SlideShare a Scribd company logo

Iam it-summit-2015

K
kevin_donovan

This document summarizes a presentation about enabling cross-university collaboration through identity and access management (IAM) tools and standards. It discusses Harvard's IAM program and goals of simplifying user experience, enabling research and collaboration, and protecting resources. Key tools and standards discussed include TIER, InCommon federation, Grouper, and HarvardKey. The presentation emphasizes how IAM solutions can help support teaching and research by providing shared identities, attributes, and groups that facilitate collaboration across institutions.

Education
1 of 29
Download to read offline
Enabling Cross-University Collaboration with Harvard IAM: TIER, InCommon, and Grouper IT Summit 2015 June 4, 2015 Thursday 1:10-2:00 p.m.
Agenda • What is Identity & Access Management at Harvard? • IAM in Higher Education is Different • Requirements and Concerns for IAM in Higher Education • Internet2: InCommon, Shibboleth, Identity Federation, and More • TIER: Trust and Identity in Education and Research • Harvard’s Role in TIER • Major IAM Projects at Harvard: HarvardKey and Grouper • Summary: Supporting the Teaching & Research Mission 2
Who We Are • Jason Snyder Managing Director, Architecture and Engineering, HUIT • Jane Hill Director, IAM Product Management, HUIT • Scott Bradner Senior Technology Consultant, HUIT 3
What is Identity & Access Management at Harvard? 4 Objectives Guiding Principles Key Performance Indicators The Vision for the Identity & Access Management Program Harvard Community needs will drive our technology Tactical project planning will remain aligned with the program’s strategic objectives Solution design should allow for other Schools to use foundational services to communicate with the IAM system in a consistent, federated fashion Communication and socialization are critical to our success Provide users, application owners, and IT administrative staff with secure, easy access to applications; solutions that require fewer login credentials; the ability to collaborate across and beyond Harvard; and improved security and auditing. Simplify User Experience Simplify and improve access to applications and information inside and outside of the University Enable Research & Collaboration Make it easier for faculty, staff, and students to research and collaborate within the University and with other institutions Protect University Resources Improve the security stature of the University via a standard approach Facilitate Technology Innovation Establish a strong foundation for IAM to enable user access regardless of new and/or disruptive technologies Monthly number of help desk requests relating to account management Monthly number of registered production applications using IAM systems Monthly number of user logins and access requests through IAM systems Monthly number of production systems to which IAM provisions
IAM in Higher Education is Different 5 Our users are different from those in industry, and their needs are different, too. • Users are frequently affiliated with more than one institution, whether simply through multi-institution research conducted at “home” or something as multivariate as a temporary guest lecturer assignment at another university • Inter- and intra-university partnerships continue to expand • People often hold multiple rules – with multiple privileges – concurrently • Affiliations often don’t have clear start or end dates — faculty need early access to set up course sites, and many users continue to collaborate after formal appointments end • Privacy is of greater importance in higher education than within many corporate environments • Faculty and researchers depend upon continuity and accuracy in their publishing records and academic biographies, and therefore have their own unique needs
Scholarly Identity and Collaboration 6 • Increasingly, academic users need to maintain an accurate profile of their publication history and academic biography • Since IAM already involves a large amount of attribute and identifier exchange, adding scholarly identifiers to the attribute repository is a way to include this information in an existing data flow • Identifiers enable integration around an individual’s scholarly record, such as LTI, VIVO, etc. • ORCID (Open Researcher & Contributor ID) identifiers are being added to Internet2’s standardized eduPerson schema, as well as various data repositories around the academic community • Items linked to an ORCID record can have multiple external identifiers, and these can connect to other identifiers: DOIs, ISBNs, ISNIs, PubMed IDs, grant numbers, etc. Learn more about ORCID at orcid.org.
Identity and Privacy in Higher Education 7 “The rise of Internet identity began in earnest ten years ago, as academic, government and corporate and social deployments started and began to influence each other. Government initiatives have come and gone and come anew. Research and education deployments worldwide have pushed the envelope but are now challenged to inter- federate. Social providers evolve business models that leverage the user as product. “There are impressive successes now in many instances and key integrations have been achieved. The extent of usage has grown dramatically. At the same time, there are obvious stress points, where the conflict of economic motives compound issues of privacy, where the international differences in cultures and legal systems create a swamp of issues, and helping the institution and the user manage the complexity of privacy.” — Ken Klingenstein, Internet2, December 2014
IAM in Higher Education: Common Requirements 8 Commonly accepted requirements for IAM solutions across the academic community include the following: • Services must support complex authorization models to grant individuals the right levels of access to licensed resources (all roads lead to groups!) • Solutions must support federation to enable inter- and intra-institution access — not feasible to rely on centralized control of all users • Solutions must allow for the fact that users will need to access some resources on the public Internet • With interest in cloud services exploding, solutions should be able to work in the cloud if desired • Preference for open source, standards-based solutions • Services and solutions should be built with the financial constraints of higher education in mind
IAM in Higher Education: Building Our Own Solutions 9 Since higher-education users have their own special needs, out-of-the-box vendor solutions often aren’t satisfactory. Why build our own solution? • Commercial products are designed for corporate intranet environments • Vendor solutions are often a poor fit with our identity data and the requirements it poses (multiple roles, fuzzy lifecycle, increased privacy) • If support for federation even exists in vended solutions, it tends to be bi-lateral • Vendors discount software, but often look to sell expensive professional services • Use cases are often the same across institutions, regardless of their size: – Extended identity lifecycles – Context-sensitive privacy management – An identity registry that supports multiple personae – Group management
Addressing These Issues: Internet2 10 Internet2 is a not-for-profit organization started as a U.S. higher education consortium in 1996. • 252 U.S. universities • 82 corporations • 68 affiliates, including government agencies • 41 regional and state education networks • More than 65 national research and education networking partners, representing more than 100 countries Internet2 projects include: • National network (100 Gbps links, Harvard is a member) • Trust and Identity in Education and Research (TIER) • Grouper • Shibboleth • InCommon Federation
Internet2: InCommon 11 • Certificate service Flat-rate certificates • Identity management federation Use your Harvard identity elsewhere • Assurance program Standard for quality of authentication • Multifactor authentication Discount for Duo multifactor service
