IdM needs at your school

Owned by William G. Thompson, Jr.
Nov 08, 2011
1 min read

IdM Needs at your school

sync
provisions/deprovisioning
data quality
real business activity vs what sor says
desceased spouse access
institutional interest in user resources
eDiscovery (reource lifecycle (mail boxes))
guests vs "formal" accounts

multiple affiliations & access mgmt & business rules
returning members of community
persistence lifecycle of identities and their attributes

authoritative & canonical form of IdM data; MDM

goverance

alignment IT - functional unit(s), fu - fu(s), etc

value & scope of IdM as percieved by customer

transparency

lifecycle managment & alignment
account linking (social id, etc)
netid/email for life
access lifecycle

name change - name-based idenitifiers

netid decouple from email (vanity email)

self-selection of netid / aliases

byu has email forwarding but no email boxes

social ids, integration of consumer services

cleanaccess
http://www.cisco.com/en/US/products/ps6128/index.html

institutional data on non-enterprise end points
mobiled deivces

identifier crosswalk, sso & systems itegration

attribute syncronization (povisioning)

mission of idm system
authN <----> all systems integration
extent of idm-built data replication as a general service
authN, authZ, personalization, messaging, Id xwalk, operational, !BIS (business information systems)

logging, auditing, SIEM, reporting, metrics
Security information and event management


John4
1.SIEM
2.IdM - runtime interaction to "login" (user perspectivce) "production ops"
3.Provisioning
4.AuthZ policy

provisioning about legacy systems integration (push/pull authZ data, user accounts)