IdM needs at your school
- William G. Thompson, Jr.
IdM Needs at your school
sync
provisions/deprovisioning
data quality
real business activity vs what sor says
desceased spouse access
institutional interest in user resources
eDiscovery (reource lifecycle (mail boxes))
guests vs "formal" accounts
multiple affiliations & access mgmt & business rules
returning members of community
persistence lifecycle of identities and their attributes
authoritative & canonical form of IdM data; MDM
goverance
alignment IT - functional unit(s), fu - fu(s), etc
value & scope of IdM as percieved by customer
transparency
lifecycle managment & alignment
account linking (social id, etc)
netid/email for life
access lifecycle
name change - name-based idenitifiers
netid decouple from email (vanity email)
self-selection of netid / aliases
byu has email forwarding but no email boxes
social ids, integration of consumer services
cleanaccess
http://www.cisco.com/en/US/products/ps6128/index.html
institutional data on non-enterprise end points
mobiled deivces
identifier crosswalk, sso & systems itegration
attribute syncronization (povisioning)
mission of idm system
authN <----> all systems integration
extent of idm-built data replication as a general service
authN, authZ, personalization, messaging, Id xwalk, operational, !BIS (business information systems)
logging, auditing, SIEM, reporting, metrics
Security information and event management
John4
1.SIEM
2.IdM - runtime interaction to "login" (user perspectivce) "production ops"
3.Provisioning
4.AuthZ policy
provisioning about legacy systems integration (push/pull authZ data, user accounts)