Internet2: Shibboleth 12 As a technology enabling identity federation, Shibboleth defines the interaction between the two key players in authentication: • Identity provider (IdP) An authentication and attribute service • Service provider (SP) An Internet-based website that uses an IdP to authenticate a user
Shibboleth Identity Federation at Harvard 13 Identity federation at Harvard is a cooperative system that supports the interconnection between SPs and IdPs, resulting in the following user experience: 1. User connects to a service and clicks a “log in” button or link 2. The service presents the user with a list of universities 3. The user selects “Harvard University” 4. The user’s browser is redirected to the Harvard web authentication system (PIN or HarvardKey) 5. The user inputs his or her credentials 6. If credentials are accepted, the user’s browser is redirected to the original service 7. The service is told that the user is authenticated
Identity Federation at Harvard: Security & Privacy 14 Harvard’s federated identity system has a number of security and privacy benefits: • The actual act of authentication is done at Harvard • The service never gets the user’s credentials • All interactions are cryptographically protected • Harvard controls what user attributes are given to the service – Usually eduPersonPrinicpalName (eppn), a random-appearing unique identifier – May also get a user’s login name and email
Identity Federation: The Scope 15 • According to InCommon, 8 million people are supported by their affiliated federated identity providers – 397 IdPs – 2,275 SPs • Harvard supports referrals from more than 30 InCommon and other SPs • Harvard also runs one SP — the Loeb Classical Library
Identity Federation: InCommon Assurance 16 Harvard is certified as an InCommon Bronze-level identity provider. • This means that we have met the extensive requirements in InCommon’s Bronze certification requirements document • See more details at http://iam.harvard.edu/resources/incommon, including our Bronze self-certification documentation • The only user impact to this certification is that users will be asked to change their passwords the first time they try to access an InCommon Bronze SP • We have also completed nearly all the requirements for Silver-level certification
TIER: Wrapping Them All Up 17 How can Harvard and other higher-education institutions effectively share and standardize the results of their IAM efforts? Through TIER — Trust and Identity in Education and Research. • Higher-education community created to accelerate maturity and broad adoption of IAM best practices • The creation of TIER formally recognizes needs for IAM standards and practices in higher education • TIER will aid in the creation of a sustainable support model for producing and maintaining tools needed to support the unique requirements of the higher- education identity ecosystem Benefits of Harvard’s membership in TIER include: • Opportunities to help develop direction for standards and design • Advance knowledge of components that TIER exists to sustain (including Shibboleth, InCommon, Grouper, and others key to Harvard’s IAM mission)
The TIER Unified Model 18 TIER operates under a unified model of IAM services corresponding to the structure below.
TIER and Harvard’s IAM Effort 19 Many of the IAM program’s key projects relate directly to domains within TIER’s unified model — for example: • Authentication • Federated Registry • Automated Provisioning and Deprovisioning • Groups • Multifactor Authentication This means not only that our mission-critical projects rely on services and technologies under TIER’s purview, but also that the processes, workflows, and technologies we develop for IAM at Harvard can inform other TIER universities working on similar problems.
Major Projects for Harvard IAM: Grouper 20 IAM is implementing a new access management system using Internet2’s Grouper, with rollout in tandem with the HarvardKey launch this autumn. • Enterprise-scale access management that manages groups and group memberships • The most suitable option for Harvard’s highly distributed management environment, as well as our heterogenous technology environment • Supports delegated group administration — meaning that because departments and teams can manage their own access control, HUIT will not need to be involved in everyday group and membership management • As an Internet2 product supported by TIER, Grouper was built by the higher education community with our needs in mind — and is backed up by successful deployments in institutions worldwide
Major Projects for Harvard IAM: Grouper 21 Grouper’s core concept includes hierarchies of groups, subgroups, and composite groups, with delegation of rights for group administration.
Grouper’s Benefits for Harvard 22 You can use groups created and maintained by Harvard IAM to support your own local groups. • Because Grouper is integrated with the main IAM identity registry, IAM will build and maintain a set of fundamental groups • IAM will also provide maintenance for locally defined and managed groups such as courses or collaboration groups • Other systems and applications that need to access groups will be able to do so easily using a variety of methods: – A SAML or CAS authentication assertion – A multivalued attribute in LDAP – A RESTful API
Major Projects for Harvard IAM: HarvardKey 23 HarvardKey is a unifying credential that enables access to email, desktop, and Web resources with a single login name and password. You’ll see changes to the old PIN login screen beginning in September, with waves of user populations invited to activate a HarvardKey soon after: • September 22, 2015: New HarvardKey self-service account management functions available to all Alumni users • October 6, 2015: HarvardKey available to FAS and Central users in conjunction with Harvard’s IT Security Campaign • Within 18 months, every Harvard Community user will be invited to onboard OCT: FAS Central SEPT: Alumni
HarvardKey: The Benefits 24 • HarvardKey is a single login name and password that enables access to email, desktop, and Web resources • Successor to Harvard’s current PIN System • New, mobile-responsive user experience for the login screen and account management suite (looks great on tablets, too!) • Authentication and authorization are much more nimble • Supports optional multifactor authentication • Easier onboarding and off-boarding • Supports the HUIT goal of “One Identity for Life” for any person — regardless of role — including seamless support for changes between roles, schools, etc.
HarvardKey: A Sneak Peek 25
In Summary: Supporting the Harvard Mission 26 • At times, Harvard on its own can feel like multiple institutions … but solutions such as HarvardKey, Grouper, InCommon federation and ORCID are addressing this: – One user credential – Attribute consolidation – Facilitating interoperability with external institutions • Our users can work across organizational as well as institutional boundaries thanks to IAM solutions • Our users’ ability to assert their identities and attributes from anywhere in the world, at any time, facilitates collaboration — that’s one thing that makes IAM in higher education unique • Our membership in TIER supports collaboration in higher education as a whole as the community identifies and addresses important IAM needs and opportunities for standardization
Thank you!
Appendix
In Summary: Supporting the Harvard Mission 29 What Goal? What Tool? Give a credential to everyone who needs it HarvardKey Enable identities to work wherever researchers and scholars need to go InCommon Federated Identity Effective group management, including a distributed permissions manager meeting the needs of teachers, scholars, and researchers Grouper Provide users with added security beginning at the login screen Multifactor Authentication (Duo) The IAM toolset — both custom solutions and tools supported by TIER — supports the critical goals supporting Harvard’s teaching and research mission.

