Your SlideShare is downloading. ×
0
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Identity Management “Who do you think they are?”
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Identity Management “Who do you think they are?”

1,340

Published on

A case study and workshop on 4 years development at Blackpool & The Fylde College

A case study and workshop on 4 years development at Blackpool & The Fylde College

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,340
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Simon says “Hello” and then we’re on to the introductions...
  • Who are we? Ken introduces SimonNetwork ManagerOver 22 years @ the collegeKey to creation of CNS – central IT provisionAlong with Christian, recognised the value of Business Integration Simon introduces: John Ken Facilitators – Chrissie Turkington and Keith Wilson from JISC RSC Northwest
  • Briefly discuss the overview of the day Ask questions throughout Why are we doing this workshop? Inform Encourage Let the wider community know we have seen real results for the organisation
  • What is Identity Management?
  • Legacy solution based upon specific identified needs ( KEN: Define business process each time )
  • Defining the authoritative source of user identities ( KEC: Defining Business Process only once ) ( KEC: Authoratative ) Why did we go for identities? High Return on Investment (ROI) A return on Investment in Time ( KEN: Cuts duplication of effort ) ( KEN: Cut in repetition reduces errors ) Always based upon a single source that is:Authoratative Compliant Auditable Data source meets Shibboleth and JANET Acceptable Use Policies ( KEC: Shibboleth replaced Athens, a manual process ) Vault is an authoritative copy providing for the consolidation and integration of many services Where to start? Look for something with tangible requirements / benefits
  • Why Novell?(KEC: Designer: Graphically model your design and implementationJava programming not a pre-requirement.Schema both endsXML document flows through Policies and rules that implement Business Rules
  • Two phases Phase 1 – Staff Phase 2 – Students, Courses, Enrolments Phase 1 Human Resources – Northgate Resources Link – Oracle Database Active Directory Siemens PABX Telephone System – Modified Access Database E-Mail - Novell GroupWise Why start here? HR moving from old HR Globe system to new Northgate ResourceLink HR went through data cleans exercise ( KEC: We did too – WorkforceID in user objects ) No automatic account creation mechanism for staff ( KEC: Inconsistent account requests ) Smaller number of staff users vs. students Future vision – reuse of Identities Remove duplication of effort Authoritative source for data (KEC: KnownAs) Controlled – Process – starters/leavers – 0 day Remove old orphaned accounts Active Directory – MS Apps Technical: Oracle database Required an interface to expose data Enlisted Northgate to create a new interface to our specifications Maintenance requirement Novell IDM Event driven ( XML ) Business process Driver Rules The VAULT Siemens PABX systemAcess DB Authoritative for Telephone numbers ( New starters )
  • Phase 2: Student Record System - Tribal EBS Virtual Learning Environment - Moodle Authentication Directory – AUTH Tree Federated Access System – Shibboleth Capture and maintain authoritative data about Students, courses, schools and enrolments. Why continue here? Remainder of the users Remove legacy system NARS User IDs already in VAULT ( match up ) Present and use course and enrolment data Push enrolment data into Moodle Shibboleth (Athens) Access Manager – SSO AUTH Tree – security Technical description Oracle database – big Intermediate tableClarus – In house advantageMoodle – MySQL 0 day student start Unable to perform 0 day finish – time event instead Self Service – via “Student Directory”
  • Transcript

    • 1. BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      Identity Management
      “Who do you think they are?”
      A case study and workshop on 4 years development at
      Blackpool & The Fylde College
    • 2. BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      Organisation Chart
      Technicians * 8(Front-of-House)
      Engineers * 8(Back-of-House)
      Mac Support * 3
      IT Support Supervisor
      Simon Bailey
      (Network Manager)
      Christine McAllister
      (Head of Learning & IT)
    • 3. Overview of the day
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      10:15 Session 1: “Identities, a good place to start?”
      11:00 Tea & Coffee
      11:15 Session 2: Salford Software discuss different IDM Technologies and IDM within other institutions
      11:45A pre-lunch introduction to Session 3
      12:00 Lunch
      13:00 Session 3: IDM technologies within YOUR organization
      13:30 Session 4: “Impediments to Identity Wonderland” - Obstacles & Challenges
      14:15 Session 5: “Into the Cloud” – Managing identities in the cloud
      15:00 Tea & Coffee, plus feedback, questions and futures….
    • 4. FAIL!
      300 orphaned staff accounts
      Non-fee paying students
      Archive - storage costs and meaningless backups
      Can you guarantee that people logging on to your systems are legitimate at all times?
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
    • 5. What is Identity Management?
      What is Identity Management?
    • 6. Before: One-To-One
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      Business
      Application
      1
      Business
      Application
      2
      Business
      Application
      3
      DATABASE
      DATABASE
      DATABASE
      Students
      Students
      Students
      Staff
      Staff
      Staff
      Batch Process
      Batch Process
      Legacy Account Creation Application
      (in-house)
    • 7. After: One-To-Many
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      System
      1
      System
      2
      System
      3
      DATABASE
      DATABASE
      DATABASE
      Information Interchange
      Information Interchange
      Users
      Students
      Staff
    • 8. BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      Designerfor Novell Identity Management
    • 9. BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
    • 10. Phase 1 - Staff
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      Staff
      Directory
      (Browser View)
      Active Directory
      HR Database
      (Northgate RL)
      DB
      DB
      PROC.
      ‘Production’ Directory Services
      (eDir)
      Authentication Directory
      Identity
      Vault
      DB
      DB
      DB
      Email Provisioning
      (GroupWise)
      Telecom PABX
      (Siemens Database)
      Shibboleth
      DB
      DB
      PROC
    • 11. Phase 2 - Students
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      Student
      Directory
      Student Record System
      (Tribal EBS)
      VLE
      (Moodle)
      DB
      DB
      PROC
      Authentication Directory
      Identity
      Vault
      AccessManager
      ‘Production’ Directory Services
      (eDir)
      DB
      DB
      DB
      PROC
      Email Provisioning
      (GroupWise)
      Shibboleth
      DB
      PROC
    • 12. In Conclusion
      Senior Management Buy-in
      Did we get it?
      Do you need it?
      Confidence gained in Phase 1
      Allowed progression in Phase 2
      Start small
      Find High Return on Investment (ROI)
      In Conclusion
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
      BLACKPOOL AND THE FYLDE COLLEGE
      An Associate College of Lancaster University
    • 13. In Conclusion
      Consultants
      Value?
      Pitfalls
      Project Management
      Stakeholder Buy-in
      In Conclusion

    ×