110 likes | 239 Views
A Different View of IdM Biz Process?. Michael R Gettes Duke University CAMP @ Denver, June 2005. Prioritization… @ Duke. Cough ahem Cough, Cough Gag… Cough Next slide please …………. The Problem (per Tom Barton @ U of Memphis).
E N D
A Different View of IdM Biz Process? Michael R Gettes Duke University CAMP @ Denver, June 2005
Prioritization… @ Duke • Cough • ahem • Cough, Cough • Gag… • Cough • Next slide please …………
The Problem (per Tom Barton @ U of Memphis) • Unclear process for lifecycle management of accounts & other IT resources • Seat of pants policy determination • Inconsistent operational practices • Done differently by different people at different times • Common business logic forced to reside in applications to determine eligibility • Eg. Is this user “currently a member of community”? • Inconsistent service levels for users results.
Tom Barton’s Original U of Memphis States View of IdM … Not shown: transitions to prospective state from grace, limbo, slide, IDonly.
Adding to the Problem … • Gaining common understanding among Id Mgmt functional types • Communication between Id Mgmt Functional and Id Mgmt Technical types • How do Service Providers fit in? • Knitting together other Business Processes with IdM Biz Process (communication and understanding) • Hence, A Duke View…
ACTIVE or EXISTS Identity & Service/Provisioning States (functional view) Condition Action Creation Result Become Student Become Faculty Remove Student Services
Condition Identity & Service/Provisioning States (functional view) Action ACTIVE or EXISTS Creation Result Become Student Become Faculty GRACE DISABLED Remove Student Services Terminated Staff
I DENT I TY OB J ECT For each ID Object … Condition Action Result Loop Over All Conditions Until No Actions Stable State For good biz logic Order must not matter
Testing and Validation Now Possible ID Object #1 Old ID Object #1 New Identity Management Business Logic ID Object #2 Old ID Object #2 New ID Object #3 Old ID Object #3 New ID Object #4 Old ID Object #4 New