Recommended

Video accessibility abcd 01232015
Video accessibility abcd 01232015Video accessibility abcd 01232015
Video accessibility abcd 01232015
kevin_donovan
 
Tlt and friends it summit 2016
Tlt and friends it summit 2016Tlt and friends it summit 2016
Tlt and friends it summit 2016
kevin_donovan
 
Delivering university self service for it and business services v1
Delivering university self service for it and business services v1Delivering university self service for it and business services v1
Delivering university self service for it and business services v1
margaret_ronald
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
kevin_donovan
 
Fa qs 2016-04-21
Fa qs 2016-04-21Fa qs 2016-04-21
Fa qs 2016-04-21
kevin_donovan
 
14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation
kevin_donovan
 
The multi modal curriculum
The multi modal curriculumThe multi modal curriculum
The multi modal curriculum
kevin_donovan
 
Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04
kevin_donovan
 

Recommended

Video accessibility abcd 01232015
Video accessibility abcd 01232015Video accessibility abcd 01232015
Video accessibility abcd 01232015
kevin_donovan
 
Tlt and friends it summit 2016
Tlt and friends it summit 2016Tlt and friends it summit 2016
Tlt and friends it summit 2016
kevin_donovan
 
Delivering university self service for it and business services v1
Delivering university self service for it and business services v1Delivering university self service for it and business services v1
Delivering university self service for it and business services v1
margaret_ronald
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
kevin_donovan
 
Fa qs 2016-04-21
Fa qs 2016-04-21Fa qs 2016-04-21
Fa qs 2016-04-21
kevin_donovan
 
14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation
kevin_donovan
 
The multi modal curriculum
The multi modal curriculumThe multi modal curriculum
The multi modal curriculum
kevin_donovan
 
Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04
kevin_donovan
 
Tlt for it summit 2015 final
Tlt for it summit 2015 finalTlt for it summit 2015 final
Tlt for it summit 2015 final
kevin_donovan
 
14.06.05 TLT IT Summit
14.06.05 TLT IT Summit 14.06.05 TLT IT Summit
14.06.05 TLT IT Summit
kevin_donovan
 
15.06.05 Using web and social media metrics to measure success and drive digi...
15.06.05 Using web and social media metrics to measure success and drive digi...15.06.05 Using web and social media metrics to measure success and drive digi...
15.06.05 Using web and social media metrics to measure success and drive digi...
kevin_donovan
 
Slt fas fall startup 2014 combined final v2
Slt fas fall startup 2014 combined final v2Slt fas fall startup 2014 combined final v2
Slt fas fall startup 2014 combined final v2
kevin_donovan
 
Partner engagement program connect dots jan 2014-final
Partner engagement program connect dots jan 2014-finalPartner engagement program connect dots jan 2014-final
Partner engagement program connect dots jan 2014-final
kevin_donovan
 
14.05.08 bcdr working_group_update
14.05.08 bcdr working_group_update14.05.08 bcdr working_group_update
14.05.08 bcdr working_group_update
kevin_donovan
 
14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update
kevin_donovan
 
It summit salesforce
It summit salesforceIt summit salesforce
It summit salesforce
kevin_donovan
 
Tlt success
Tlt successTlt success
Tlt success
kevin_donovan
 
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
kevin_donovan
 
Huit 2014 november town hall
Huit 2014 november town hallHuit 2014 november town hall
Huit 2014 november town hall
kevin_donovan
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills project
Jisc
 
The benefits and challenges of open access: lessons from practice - Helen Bla...
The benefits and challenges of open access: lessons from practice - Helen Bla...The benefits and challenges of open access: lessons from practice - Helen Bla...
The benefits and challenges of open access: lessons from practice - Helen Bla...
Jisc
 
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
lisbk
 
Making your mind up: Formalising the evaluation of learning technologies 
Making your mind up: Formalising the evaluation of learning technologies Making your mind up: Formalising the evaluation of learning technologies 
Making your mind up: Formalising the evaluation of learning technologies 
Marieke Guy
 
The real apprenticeship co.
The real apprenticeship co.The real apprenticeship co.
The real apprenticeship co.
Jisc
 
Reflections On Personal Experiences In Using Wikis
Reflections On Personal Experiences In Using WikisReflections On Personal Experiences In Using Wikis
Reflections On Personal Experiences In Using Wikis
lisbk
 
Implemententing analytics part 1 - Niall Sclater
Implemententing analytics part 1 - Niall SclaterImplemententing analytics part 1 - Niall Sclater
Implemententing analytics part 1 - Niall Sclater
Jisc
 
Designing and implementing a digital skills certificate using Xerte and Moodle
Designing and implementing a digital skills certificate using Xerte and MoodleDesigning and implementing a digital skills certificate using Xerte and Moodle
Designing and implementing a digital skills certificate using Xerte and Moodle
Jisc
 
Predicting and Preparing For Emerging Learning Technologies
Predicting and Preparing For Emerging Learning Technologies Predicting and Preparing For Emerging Learning Technologies
Predicting and Preparing For Emerging Learning Technologies
lisbk
 
Identity & Authentication Management - Judy Luther
Identity & Authentication Management - Judy LutherIdentity & Authentication Management - Judy Luther
Identity & Authentication Management - Judy Luther
National Information Standards Organization (NISO)
 
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.pptEDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
PreethamS41
 

More Related Content

What's hot

Tlt for it summit 2015 final
Tlt for it summit 2015 finalTlt for it summit 2015 final
Tlt for it summit 2015 final
kevin_donovan
 
14.06.05 TLT IT Summit
14.06.05 TLT IT Summit 14.06.05 TLT IT Summit
14.06.05 TLT IT Summit
kevin_donovan
 
15.06.05 Using web and social media metrics to measure success and drive digi...
15.06.05 Using web and social media metrics to measure success and drive digi...15.06.05 Using web and social media metrics to measure success and drive digi...
15.06.05 Using web and social media metrics to measure success and drive digi...
kevin_donovan
 
