1 / 12

BUILDING A DISTRIBUTED ACCESS MANAGEMENT INFRASTRUCTURE Reports from the Real World

BUILDING A DISTRIBUTED ACCESS MANAGEMENT INFRASTRUCTURE Reports from the Real World. UW-Madison. History/Current IdM Infrastructure. Next up: Populations, Affiliations and Service Entitlements (PASE). Business Drivers.

mirra
Download Presentation

BUILDING A DISTRIBUTED ACCESS MANAGEMENT INFRASTRUCTURE Reports from the Real World

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BUILDING A DISTRIBUTED ACCESS MANAGEMENT INFRASTRUCTUREReports from the Real World

  2. UW-Madison

  3. History/Current IdM Infrastructure

  4. Next up: Populations, Affiliations and Service Entitlements (PASE)

  5. Business Drivers • Efficiently manage the identities of persons and their relationship with the university. • Securely and effectively conduct business with other institutions and government agencies. • Examples: • Granting a visiting professor access to the network and course management system. • Giving non-university employees (e.g. UW Hospital) to university managed resources (e.g. parking). • Providing new hires with an email address to receive employment communications before they begin work.

  6. Requirements • Rapid response to customer requests • New affiliations (groups) • Access to services by new or existing affiliations • A stable and reliable authorization infrastructure • Standard provisioning processes • Standard system interfaces for accessing group and entitlement information • Support for large numbers of affiliations and diverse populations • Better visibility into who has access to service • Improved audit and logging capability • Reduce the need for custom development when addressing customer requests

  7. The Concept

  8. Approach/History • Improved reconciliation process • Developed standard interface to the UDS • 2001 - Started PASE • Made the decision use internal development • Enabled the registry (UDS) to store affiliation data • A lot of project ups and downs. Changes is staff and management • 2005 - Reinitiated UI requirements gathering • Looked like it was going to take a long time • Decided to step back, do a survey of the market • Did a build vs. acquire analysis • Determined that acquiring a solution would be the most time-efficient and economical path • Acquired a real project manager • Adopted and implemented a rigorous project management mindset

  9. Project Approach

  10. Governance/Policy Roadmap

  11. Technology Gaps/Roadmap in more detail

  12. The PASE Team • Chris Holsman - Executive Sponsor • Pam Allen - Project Manager • Monica Crawford - Lead Developer • Steve Devoti - Enterprise Architect • Chuck Miller - Business Analyst • Mark Weber - Solution Architect • Keith Hazelton - Enterprise Architect

More Related