1 / 18

Current Work in System Architecture

Current Work in System Architecture. November 2003 Tom Board Director, NUIT Information Systems Architecture. Presentation Outline. Context Business environment Security Integration Architectural future We are heading toward a future that will be based on these ideas. Context.

magnar
Download Presentation

Current Work in System Architecture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Current Work inSystem Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture

  2. Presentation Outline • Context • Business environment • Security • Integration • Architectural future We are heading toward a future that will be based on these ideas.

  3. Context • Self-service. The world expects it. • Central digital identity. The basis for service unification and enhanced security. • Loosely-coupled systems. Replace tight integration between systems with Web Services to expose functions in standard ways.

  4. Three groups: Clients/Users NU Service Units Technology Enablers Technology enables NU service units to create the best services for their particular clients Business Relationships Clients within or outside NU NU Providers Service Methods Applications and Tools Enabling Technologies Identity & Security

  5. Technology’s Role • Information Technology enables – it is not an end • Effective IT increases human capital effectiveness • Human capital realizes the goals of the organization • As IT capabilities improve, human capital adapts to its advantage • Higher levels of excellence can be achieved Organizational Excellence Human Capital Information Technology

  6. Best-in-Breed Services • Once defined, a System Architecture permits the University to deploy the best IT approach for each given application • The University need not build or house the IT services – best-in-breed solutions can be integrated together. Purchased software run locally Locally authored Purchased Internet-based services Information Technology

  7. University Business Environment The user’s experience should be of unified access to services through a standard, Web-based portal. Transactions with applications are initiated through this portal. Based upon identity attributes set by Human Resources and the Registrar, institutional roles are defined that create separate views of University systems in that context. This is also a available for basic application security.

  8. University Business Environment Using portal technology will group functions around the individual’s personal responsibilities. Roles present functions in context and can enforce additional authorizations. Tailoring of role functions can follow specific entitlements granted by service providers. Personalization gives the person control to optimize his or her time and use of information.

  9. Service and Data Flow Coupled central applications HRIS SES Common credentials LDAP Portal Central identity and entitlements The combination of unified presentation, common authorization, and standard connectors will create a seamless service to the end-user. Identity management will be a key aspect of the infrastructure serving the entire network. Authoritative identity information from key systems will define roles and default entitlements. End-user

  10. Security • NU will need firm management of digital identities to give service units confidence • We will need to adapt existing systems, and specify new ones, to achieve desired levels of security.

  11. Role-Based Security Registration Department Assistant Roles assigned to identities offer an initial screening of access to resources. This screening can occur at the application or even within the network itself – making access to host systems impossible for some individuals. Financial Student Time Entry

  12. Delegated Access Control Application security Local service access rules Sensitive data Unified central identity management allows delegated control of access by service administrators. Entitlements can be based on roles (by job class) or membership in groups or individually through rules. Credentials Portal Central management Application management

  13. System Integration • We should enhance services by coupling enterprise systems to speed processes • Portal-based access to services relies upon this coupling

  14. System Integration “Integration” is a perception by the customer of a unified service. A restaurant appears as a unified whole delivering a service. The appearance of integration is realized by coupling systems, not merging them. The cook, waiter, and cashier are separate systems that communicate effectively to deliver a single service to the customer. A breakdown in that communication exposes the internal structure to the customer. An integrated administrative system will deliver a set of services crossing boundaries hidden from the customer through effective coupling of systems. The resulting service structure only appears monolithic, but remains distributed. Each separate system can be a best-in-class solution to its needs, with the necessary requirement that it communicate well to the remainder of the administrative matrix. SES Financials Advance Research HRIS

  15. Integration Benefits Human Resources System Integrated enterprise systems can reduce the time to complete services across the University, eliminate manual steps (and errors), and create auditable transaction records. A hiring event can trigger financial and service actions. Some actions could be immediate and others queued for review by service administrators before fulfillment. Later events, such as completed training, can be promoted back into the HR record for the employee. Hiring Event Employee Record Provision Provision Queue to Queue to NetID ETES school ERP Provision Notify Provision Provision Wildcard supervisor access local services Provision Schedule Schedule Encumber salary and benefits directory training training Provision Notify unit Subscribe to Subscribe to calendar funds mgr email lists email lists Notify Notify supervisor supervisor

  16. Summary • User self-service, reduced manual interfaces, and easier deployments will save effort and reduce errors • Unified identity management will create consistency of services and security across the University • Vendor adoption of application coupling methods combined with simplified local development will speed deployment of new functions • The portal navigation point will reduce confusion and save time

  17. The Challenge – Application Silos Application silos develop naturally around business systems and software under standard architectural planning and funding. Each business unit invents user management, tracks authorizations, and builds interfaces to other systems. Silos limit views of institutional data, fragment security, require manual re-entry of data and detract from the user’s “integrated system” experience. Business Unit IT

  18. The Future IT IdM & Portal Business Unit Focus IT Services and Facilities

More Related