Slt fas fall startup 2014 combined final v2
Slt fas fall startup 2014 combined final v2Slt fas fall startup 2014 combined final v2
Slt fas fall startup 2014 combined final v2
kevin_donovan
 
Partner engagement program connect dots jan 2014-final
Partner engagement program connect dots jan 2014-finalPartner engagement program connect dots jan 2014-final
Partner engagement program connect dots jan 2014-final
kevin_donovan
 
14.05.08 bcdr working_group_update
14.05.08 bcdr working_group_update14.05.08 bcdr working_group_update
14.05.08 bcdr working_group_update
kevin_donovan
 
14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update
kevin_donovan
 
It summit salesforce
It summit salesforceIt summit salesforce
It summit salesforce
kevin_donovan
 
Tlt success
Tlt successTlt success
Tlt success
kevin_donovan
 
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
kevin_donovan
 
Huit 2014 november town hall
Huit 2014 november town hallHuit 2014 november town hall
Huit 2014 november town hall
kevin_donovan
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills project
Jisc
 
The benefits and challenges of open access: lessons from practice - Helen Bla...
The benefits and challenges of open access: lessons from practice - Helen Bla...The benefits and challenges of open access: lessons from practice - Helen Bla...
The benefits and challenges of open access: lessons from practice - Helen Bla...
Jisc
 
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
lisbk
 
Making your mind up: Formalising the evaluation of learning technologies 
Making your mind up: Formalising the evaluation of learning technologies Making your mind up: Formalising the evaluation of learning technologies 
Making your mind up: Formalising the evaluation of learning technologies 
Marieke Guy
 
The real apprenticeship co.
The real apprenticeship co.The real apprenticeship co.
The real apprenticeship co.
Jisc
 
Reflections On Personal Experiences In Using Wikis
Reflections On Personal Experiences In Using WikisReflections On Personal Experiences In Using Wikis
Reflections On Personal Experiences In Using Wikis
lisbk
 
Implemententing analytics part 1 - Niall Sclater
Implemententing analytics part 1 - Niall SclaterImplemententing analytics part 1 - Niall Sclater
Implemententing analytics part 1 - Niall Sclater
Jisc
 
Designing and implementing a digital skills certificate using Xerte and Moodle
Designing and implementing a digital skills certificate using Xerte and MoodleDesigning and implementing a digital skills certificate using Xerte and Moodle
Designing and implementing a digital skills certificate using Xerte and Moodle
Jisc
 
Predicting and Preparing For Emerging Learning Technologies
Predicting and Preparing For Emerging Learning Technologies Predicting and Preparing For Emerging Learning Technologies
Predicting and Preparing For Emerging Learning Technologies
lisbk
 

What's hot (20)

Tlt for it summit 2015 final
Tlt for it summit 2015 finalTlt for it summit 2015 final
Tlt for it summit 2015 final
 
14.06.05 TLT IT Summit
14.06.05 TLT IT Summit 14.06.05 TLT IT Summit
14.06.05 TLT IT Summit
 
15.06.05 Using web and social media metrics to measure success and drive digi...
15.06.05 Using web and social media metrics to measure success and drive digi...15.06.05 Using web and social media metrics to measure success and drive digi...
15.06.05 Using web and social media metrics to measure success and drive digi...
 
Slt fas fall startup 2014 combined final v2
Slt fas fall startup 2014 combined final v2Slt fas fall startup 2014 combined final v2
Slt fas fall startup 2014 combined final v2
 
Partner engagement program connect dots jan 2014-final
Partner engagement program connect dots jan 2014-finalPartner engagement program connect dots jan 2014-final
Partner engagement program connect dots jan 2014-final
 
14.05.08 bcdr working_group_update
14.05.08 bcdr working_group_update14.05.08 bcdr working_group_update
14.05.08 bcdr working_group_update
 
14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update
 
It summit salesforce
It summit salesforceIt summit salesforce
It summit salesforce
 
Tlt success
Tlt successTlt success
Tlt success
 
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
Oculus: Using Open APIs to Share Harvard’s Digitized Books and Manuscripts
 
Huit 2014 november town hall
Huit 2014 november town hallHuit 2014 november town hall
Huit 2014 november town hall
 
Outcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills projectOutcomes from the Digital Student Skills project
Outcomes from the Digital Student Skills project
 
The benefits and challenges of open access: lessons from practice - Helen Bla...
The benefits and challenges of open access: lessons from practice - Helen Bla...The benefits and challenges of open access: lessons from practice - Helen Bla...
The benefits and challenges of open access: lessons from practice - Helen Bla...
 
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
 
Making your mind up: Formalising the evaluation of learning technologies 
Making your mind up: Formalising the evaluation of learning technologies Making your mind up: Formalising the evaluation of learning technologies 
Making your mind up: Formalising the evaluation of learning technologies 
 
The real apprenticeship co.
The real apprenticeship co.The real apprenticeship co.
The real apprenticeship co.
 
Reflections On Personal Experiences In Using Wikis
Reflections On Personal Experiences In Using WikisReflections On Personal Experiences In Using Wikis
Reflections On Personal Experiences In Using Wikis
 
Implemententing analytics part 1 - Niall Sclater
Implemententing analytics part 1 - Niall SclaterImplemententing analytics part 1 - Niall Sclater
Implemententing analytics part 1 - Niall Sclater
 
Designing and implementing a digital skills certificate using Xerte and Moodle
Designing and implementing a digital skills certificate using Xerte and MoodleDesigning and implementing a digital skills certificate using Xerte and Moodle
Designing and implementing a digital skills certificate using Xerte and Moodle
 
Predicting and Preparing For Emerging Learning Technologies
Predicting and Preparing For Emerging Learning Technologies Predicting and Preparing For Emerging Learning Technologies
Predicting and Preparing For Emerging Learning Technologies
 

