More Related Content
Similar to Extending Access Management into BCE - Scoping Study
Extending Access Management into BCE - Scoping Study
- 1. Extending Access Managementinto BCE – Scoping Study Key findings & recommendations 7 th May 2009
- 2. Assess case forextending identity & access management approaches into BCE Devise recommendations to inform JISC’s next steps Aims
- 3. Extensive desk research Consultation with sector bodies, HE & FE institutions, users, JISC staff & contractors Relevant organisations in 8 countries Approach
- 4. Benefits for BCEusers of access to resources & to wider economy & society Require provision of secure, controlled access for targeted classes of users to certain institutional resources Identity & access management (IAM) connects right people with resources entitled to use in secure, controlled way Rationale for study
- 5. Institutions –enables access for non-traditional user groups in systematised way BCE users – clarity on what resources are available to them & simple, standardised way of accessing them Benefits of IAM
- 6. Current practice variesin how institutions provide access to resources No standardisation in how BCE users obtain access rights, or how arranged/ administered Most institutions find ways round rules to grant access – reactive case by case basis IAM developments in many institutions but focus generally on internal users Key findings – IAM
- 7. External –SMEs, collaborative research & learning delivery partners, employers & work-based learners Internal – IT & library staff Future demand – environmental, technological, govt ID management initiatives Key findings – demand
- 8. Staff & externalusers unaware/unclear what resources can access & how to achieve this Awareness of IAM & benefits is low Language of IAM a barrier in itself Barriers are cultural & organisational not technological Constraints of licensing for third party resources (ad hoc, remote access required) Issues & barriers
- 9. Driver for changeis adoption of federated approach to AM Possible basis for solution though changes required if use UK AM Federation Not yet possible for external BCE users to engage as can’t become members Institutions not acting as service providers Policy change required & need a ‘home’ or ‘virtual’ organisation Use of federated AM
- 10. Institutional –development of external access policy governing rights for certain groups, strategic approach to IM, promotion Cross-institutional – regional, subject based, type of user based networks using web-interface / portal & federated AM ‘ Ideal solution’ – web interface / portal for targeted groups to all institutional & 3rd party resources Other possible solutions
- 11. Business & communitygroups would benefit from access to institutional knowledge assets Benefits at many levels of improving sharing of knowledge through more effective ICT Extending IAM into BCE not a high priority for institutions Study suggests that doing so is desirable JISC therefore will have to promote & support actively to make it happen Conclusions
- 12. JISC & keypartners should decide on vision & strategy for extending IAM into BCE Explore potential of using Federation for access for external users & use of networks JISC should take more holistic approach & responsibility for IAM & share good practice Help facilitate institutions’ development of IAM solutions for external users Recommendations
- 13. Potential Phase 2pilots 5 4 3 2 1 Toolkit development, implementation and testing of externally focussed IAM within one or more case study institutions IAM issues and solutions for the Business Information Resources pilot(s) Identity management in lifelong learning in a number of institutions Supporting institutions to become service providers within the federation Extending BCE into the UK Access Management Federation tests