1 / 14

Emory University Case Study I2 Day Camp

Emory University Case Study I2 Day Camp. November 5, 2010 John Ellis & Elliot Kendall. About Emory. Facts & Figures. Private university in suburban Atlanta ~ 13,000 undergrads, 7,000 grads Professional schools, including Medical, Law, Business, Public Health schools

conlan
Download Presentation

Emory University Case Study I2 Day Camp

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Emory UniversityCase StudyI2 Day Camp November 5, 2010 John Ellis & Elliot Kendall

  2. About Emory Facts & Figures Private university in suburban Atlanta ~ 13,000 undergrads, 7,000 grads Professional schools, including Medical, Law, Business, Public Health schools ~ 24,000 employees, including those from our academic medical center (hospitals and clinics) Centralized IT, but many strong departmental IT groups

  3. Organizational Waves SSO/Fed Shibboleth deployed in production UTS Combined telecom and application divisions Governance Transparent, aligned with enterprise mission 2000 2005 2008 2010 NetCom Consolidated network and phone across Emory Alignment Transition from foundation and operational focus to services and business alignment InCommon After Identity Manager deployment, joined InCommon, completed first POP 20xx Enterprise Common solutions across the enterprise (IdM, Exchange) Efficiency More capacity available for strategic initiatives CIO Single Central IT structure across Emory Strategic Emory IT aligned as a strategic business partner ITIL & PM Frameworks for process improvements Consolidation Foundation Operational Excellence Innovation

  4. IT Foundation -- 2006 Governance and Prioritization for IT Initiatives “Create a set of timely, transparent processes for IT governance and prioritization clearly aligned with the missions of Emory. Create a common business case template that can be used across Healthcare and the Academic enterprise. Develop reporting mechanisms that allow committees to understand performance of application and project portfolios.”

  5. Governance

  6. IT Foundation -- 2006 Standard Approach for Directory Services (ID Management, Authentication, Authorization) Synchronize existing directories (e.g., LDAP and Active Directory) so that phone and email lookups can occur for all University and Healthcare staff, irrespective of location. Synchronize approach for assigning network IDs across the Academic and Healthcare Enterprise. Migrate existing network IDs and synchronize password credentials and expiration policies.

  7. IT Foundation -- 2007 Identity Management • Select identity management vendor; develop a phased-in approach for implementing priority modules such as provisioning and single sign-on. • Completion Target Dates: • Proof of Concept by the end of October 2006. • Business case presented to IT Governance by January 2007.

  8. SSO History Siteminder In 2008, Emory had been using Siteminder for number of years Complex, difficult to maintain, difficult to use, and expensive Very low adoption rate No benefits from "single" sign-on Most sites used direct LDAP connections

  9. SSO Choice With an eye towards federation Wanted to provide better SSO service, improved security Did detailed comparison of popular options: CAS, CoSign, Siteminder, OpenSSO, Shibboleth, etc. Shibboleth distinguished by federation support

  10. Shibboleth Chosen Proof of Concept deployed first Shibboleth is complex, but well documented Most implementation time spent re-reading docs, packaging software Completely successfully in a few months, ahead of schedule Commercial contract implementations also available

  11. Shibboleth in production Our implementation Deployment on shared JBoss app cluster somewhat challenging Clustering multiple nodes with Terracotta inelegant but straightforward In production and stable on around half a dozen apps Additional apps on hold pending JBoss upgrade to fix bug inherited from old version of Tomcat

  12. Challenges Need to support common attributes for federation – eduPerson, EPPN, etc. Two LDAP infrastructures. User education – understanding SSO Sign-off issues

  13. What’s Next Proof of concept federated authentication with Georgia Tech Gartner integration InCommon Wiki

  14. Click to add title Questions ?

More Related