1 / 8

Federated Identity in Texas

Federated Identity in Texas. Paul Caskey The University of Texas System HEAnet National Conference Kilkenny, Ireland 13 November 2008. Background. What is the University of Texas (U.T.) System? 9 academic, 6 medical, 1 administration 190,000 students / 80,000 employees

skule
Download Presentation

Federated Identity in Texas

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Federated Identity in Texas Paul Caskey The University of Texas System HEAnet National Conference Kilkenny, Ireland 13 November 2008

  2. Background • What is the University of Texas (U.T.) System? • 9 academic, 6 medical, 1 administration • 190,000 students / 80,000 employees • 1100 km apart geographically, but traditionally much further apart in terms of culture and sharing of resources • What is LEARN? • Lonestar Education And Research Network (Texas RON) • Participants come from public/private universities, community colleges, primary education (K-12), and service providers • 33 Institutions as tier 1 members, many more at the lower tiers • A major part of their mission is promoting collaboration in Texas

  3. Background (continued) • Two federations in one state? • Different missions • Different populations • Shared goal of increasing collaboration across the state • Could “evolve” to support eGovernment in Texas as well (currently, there is no state-sponsored initiative to develop federation) • Interfederation is the key to achieving the goals

  4. The U.T. System Federation • Collaboration is a key goal. • It all started with a “statement of direction” from our leaders and a small seed grant from the federal government • Why our own federation (rather than InCommon, etc)? • We know our campuses best / clear administrative boundary • Level and elevate the overall strength of identity management policy, practice, and technology • Ensure that no campus is left behind • Direct control over policies and directions • Most of our initial apps were just for our campuses • Current Status • Officially in production since 1 Sept 2006 • ~40 applications (administrative, academic, medical, security, and collaborative apps, but no content sharing) • 3 external vendors

  5. The LEARN Federation • Again, collaboration is a key goal • Builds on the infrastructure and personal relationships already built with LEARN members • Why a separate federation (from InCommon, UT)? • LEARN maintains a close relationship with its members • Help smaller campuses participate, including community colleges and K-12 as well • Can also include other entities as needed, including governmental agencies • Current Status • In pilot operations since July 2008 • Initial draft of policies complete and pending approval • 2 apps, with several more being implemented in the next 6 months

  6. Lessons Learned (so far) • Policy work is slow, but critical to establish an environment in which trust can develop. • It’s important to address the support needs that grow out of a federated environment (federate the support too). • Federated authorization is challenging and takes lots of time and effort (AppAdmin workflow app) – training and executive support are the keys. • Interfederation policy work is worse than establishing policies for our own federation since these policies span administrative and governmental / legal boundaries. • Everyone wants to build a house, but nobody wants to do housekeeping!

  7. What benefits have we observed from our federation? • User satisfaction • Fewer passwords to remember, increases the value of their campus credential • Local autonomy • Supports differing technologies, policies, and business processes • Increased security • No application-based loosely-coupled identities • More granular authorization • Lower costs • Applications don’t have to develop and manage separate identities for their users • Support secure collaboration across the world just as easily as across the state (well, almost) • SAML is a mature global standard

  8. The future? • More apps! • Vendors • eGovernment • Increased external collaborations • Interfederation / peering • LEARN • InCommon • Others? (caBIG, etc) • Compliance / verification • Standardized audit plan • Improved authorization capabilities • Policy revisions

More Related