1 / 7

Wednesday Sessions

Wednesday Sessions. Demonstrations & Discussions. PASE, U Wisc, Steve Devoti & Mark Weber I2 services, Internet2, Mike LaHaye WS-Grouper, Cornell, Joy Veronneau MyVocs, UAB, Jill Gemmill & John-Paul Robinson Clinical Roles & Privs, FCCC, Frank Manion. Synthesis, Gaps.

hamlin
Download Presentation

Wednesday Sessions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wednesday Sessions

  2. Demonstrations & Discussions • PASE, U Wisc, Steve Devoti & Mark Weber • I2 services, Internet2, Mike LaHaye • WS-Grouper, Cornell, Joy Veronneau • MyVocs, UAB, Jill Gemmill & John-Paul Robinson • Clinical Roles & Privs, FCCC, Frank Manion 2

  3. Synthesis, Gaps • Signet & grouper fitness for purpose • Gap between current state and potential participant usage • AuthZ mgmt practice: current vs. desired • Next steps • Workshop format & program 3

  4. Signet & Grouper Fitness for Purpose • Consistency, packaging, “I2MI common criteria” • Unnecessary differences, internationalization, customization & “upgrade protection”, common quick-start package • Better error handling • Work on interfaces for provisioning • Web services, LDAP, XML, XACML?… • Is Grouper UI usable by the masses? • If we provide web services interface, do we need to provide UIs? • Do we need LDAP integration (in particular)? • Subject API has promise • Somehow support dynamic groups 4

  5. AuthZ Management Practice: Current vs. Desired • We grok groups, less so rich privilege structures • Need clearer articulation of a comprehensive authZ management model & case studies • Experiences at Stanford, U Wash, UC Irvine, others? • Identify solutions to common problems? E.g. paper-based access approval workflows • We get that distributing authority requires an authZ management infrastructure, but we don’t get how to hook that up to operational infrastructures • Interfaces for provisioning need work • Develop best practices • Models for aggregating distant authorities 5

  6. Next Steps • Develop orienting materials • AuthZ recipe • Integrated framework for I2MI tools • Develop best practices • Survey leading to white paper • Further product development • Meet I2MI common criteria (that we must define) • Web services 6

  7. Workshop Format & Program • Install Fest • Lacked sufficient orienting reference architecture • Have hard copy of install fest instructions • Post-install test suite • Workshop • Cover the API(s) themselves • Insert feedback here… 7

More Related