Similar to Iam it-summit-2015

Identity & Authentication Management - Judy Luther
Identity & Authentication Management - Judy LutherIdentity & Authentication Management - Judy Luther
Identity & Authentication Management - Judy Luther
National Information Standards Organization (NISO)
 
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.pptEDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
PreethamS41
 
Reputation based model for decision making in the digital age
Reputation based model for decision making in the digital ageReputation based model for decision making in the digital age
Reputation based model for decision making in the digital age
Togar Simatupang
 
Iam update 2014.10.16
Iam update 2014.10.16Iam update 2014.10.16
Iam update 2014.10.16
kevin_donovan
 
Incommon overview
Incommon overviewIncommon overview
Incommon overview
Barry Johnson
 
Metadata Matters – Collaboration, Search, and Information Governance at Brail...
Metadata Matters – Collaboration, Search, and Information Governance at Brail...Metadata Matters – Collaboration, Search, and Information Governance at Brail...
Metadata Matters – Collaboration, Search, and Information Governance at Brail...
Concept Searching, Inc
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint Webinar
Concept Searching, Inc
 
CIS 2015- Social Identity Management in Academia Real World BYOI- Tom Eggleston
CIS 2015- Social Identity Management in Academia Real World BYOI- Tom EgglestonCIS 2015- Social Identity Management in Academia Real World BYOI- Tom Eggleston
CIS 2015- Social Identity Management in Academia Real World BYOI- Tom Eggleston
CloudIDSummit
 
Lecture 2- Knowledge Managment .pptx
Lecture 2- Knowledge Managment .pptxLecture 2- Knowledge Managment .pptx
Lecture 2- Knowledge Managment .pptx
RoshanKC10
 
2010 Edu tools
2010 Edu tools2010 Edu tools
2010 Edu tools
WCET
 
Best of the Intranet Global Forum LA 2015
Best of the Intranet Global Forum LA 2015Best of the Intranet Global Forum LA 2015
Best of the Intranet Global Forum LA 2015
Toby Ward
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital Identity
Noreen Whysel
 
Overview.ppt
Overview.pptOverview.ppt
Overview.ppt
rihahel554
 
Next gen idm webinar 271214
Next gen idm webinar 271214Next gen idm webinar 271214
Next gen idm webinar 271214
Tom Eggleston
 
The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)
JISC.AM
 
NISO-STM RA21 Project Update
NISO-STM RA21 Project UpdateNISO-STM RA21 Project Update
NISO-STM RA21 Project Update
TACNISO
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMS
Jisc
 
Guide to Digital and Communication Accessibility in Higher Education
Guide to Digital and Communication Accessibility in Higher EducationGuide to Digital and Communication Accessibility in Higher Education
Guide to Digital and Communication Accessibility in Higher Education
3Play Media
 
Open Standards- the key to building digital learning environments
Open Standards- the key to building digital learning environmentsOpen Standards- the key to building digital learning environments
Open Standards- the key to building digital learning environments
cccschamp
 
Edugate Futures
Edugate FuturesEdugate Futures
Edugate Futures
HEAnet
 

Similar to Iam it-summit-2015 (20)

Identity & Authentication Management - Judy Luther
Identity & Authentication Management - Judy LutherIdentity & Authentication Management - Judy Luther
Identity & Authentication Management - Judy Luther
 
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.pptEDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
 
Reputation based model for decision making in the digital age
Reputation based model for decision making in the digital ageReputation based model for decision making in the digital age
Reputation based model for decision making in the digital age
 
Iam update 2014.10.16
Iam update 2014.10.16Iam update 2014.10.16
Iam update 2014.10.16
 
Incommon overview
Incommon overviewIncommon overview
Incommon overview
 
Metadata Matters – Collaboration, Search, and Information Governance at Brail...
Metadata Matters – Collaboration, Search, and Information Governance at Brail...Metadata Matters – Collaboration, Search, and Information Governance at Brail...
Metadata Matters – Collaboration, Search, and Information Governance at Brail...
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint Webinar
 
CIS 2015- Social Identity Management in Academia Real World BYOI- Tom Eggleston
CIS 2015- Social Identity Management in Academia Real World BYOI- Tom EgglestonCIS 2015- Social Identity Management in Academia Real World BYOI- Tom Eggleston
CIS 2015- Social Identity Management in Academia Real World BYOI- Tom Eggleston
 
Lecture 2- Knowledge Managment .pptx
Lecture 2- Knowledge Managment .pptxLecture 2- Knowledge Managment .pptx
Lecture 2- Knowledge Managment .pptx
 
2010 Edu tools
2010 Edu tools2010 Edu tools
2010 Edu tools
 
Best of the Intranet Global Forum LA 2015
Best of the Intranet Global Forum LA 2015Best of the Intranet Global Forum LA 2015
Best of the Intranet Global Forum LA 2015
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital Identity
 
Overview.ppt
Overview.pptOverview.ppt
Overview.ppt
 
Next gen idm webinar 271214
Next gen idm webinar 271214Next gen idm webinar 271214
Next gen idm webinar 271214
 
The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)
 
NISO-STM RA21 Project Update
NISO-STM RA21 Project UpdateNISO-STM RA21 Project Update
NISO-STM RA21 Project Update
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMS
 
Guide to Digital and Communication Accessibility in Higher Education
Guide to Digital and Communication Accessibility in Higher EducationGuide to Digital and Communication Accessibility in Higher Education
Guide to Digital and Communication Accessibility in Higher Education
 
Open Standards- the key to building digital learning environments
Open Standards- the key to building digital learning environmentsOpen Standards- the key to building digital learning environments
Open Standards- the key to building digital learning environments
 
Edugate Futures
Edugate FuturesEdugate Futures
Edugate Futures
 

More from kevin_donovan

It summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalIt summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-final
kevin_donovan
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
kevin_donovan
 
Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531
kevin_donovan
 
It summit 2016_combined
It summit 2016_combinedIt summit 2016_combined
It summit 2016_combined
kevin_donovan
 
It summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosasIt summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosas
kevin_donovan
 
Hms crash planitsummit2016
Hms crash planitsummit2016Hms crash planitsummit2016
Hms crash planitsummit2016
kevin_donovan
 
It summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosasIt summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosas
kevin_donovan
 
