Upload
abel-osborne
View
219
Download
0
Embed Size (px)
DESCRIPTION
Build upon existing open source IAM projects Create a comprehensive, modular IAM stack Implement open, standards-based architecture Reduce ops costs (TCO) through improved integration, automation, QA Focus on needs, challenges distinctive to HE Avoid vendor lock-in Do so by pooling community resources 2012 Jasig Sakai Conference3
Citation preview
June 10-15, 2012
Growing Community; Growing Possibilities
Open Source Person Registries-
You want ‘em we got em’!
Dedra Chamberlin, UC DavisEric Westfall, Indiana University
2012 Jasig Sakai Conference 2
First: What is CIFERAn agile, best-of-breed, community governed, comprehensive IAM solution for higher education
2012 Jasig Sakai Conference 3
Build upon existing open source IAM projects
Create a comprehensive, modular IAM stack
Implement open, standards-based architecture
Reduce ops costs (TCO) through improved integration, automation, QA
Focus on needs, challenges distinctive to HE
Avoid vendor lock-in Do so by pooling community resources
CIFER Objectives
2012 Jasig Sakai Conference 4
CIFER Workstreams
2012 Jasig Sakai Conference 5
Second: Registry GroupWhat are we talking about, what have we done, and what are we going to do?
2012 Jasig Sakai Conference 6
IAM in university environments
2012 Jasig Sakai Conference 7
Objective of the Group◦ Develop a plan to identify current gaps in identity
registries◦ Evaluate options for developing a single person registry◦ Move forward to close the gaps by developing a registry
Involved Partners ◦ UC Berkeley, UCSF, Brown, U. Washington, Internet2,
Indiana, Kuali, SFU, PSU, Open Registry, Rutgers, others What are we looking at?
◦ A central, single authority Registry◦ Identity Match functionality◦ Working closely with the Provisioning side of CIFER
Identity Registry Group
2012 Jasig Sakai Conference 8
TODO…add an awesome diagram here…
Target Architecture
2012 Jasig Sakai Conference 9
Identity Registry Functional Model Core Requirements Evaluation ID Match
◦ Strawman design for ID match system◦ Evaluation of OpenEMPI
Evaluations of three different Open Source Identity Registry solutions◦ OpenRegistry◦ Penn State’s Central Person Registry (CPR)◦ Kuali Identity Management (KIM)
What’s Been Done?
2012 Jasig Sakai Conference 10
For identity match ◦ Evaluated OpenEMPI and will decide w/in a month
to use or explore other options (integrations, self-written)
For Registry◦ Evaluated OpenRegistry and CPR◦ Both fairly well-developed, team feels both are
viable candidates Likes/Dislikes of each What about KIM?
Where are we now?
2012 Jasig Sakai Conference 11
Next Steps◦ Work on shared APIs from SOR’s into a registry◦ Define other common interfaces and integrating
id Match tools into OpenRegistry, CPR, or both Other Potential Goals
◦ Try and get OR out of incubation status◦ Work with PSU to full “open-source” CPR◦ Get involvement from other, interested parties
Other Initiatives◦ Kuali is doing an evaluation of CPR mapping to
KIM◦ UC is doing architectural evaluations
What’s next?
2012 Jasig Sakai Conference 12
Third: Why?Why are we involved and what do we need
2012 Jasig Sakai Conference 13
TODO…The UC Story
2012 Jasig Sakai Conference 14
Kuali Identity Management◦ Shared identity and access management
Used by many Kuali projects◦ Finance, research, student, library, HR
“Identity registry-like” functionality◦ but wasn’t originally designed for this purpose
Serves as an “integration platform” for IAM within Kuali
This has worked well for Kuali for a long time…but things are changing.
The Kuali Story
2012 Jasig Sakai Conference 15
Kuali People Management for the Enterprise (KPME)
Kuali Student (KS) These are traditionally Systems of Record
for identity ID Match is critical for both of these systems TODO…
What’s changing?
2012 Jasig Sakai Conference 16
TODO…More Kuali-related slides…
2012 Jasig Sakai Conference 17
Your Input!◦ We need your input on the integration points
How to get particular SOR information into CPR or OR?
Development of shared APIs Your Experiences
◦ If you’ve been or are going through the process, if available, what would you need to make this work
What’s Needed?
2012 Jasig Sakai Conference 18
Summary statement hereIn summary…
2012 Jasig Sakai Conference 19
Links Links Links Links
More information on CIFER
2012 Jasig Sakai Conference 20
Questions?For more information contact:[email protected]