Reflect and Join - Reach for the Sky: The Care and Feeding of an Enterprise Person Registry Brendan Bellina, University of Southern California [email protected]

Reflect and Join - Reach for the Sky:

The Care and Feeding of an Enterprise Person Registry

Brendan Bellina, University of Southern California

[email protected]

NMI-EDIT CAMP Identity and Access Management Integration Workshop

June 27, 2005 IdM CAMP 2

People

Students

Employees

Alumni

Affiliates

Guests

Donors

Services

Portal

Email

Online Learning

Academic Services

Administrative Services

Network Services

Identity

Management

System

Directory Services

Authentication Services

Authorization Services

Provisioning Engine

Messaging Engine

Metadirectory Services


Reflect

• Embody or represent something in a faithful and appropriate way

• Think deeply or carefully

Reflect what?Reflect Information


What is Information?

Information is …

Data

plus

Interpretation

plus

Policy as Practiced


Mining for Information

• Identify Potential Information Providers

• Identify Potential Information Consumers

• Interview Knowledge Experts• Validate Against Common

Practice• Examine Applicable Standards• Consider Peer Institutions• Document Findings• Distribute Findings• “Rinse and Repeat”


Information About Who ???


Posit: Roles are Simple


What about…Teaching AssistantsEmeritiResearchersVisiting ScholarsLibrariansCIO, CTO, and other officersPeople on approved leavePeople on unapproved leave

“Faculty”

Def.: People who are employed by the institution to teach students

Revised Def.: Whoever the Provost says, regardless of whether they teach or not or are employed by the institution.


What about…On-call event staffStudents who work for departmentsRetireesPeople who work at hosted institutionsPeople who work at sister-institutionsPeople working at on-campus vendorsConsultantsPeople on approved leavePeople on unapproved leave

“Staff”

Def.: People who are employed by the institution to support the educational mission of the institution

Revised Def.: Whoever the payroll department knows about, usually, but not always, excluding Faculty (see previous slide for clear definition of “Faculty” ;) ).


What about…Staff / Faculty who take coursesStaff / Faculty spouses who take coursesDistance learners who take course offeringsPeople studying abroadPeople who have graduatedPeople who are in between semestersPeople attending campsStudents at sister institutionsPeople on approved leavePeople on unapproved leave

“Student”

Def.: People who pursue the educational offerings of the institution

Revised Def.: Whoever the Registrar (and possibly others) say, regardless of whether they are taking courses or not, or are enrolled in the institution or not.


Conclusion: In Higher-Education, Roles are NOT Simple…

Plan on it, Plan for it


Information From Where ???


Potential Information Providers

• “Systems of Record”• Database structures - tables and views• Database Field Definitions and Triggers• Application Screen Templates• Application Logic• Practices - workflow• Access Controls - Network, System,

Database, Application, Policy• Gray matter of Institution “Veterans”


Balancing“Soft” Work

versus “Hard” Deliverables


The Lure of Being Technology-Driven

The Journey to the dark side…• Can we do this? Do we have time? Just get

something up and running.

• Buy-in to the myth

“What we don’t know can’t hurt us.”

• Scan for “usable” derivative data sources• Propagate misinformation• Declare success


You cannot escape the responsibility of tomorrow by evading it today.

- Abraham Lincoln


Once you start down the path to the dark side, forever will it dominate your destiny.

- Yoda, Star Wars


Now, here, you see, it takes all the running you can do to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that!

- Lewis Carroll, Through the Looking Glass


The Join


USC Communication Architecture


USC Systems of Record

• Student Information System• Administrative Information System• Graduate Enrollment Management System

(GEMS)• Merge Team• USCard Office• MU (Affiliates, UNIX Accounts, Email

Accounts)


USC Identity Resolution

“Golden Rule” attributes:

Social Security number

Given Name (reported and/or legal)

Surname (reported and/or legal)

Date of Birth

“Silver Rule” (partial) matches across SOR’s go to Merge Team for resolution


Challenges

• Whose Project is it, anyway?• Inconsistent data entry practices• Inconsistent data verification practices• Inconsistent merge practices and cultural momentum

An object at rest tends to stay at rest… unless acted upon by an unbalanced force.

- Newton’s First Law of Motion

• Data release policies for multi-affiliated individuals• Determining appropriate data hierarchy• SSN, names, and date of birth are not as reliable as

you might think.


USC Merge Team

• Chaired by Provost’s Office• Meets Weekly• Representatives from all SOR’s -

management and technical staff• Representatives from GDS Technical Team• Focuses on Operational Issues, but Flexible• Reviews Silver Rule Match Reports• Food


Merge Stats

• Initial Focus on Faculty and Staff (~11,000) to allow the issuing of USCID based Identity Cards

• Initial run of Silver Rules, February 2005 - 3,897 faculty and staff match sets

• As of June 22 - 395 faculty and staff match sets remaining

• Progress has required dedicated knowledge workers in Payroll and coordination with SIS


Links

USC GDS Documentation

<http://isd.usc.edu/~bbellina/gds>

Other presentations by the author

<http://isd.usc.edu/~bbellina>


Copyright Statement

Copyright © Brendan Bellina, 2005. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Documents

Reflect and Join - Reach for the Sky: The Care and Feeding of an Enterprise Person Registry Brendan Bellina, University of Southern California [email protected]