Lightbox ham it_summit_final
Lightbox ham it_summit_finalLightbox ham it_summit_final
Lightbox ham it_summit_final
kevin_donovan
 
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
kevin_donovan
 
Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16
kevin_donovan
 
Phish, flop, or fine
Phish, flop, or fine Phish, flop, or fine
Phish, flop, or fine
kevin_donovan
 
Waldo Summit 2016
Waldo Summit 2016Waldo Summit 2016
Waldo Summit 2016
kevin_donovan
 
IT Academy at IT Summti
IT Academy at IT SummtiIT Academy at IT Summti
IT Academy at IT Summti
kevin_donovan
 
Mobile firstpresentation huit
Mobile firstpresentation huitMobile firstpresentation huit
Mobile firstpresentation huit
kevin_donovan
 
Saving our social_media
Saving our social_mediaSaving our social_media
Saving our social_media
kevin_donovan
 
Urc it summit-2
Urc it summit-2Urc it summit-2
Urc it summit-2
kevin_donovan
 
Stakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outageStakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outage
kevin_donovan
 
Open housepix
Open housepixOpen housepix
Open housepix
kevin_donovan
 
Data center outage project update
Data center outage project updateData center outage project update
Data center outage project update
kevin_donovan
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deck
kevin_donovan
 

More from kevin_donovan (20)

It summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalIt summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-final
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
 
Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531
 
It summit 2016_combined
It summit 2016_combinedIt summit 2016_combined
It summit 2016_combined
 
It summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosasIt summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosas
 
Hms crash planitsummit2016
Hms crash planitsummit2016Hms crash planitsummit2016
Hms crash planitsummit2016
 
It summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosasIt summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosas
 
Lightbox ham it_summit_final
Lightbox ham it_summit_finalLightbox ham it_summit_final
Lightbox ham it_summit_final
 
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
 
Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16
 
Phish, flop, or fine
Phish, flop, or fine Phish, flop, or fine
Phish, flop, or fine
 
Waldo Summit 2016
Waldo Summit 2016Waldo Summit 2016
Waldo Summit 2016
 
IT Academy at IT Summti
IT Academy at IT SummtiIT Academy at IT Summti
IT Academy at IT Summti
 
Mobile firstpresentation huit
Mobile firstpresentation huitMobile firstpresentation huit
Mobile firstpresentation huit
 
Saving our social_media
Saving our social_mediaSaving our social_media
Saving our social_media
 
Urc it summit-2
Urc it summit-2Urc it summit-2
Urc it summit-2
 
Stakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outageStakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outage
 
Open housepix
Open housepixOpen housepix
Open housepix
 
Data center outage project update
Data center outage project updateData center outage project update
Data center outage project update
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deck
 

Recently uploaded

Data Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsxData Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsx
Prof. Dr. K. Adisesha
 
Wound healing PPT
Wound healing PPTWound healing PPT
Wound healing PPT
Jyoti Chand
 
Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10
nitinpv4ai
 
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skillsspot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
haiqairshad
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
GeorgeMilliken2
 
HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.
deepaannamalai16
 
MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025
khuleseema60
 
Nutrition Inc FY 2024, 4 - Hour Training
Nutrition Inc FY 2024, 4 - Hour TrainingNutrition Inc FY 2024, 4 - Hour Training
Nutrition Inc FY 2024, 4 - Hour Training
melliereed
 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Denish Jangid
 
skeleton System.pdf (skeleton system wow)
skeleton System.pdf (skeleton system wow)skeleton System.pdf (skeleton system wow)
skeleton System.pdf (skeleton system wow)
Mohammad Al-Dhahabi
 
Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...
Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...
Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...
ImMuslim
 
The basics of sentences session 7pptx.pptx
The basics of sentences session 7pptx.pptxThe basics of sentences session 7pptx.pptx
The basics of sentences session 7pptx.pptx
heathfieldcps1
 
Electric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger HuntElectric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger Hunt
RamseyBerglund
 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
iammrhaywood
 
Temple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation resultsTemple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation results
Krassimira Luka
 
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
imrankhan141184
 
SWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptxSWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptx
zuzanka
 
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdfREASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
giancarloi8888
 
Juneteenth Freedom Day 2024 David Douglas School District
Juneteenth Freedom Day 2024 David Douglas School DistrictJuneteenth Freedom Day 2024 David Douglas School District
Juneteenth Freedom Day 2024 David Douglas School District
David Douglas School District
 
Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47
MysoreMuleSoftMeetup
 

Recently uploaded (20)

Data Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsxData Structure using C by Dr. K Adisesha .ppsx
Data Structure using C by Dr. K Adisesha .ppsx
 
Wound healing PPT
Wound healing PPTWound healing PPT
Wound healing PPT
 
Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10Haunted Houses by H W Longfellow for class 10
Haunted Houses by H W Longfellow for class 10
 
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skillsspot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
 
HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.
 
MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025
 
Nutrition Inc FY 2024, 4 - Hour Training
Nutrition Inc FY 2024, 4 - Hour TrainingNutrition Inc FY 2024, 4 - Hour Training
Nutrition Inc FY 2024, 4 - Hour Training
 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
 
skeleton System.pdf (skeleton system wow)
skeleton System.pdf (skeleton system wow)skeleton System.pdf (skeleton system wow)
skeleton System.pdf (skeleton system wow)
 
Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...
Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...
Geography as a Discipline Chapter 1 __ Class 11 Geography NCERT _ Class Notes...
 
