1 / 15

Governance in Identity Management Federations

Governance in Identity Management Federations. Clair Goldsmith, Ph.D. The University of Texas System Administration. Governance: A Definition. “ It is the process through which a group of people make decisions that direct their collective efforts.” Institute on Governance

ivory
Download Presentation

Governance in Identity Management Federations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Governance in Identity Management Federations Clair Goldsmith, Ph.D. The University of Texas System Administration

  2. Governance: A Definition “It is the process through which a group of people make decisions that direct their collective efforts.” Institute on Governance • It is fluid, time-consuming and unpredictable • Complicated by number and variety of stakeholders • Focuses on strategic aspects of decision-making

  3. Why is Governance Needed? • Oversight and Conflict Resolution • Establish and manage trust agreements • Determine direction and formulate policy • Ensure services meet business needs while maintaining the appropriate security and compliance with legal requirements • Establish and communicate operational standards and processes

  4. What is the Alternative? • Collection of one-to-one agreements • Conflicting agendas and no common goal • No technology standards and inconsistency in operating practices • No assurance of appropriate security and compliance with legal requirements

  5. Homogeneous Institutions Operating Standards and Practices may vary from institution to institution, but… Governance policies should be relatively consistent, and… Legal requirements should be similar if not the same Considerations Governance may be more tightly structured Governance through Executive Committees or Governing Boards Key executives make decisions Governance Models

  6. Diverse Institutions Operating Standards and Practices vary from institution to institution, and… Governance policies are not consistent, and… No formal authority to force a decision, and… Legal requirements may not be similar at all. Considerations Governance may be more loosely organized Reliance on advisory groups to formulate recommendations Guidance through Steering Committees Collegiality as opposed to strong governance Governance Models (cont.)

  7. Homogeneous Share a common Mission Same governance body and consistent governance policies Same legal requirements And Also Diverse Significant differences in size and budgets Significant differences in culture Institutions enjoy considerable autonomy 16 “stovepipes” Where Does The University of Texas System Fit? • 16 Institutions • 9 General Academic institutions • 6 Health institutions • 1 System Administration

  8. Governance Models in Shibboleth Federations • The most common examples are: InQueue InCommon UT System EAF Diverse Homogeneous

  9. UT System IdM Federation • Test Identity Management Federation Exists • Initially, for UT institutions only: Sixteen UT member institutions • UT System Identity Management Federation Board appointed • Policy Documents created • Will operate under the authority of the UT System Board of Regents

  10. UT System IdM Federation (cont.) • Five Shibboleth Applications in Production • The guest wireless network at System Administration • The Monthly Financial Reporting application (MFR) is used by budget coordinators from each UT institution. • Shibboleth version of Blackboard at the UT Health Science Center at Houston to provide courses offered by the Health Science Center to students at M.D. Anderson. • Research Collaborations Inventory application at UT System Administration Academic Affairs to report on collaborative research efforts throughout the UT System. • Time Sheet application at the Office of Facilities Planning and Construction used project managers at several UT institutions

  11. What is Needed? • Vision • Business Drivers • A Plan • Executive Buy-In • Funding It Is A Continual Process

  12. UT System IdM Federation:Governance

  13. Governance: Issues to Ponder • The Technical implementation aspects of Federation can get way ahead of Policy and Governance • Governance entangled with power / autonomy conflicts • Priorities vary by institution • Conventions may be seen as dictates • Managing trust relationships is complex enough when dealing with institutions within the same system (among “family”.) Complexity increases as diversity of membership increases

  14. Governance: Issues to Ponder (cont.) • Indemnification • What happens when something goes wrong? Who is liable? • How to handle intra-institutional trust and indemnification • Federation to Federation Trust Agreements

  15. THANK YOU

More Related