Wayfs and Strays - Jonathan Richardson


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Wayfs and Strays - Jonathan Richardson

  1. 1. Wayfs and StraysJonathan RichardsonAssistant CIS DirectorUniversity of East Anglia
  2. 2. Privacy and Electronic Mobile accessCommunications Instant messagingData Protection Network mobilityFreedom ofInformationHigher FeesValue for money iTunesCommercial value of Amazonresearch eBayReputation Pay per view
  3. 3. Physical Flexible accessNetwork Wireless Distance Learning within our walls! Public/3G
  4. 4. How do I authenticate? Athens Shibboleth Proxy ? Virtual IP Private Network
  5. 5. Do I Care?
  6. 6. Identifying Security Risk < Physical --- Mobile >Device Security Network Security
  7. 7. Identifying Security Risk OpenID on mobile device Low costDevice Security High cost Institution ID on Corporate PC Network Security
  8. 8. What do you produce? Data-£ Data Consumer Publisher +£
  9. 9. Things to consider If you will Do you want release data to track usersunder FOI why or securelock it down? access? Are your systems a barrier to wider use?
  10. 10. How does it play out with us… UEA Climatic Research Unit, York data loss, Google email hack, etc have focused UEA on the security of its systems. UEA is a target for hackers and phishing attacks (and FOI requests!) Authentication and role based access from mobile devices needs addressing. Need to provide means to place our content in the users space Need to develop a seamless, flexible and consistent authentication environment. Need a faster way of delivering valueNovember 10, 2011
  11. 11. IDM Our ModelHR OpenAthens IdP UEA Active DirectoryWEB Always Authenticated UEA AlumniVLE Single Sign On Route UEA CRMFinance Contacts UEA ResearchLibrary Partners OpenIdDigitalRepository OpenAthens SP UK Fed, etcExternalJournals Authorisation to resources is based on: Identity of the user Level of confidence in the authentication source Level of confidence in the users device User role based attributes (staff/student/grade etc)
  12. 12. Access publisher resourcesUser provides identity information Single Identity Institution acts to validate id provider Pass identity attributes Check identity trust level Check device trust level Map and link external id’s Access Institutional resources •The institution has more control over security •The service provider has more certainty over the credentials of its users •The user has a seamless experience
  13. 13. Rapid Delivery of Mobile Apps
  14. 14. Rapid Delivery of Feeds
  15. 15. Why does it matter to you?• What is the value of the data you hold?• How much reputation have you to lose?• Who has access to your usernames and passwords?• Are you compliant with licence agreements?• Are you and your users getting the most from your investment? (or are others taking advantage of it!)
  16. 16. Any Questions?