The basics of sentences session 7pptx.pptx
The basics of sentences session 7pptx.pptxThe basics of sentences session 7pptx.pptx
The basics of sentences session 7pptx.pptx
 
Electric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger HuntElectric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger Hunt
 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
 
Temple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation resultsTemple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation results
 
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
 
SWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptxSWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptx
 
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdfREASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
 
Juneteenth Freedom Day 2024 David Douglas School District
Juneteenth Freedom Day 2024 David Douglas School DistrictJuneteenth Freedom Day 2024 David Douglas School District
Juneteenth Freedom Day 2024 David Douglas School District
 
Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47
 

Iam it-summit-2015

  • 1. Enabling Cross-University Collaboration with Harvard IAM: TIER, InCommon, and Grouper IT Summit 2015 June 4, 2015 Thursday 1:10-2:00 p.m.
  • 2. Agenda • What is Identity & Access Management at Harvard? • IAM in Higher Education is Different • Requirements and Concerns for IAM in Higher Education • Internet2: InCommon, Shibboleth, Identity Federation, and More • TIER: Trust and Identity in Education and Research • Harvard’s Role in TIER • Major IAM Projects at Harvard: HarvardKey and Grouper • Summary: Supporting the Teaching & Research Mission 2
  • 3. Who We Are • Jason Snyder Managing Director, Architecture and Engineering, HUIT • Jane Hill Director, IAM Product Management, HUIT • Scott Bradner Senior Technology Consultant, HUIT 3
  • 4. What is Identity & Access Management at Harvard? 4 Objectives Guiding Principles Key Performance Indicators The Vision for the Identity & Access Management Program Harvard Community needs will drive our technology Tactical project planning will remain aligned with the program’s strategic objectives Solution design should allow for other Schools to use foundational services to communicate with the IAM system in a consistent, federated fashion Communication and socialization are critical to our success Provide users, application owners, and IT administrative staff with secure, easy access to applications; solutions that require fewer login credentials; the ability to collaborate across and beyond Harvard; and improved security and auditing. Simplify User Experience Simplify and improve access to applications and information inside and outside of the University Enable Research & Collaboration Make it easier for faculty, staff, and students to research and collaborate within the University and with other institutions Protect University Resources Improve the security stature of the University via a standard approach Facilitate Technology Innovation Establish a strong foundation for IAM to enable user access regardless of new and/or disruptive technologies Monthly number of help desk requests relating to account management Monthly number of registered production applications using IAM systems Monthly number of user logins and access requests through IAM systems Monthly number of production systems to which IAM provisions
  • 5. IAM in Higher Education is Different 5 Our users are different from those in industry, and their needs are different, too. • Users are frequently affiliated with more than one institution, whether simply through multi-institution research conducted at “home” or something as multivariate as a temporary guest lecturer assignment at another university • Inter- and intra-university partnerships continue to expand • People often hold multiple rules – with multiple privileges – concurrently • Affiliations often don’t have clear start or end dates — faculty need early access to set up course sites, and many users continue to collaborate after formal appointments end • Privacy is of greater importance in higher education than within many corporate environments • Faculty and researchers depend upon continuity and accuracy in their publishing records and academic biographies, and therefore have their own unique needs
  • 6. Scholarly Identity and Collaboration 6 • Increasingly, academic users need to maintain an accurate profile of their publication history and academic biography • Since IAM already involves a large amount of attribute and identifier exchange, adding scholarly identifiers to the attribute repository is a way to include this information in an existing data flow • Identifiers enable integration around an individual’s scholarly record, such as LTI, VIVO, etc. • ORCID (Open Researcher & Contributor ID) identifiers are being added to Internet2’s standardized eduPerson schema, as well as various data repositories around the academic community • Items linked to an ORCID record can have multiple external identifiers, and these can connect to other identifiers: DOIs, ISBNs, ISNIs, PubMed IDs, grant numbers, etc. Learn more about ORCID at orcid.org.
  • 7. Identity and Privacy in Higher Education 7 “The rise of Internet identity began in earnest ten years ago, as academic, government and corporate and social deployments started and began to influence each other. Government initiatives have come and gone and come anew. Research and education deployments worldwide have pushed the envelope but are now challenged to inter- federate. Social providers evolve business models that leverage the user as product. “There are impressive successes now in many instances and key integrations have been achieved. The extent of usage has grown dramatically. At the same time, there are obvious stress points, where the conflict of economic motives compound issues of privacy, where the international differences in cultures and legal systems create a swamp of issues, and helping the institution and the user manage the complexity of privacy.” — Ken Klingenstein, Internet2, December 2014
  • 8. IAM in Higher Education: Common Requirements 8 Commonly accepted requirements for IAM solutions across the academic community include the following: • Services must support complex authorization models to grant individuals the right levels of access to licensed resources (all roads lead to groups!) • Solutions must support federation to enable inter- and intra-institution access — not feasible to rely on centralized control of all users • Solutions must allow for the fact that users will need to access some resources on the public Internet • With interest in cloud services exploding, solutions should be able to work in the cloud if desired • Preference for open source, standards-based solutions • Services and solutions should be built with the financial constraints of higher education in mind
  • 9. IAM in Higher Education: Building Our Own Solutions 9 Since higher-education users have their own special needs, out-of-the-box vendor solutions often aren’t satisfactory. Why build our own solution? • Commercial products are designed for corporate intranet environments • Vendor solutions are often a poor fit with our identity data and the requirements it poses (multiple roles, fuzzy lifecycle, increased privacy) • If support for federation even exists in vended solutions, it tends to be bi-lateral • Vendors discount software, but often look to sell expensive professional services • Use cases are often the same across institutions, regardless of their size: – Extended identity lifecycles – Context-sensitive privacy management – An identity registry that supports multiple personae – Group management
  • 10. Addressing These Issues: Internet2 10 Internet2 is a not-for-profit organization started as a U.S. higher education consortium in 1996. • 252 U.S. universities • 82 corporations • 68 affiliates, including government agencies • 41 regional and state education networks • More than 65 national research and education networking partners, representing more than 100 countries Internet2 projects include: • National network (100 Gbps links, Harvard is a member) • Trust and Identity in Education and Research (TIER) • Grouper • Shibboleth • InCommon Federation
