1 / 16

Identity Management: Some Basics

Identity Management: Some Basics. Mark Crase, California State University Office of the Chancellor CENIC - March 9, 2011. Presentation Overview. 15-Minute Fly-by. Identity Management Basic Identity Management Services Authentication Authorization Drivers and Benefits Local

topanga
Télécharger la présentation

Identity Management: Some Basics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity Management: Some Basics Mark Crase, California State University Office of the Chancellor CENIC - March 9, 2011

  2. Presentation Overview 15-Minute Fly-by • Identity Management • Basic Identity Management Services • Authentication • Authorization • Drivers and Benefits • Local • Inter-Institutional

  3. One Definition… Identity & Access Management • A technology and policy infrastructure that will enable campuses to manage identity information and assure efficient and secure transactions that fully respect individual privacy.

  4. EDUCAUSE 2010 Top 10 Current Issues…

  5. Basic Services Basic Identity Management • Provide Enterprise Directory Services • White Pages • Yellow Pages • Reconcile Multiple Identities across Programs and Campuses • Reduce Number of Repositories of Confidential Information • Single Sign-On (or at least Initial Sign-On)… • Reduce Number of IDs and Passwords • Make Strong Passwords More Palatable

  6. Basic Services Basic Access Management • eProvisioning • E-Mail, Library Services, Parking, etc. • Self-provisioning • Changing/Resetting Passwords • Portal Customization (myPortal, etc.) • Self-service HR and Benefits Updates • Secure Network Access • VPN Authorization • Wireless Access Authorization • Campus Guest Network Access

  7. Basic Services Role-based Authorization • Suspension of Services • Student Discipline • Financial Holds • Improved Workflow • E-Signature • B2B Transactions • System-wide electronic procurement/distribution of digital content • De-provisioning of Services • Separation of Employees • Death of Alumni

  8. Drivers and Benefits Legal Compliance • Comply with Laws Related to Use of Personal Data and Response to Breaches • Help eliminate inappropriate use of SSNs • Reduce potential for need to activate campus incident response procedures • Improve Data Security Audit Compliance • “Who has access to what” • Enable Compliance with Service Contracts • Digital content providers • Service and goods providers • Respond to Document/Information Requests by Role

  9. Drivers and Benefits Financial Drivers • Maximize Value of Previous Technology Investments • Internet 2, NLR, CalREN, etc. • Campus networks • Campus-based ERP efforts • More Effective Use of Resources • Reduce wear-tear on “carbon units” • Reduce cost of application development and support

  10. Drivers and Benefits Security Considerations • Greater Protection of Identity Information • Reduce number of data repositories… • Enables improved hardening of remaining repositories • Enable Centralized Password Management • Increase Password Complexity and Reduce Number of Passwords • Automated De-provisioning • Bring Vendors and Contractors In Line with Campus Requirements

  11. Drivers and Benefits Political Considerations • Identity theft and protection of personal data have become highly visible as public policy issues. Institutions that don’t take them seriously on a voluntary basis, will surely end up taking them seriously on a mandatory basis. • Robust, documented identity and access management policies and procedures will help prevent many breaches, and will help a campus more effectively respond to the breaches that actually occur

  12. Drivers and Benefits Inter-Institutional Economies? • Financial • While a one-size-fits-all approach is not likely to work, there should be some economies-of-scale we can achieve • Political • For publicly subsidized institutions, proper stewardship of public resources is always important, but it is especially important when budgets are tight

  13. Drivers and Benefits Facilitate Inter-Institutional Relationships • Facilitate Existing Articulation Agreements • Track individuals through successive institutions • Enable eApplications • Secure transmission of transcripts • Targeted Evolutionary Service Delivery • Recruits >> Applicants >> Enrolled >> Alumni • Support students enrolled in distance education programs • Deliver course materials • Administer exams

  14. Drivers and Benefits Enable Creation of Federations • Facilitate Inter-Institutional Transactions • Authenticated submission of grant proposals to Federal agencies • Authenticated data reporting and financial transactions • Facilitate Faculty Collaboration • Authorized access to proprietary data repositories • Secure access to collaboration tools • Facilitate Research • Share scarce resources (Grid Computing, etc.)

  15. Additional Information • InCommon Higher Education and Research Federation • http://www.incommonfederation.org/ • CSUConnect • http://its.calstate.edu/iam/csuconnect-federation.shtml • UCTrust • http://www.ucop.edu/irc/itlc/uctrust/

  16. www.calstate.edu

More Related