID Integration for Windows and UNIX • 2002, Integrated authentication system • 2010, Shibboleth

  16. Deployments of Self-maintained Online Systems with Web The 33rd APAN Meeting • Online Systems • E-mail • Educational affairs • Syllabus, Evaluation, Registration • Digital Library • Teachers’ DB • What ware changed ? • More personalized • Self-maintained

  17. e.g. Teachers’ DB The 33rd APAN Meeting • Teachers’ directory • Gathering activities of all professors • Research, Education, Social activities, etc.. • These outcomes become basics and evidences for the evaluation of university • Who inputs data ? • By themselves

  18. The 33rd APAN Meeting

  19. ID Management History ofSaga University The 33rd APAN Meeting • 1998, ID for all students • 2001, ID for all faculty members • 1998, ID Integration for Windows and UNIX • 2002, Integrated authentication system • 2010, Shibboleth

  20. Unified User DB (PostgreSQL) Saga Univ. @ 2002 Operation (Add, Remove, Modify) LDAP General NIS/NIS+ AD LDAP (Replica) IMAP4S POP3S FTP Linux Windows Other Servers (e.g. PHP based) The 33rd APAN Meeting

  21. Unified User DB The 33rd APAN Meeting • Master database for user attributes • User ID • Initial password • Full name • Affiliation • Title • Position • etc … • Authentication Infrastructure

  22. Unified User DB (PostgreSQL) Saga Univ. @ 2002 Operation (Add, Remove, Modify) LDAP General NIS/NIS+ AD LDAP (Replica) IMAP4S POP3S FTP Linux Windows Other Servers (e.g. PHP based) The 33rd APAN Meeting

  23. The 33rd APAN Meeting

  24. Shibboleth The 33rd APAN Meeting • Increasing Web-based systems • Inconvenience • Entering User ID and Password many times • More secure way • Opengate • A captive portal type network user authentication system

  25. The 33rd APAN Meeting

  26. Unified User DB (PostgreSQL) Saga Univ. @ 2010 Operation (Add, Remove, Modify) LDAP General IdP AD LDAP (Replica) IMAP4S POP3S FTP Windows Other Servers (e.g. PHP based) SPs Solaris The 33rd APAN Meeting

  27. The 33rd APAN Meeting

  28. The 33rd APAN Meeting

  29. Issues in Implementations The 33rd APAN Meeting • Consolidation of multiple accounts to a single entry • Identification • Clear scheme definitions of ID • ID naming rules • Cooperation with various sections • What section has authority ? • Data Transfer method • Decision making

  30. Research associate PhD course student Case 1 2 IDs Case 2 1 ID has 2 attributes Research associate PhD course student user1 user2 The 33rd APAN Meeting

  31. ID Naming Rules The 33rd APAN Meeting Random based ? Name based ? Same family and personal name ? Same with Student ID ?

  32. Issues in Implementations The 33rd APAN Meeting • Consolidation of multiple accounts to a single entry • Identification • Clear scheme definitions of ID • ID naming rules • Cooperation with various sections • What section has authority ? • Data Transfer method • Decision making

  33. The 33rd APAN Meeting

  34. Unified User DB (PostgreSQL) Saga Univ. @ 2010 Operation (Add, Remove, Modify) LDAP General IdP AD LDAP (Replica) IMAP4S POP3S FTP Windows Other Servers (e.g. PHP based) SPs Solaris The 33rd APAN Meeting

  35. Data Transfer Method The 33rd APAN Meeting • Online ? • Data format • CSV ? XML ? • Real-time transactions or Batch jobs ? • Both ? • Offline ? • Data format ? • Media type • DVD ? MO ?

  36. Unified User DB (PostgreSQL) Saga Univ. @ 2010 Operation (Add, Remove, Modify) LDAP General IdP AD LDAP (Replica) IMAP4S POP3S FTP Windows Other Servers (e.g. PHP based) SPs Solaris The 33rd APAN Meeting

  37. Issues in Implementations The 33rd APAN Meeting • Consolidation of multiple accounts to a single entry • Identification • Clear scheme definitions of ID • ID naming rules • Cooperation with various sections • What section has authority ? • Data Transfer method • Decision making

  38. Conclusion The 33rd APAN Meeting • What is ID ? • Backgrounds of ID Management History • ID Management Systems in Saga University • Issues in Implementations

  39. Acknowledgements The 33rd APAN Meeting NTT DATA KYUSHU Corporation Net One Systems CO. LTD.

  40. The 33rd APAN Meeting

  41. ID Management Technologies User authentication User authentication UNIX Windows The 33rd APAN Meeting • LDAP(Lightweight Directory Access Protocol) • Directory services • Active Directory has LDAP functions • Windows 2003 server and later versions

More Related