  • 11. Internet2: InCommon 11 • Certificate service Flat-rate certificates • Identity management federation Use your Harvard identity elsewhere • Assurance program Standard for quality of authentication • Multifactor authentication Discount for Duo multifactor service
  • 12. Internet2: Shibboleth 12 As a technology enabling identity federation, Shibboleth defines the interaction between the two key players in authentication: • Identity provider (IdP) An authentication and attribute service • Service provider (SP) An Internet-based website that uses an IdP to authenticate a user
  • 13. Shibboleth Identity Federation at Harvard 13 Identity federation at Harvard is a cooperative system that supports the interconnection between SPs and IdPs, resulting in the following user experience: 1. User connects to a service and clicks a “log in” button or link 2. The service presents the user with a list of universities 3. The user selects “Harvard University” 4. The user’s browser is redirected to the Harvard web authentication system (PIN or HarvardKey) 5. The user inputs his or her credentials 6. If credentials are accepted, the user’s browser is redirected to the original service 7. The service is told that the user is authenticated
  • 14. Identity Federation at Harvard: Security & Privacy 14 Harvard’s federated identity system has a number of security and privacy benefits: • The actual act of authentication is done at Harvard • The service never gets the user’s credentials • All interactions are cryptographically protected • Harvard controls what user attributes are given to the service – Usually eduPersonPrinicpalName (eppn), a random-appearing unique identifier – May also get a user’s login name and email
  • 15. Identity Federation: The Scope 15 • According to InCommon, 8 million people are supported by their affiliated federated identity providers – 397 IdPs – 2,275 SPs • Harvard supports referrals from more than 30 InCommon and other SPs • Harvard also runs one SP — the Loeb Classical Library
  • 16. Identity Federation: InCommon Assurance 16 Harvard is certified as an InCommon Bronze-level identity provider. • This means that we have met the extensive requirements in InCommon’s Bronze certification requirements document • See more details at http://iam.harvard.edu/resources/incommon, including our Bronze self-certification documentation • The only user impact to this certification is that users will be asked to change their passwords the first time they try to access an InCommon Bronze SP • We have also completed nearly all the requirements for Silver-level certification
  • 17. TIER: Wrapping Them All Up 17 How can Harvard and other higher-education institutions effectively share and standardize the results of their IAM efforts? Through TIER — Trust and Identity in Education and Research. • Higher-education community created to accelerate maturity and broad adoption of IAM best practices • The creation of TIER formally recognizes needs for IAM standards and practices in higher education • TIER will aid in the creation of a sustainable support model for producing and maintaining tools needed to support the unique requirements of the higher- education identity ecosystem Benefits of Harvard’s membership in TIER include: • Opportunities to help develop direction for standards and design • Advance knowledge of components that TIER exists to sustain (including Shibboleth, InCommon, Grouper, and others key to Harvard’s IAM mission)
  • 18. The TIER Unified Model 18 TIER operates under a unified model of IAM services corresponding to the structure below.
  • 19. TIER and Harvard’s IAM Effort 19 Many of the IAM program’s key projects relate directly to domains within TIER’s unified model — for example: • Authentication • Federated Registry • Automated Provisioning and Deprovisioning • Groups • Multifactor Authentication This means not only that our mission-critical projects rely on services and technologies under TIER’s purview, but also that the processes, workflows, and technologies we develop for IAM at Harvard can inform other TIER universities working on similar problems.
  • 20. Major Projects for Harvard IAM: Grouper 20 IAM is implementing a new access management system using Internet2’s Grouper, with rollout in tandem with the HarvardKey launch this autumn. • Enterprise-scale access management that manages groups and group memberships • The most suitable option for Harvard’s highly distributed management environment, as well as our heterogenous technology environment • Supports delegated group administration — meaning that because departments and teams can manage their own access control, HUIT will not need to be involved in everyday group and membership management • As an Internet2 product supported by TIER, Grouper was built by the higher education community with our needs in mind — and is backed up by successful deployments in institutions worldwide
  • 21. Major Projects for Harvard IAM: Grouper 21 Grouper’s core concept includes hierarchies of groups, subgroups, and composite groups, with delegation of rights for group administration.
  • 22. Grouper’s Benefits for Harvard 22 You can use groups created and maintained by Harvard IAM to support your own local groups. • Because Grouper is integrated with the main IAM identity registry, IAM will build and maintain a set of fundamental groups • IAM will also provide maintenance for locally defined and managed groups such as courses or collaboration groups • Other systems and applications that need to access groups will be able to do so easily using a variety of methods: – A SAML or CAS authentication assertion – A multivalued attribute in LDAP – A RESTful API
  • 23. Major Projects for Harvard IAM: HarvardKey 23 HarvardKey is a unifying credential that enables access to email, desktop, and Web resources with a single login name and password. You’ll see changes to the old PIN login screen beginning in September, with waves of user populations invited to activate a HarvardKey soon after: • September 22, 2015: New HarvardKey self-service account management functions available to all Alumni users • October 6, 2015: HarvardKey available to FAS and Central users in conjunction with Harvard’s IT Security Campaign • Within 18 months, every Harvard Community user will be invited to onboard OCT: FAS Central SEPT: Alumni
  • 24. HarvardKey: The Benefits 24 • HarvardKey is a single login name and password that enables access to email, desktop, and Web resources • Successor to Harvard’s current PIN System • New, mobile-responsive user experience for the login screen and account management suite (looks great on tablets, too!) • Authentication and authorization are much more nimble • Supports optional multifactor authentication • Easier onboarding and off-boarding • Supports the HUIT goal of “One Identity for Life” for any person — regardless of role — including seamless support for changes between roles, schools, etc.
  • 26. In Summary: Supporting the Harvard Mission 26 • At times, Harvard on its own can feel like multiple institutions … but solutions such as HarvardKey, Grouper, InCommon federation and ORCID are addressing this: – One user credential – Attribute consolidation – Facilitating interoperability with external institutions • Our users can work across organizational as well as institutional boundaries thanks to IAM solutions • Our users’ ability to assert their identities and attributes from anywhere in the world, at any time, facilitates collaboration — that’s one thing that makes IAM in higher education unique • Our membership in TIER supports collaboration in higher education as a whole as the community identifies and addresses important IAM needs and opportunities for standardization
  • 29. In Summary: Supporting the Harvard Mission 29 What Goal? What Tool? Give a credential to everyone who needs it HarvardKey Enable identities to work wherever researchers and scholars need to go InCommon Federated Identity Effective group management, including a distributed permissions manager meeting the needs of teachers, scholars, and researchers Grouper Provide users with added security beginning at the login screen Multifactor Authentication (Duo) The IAM toolset — both custom solutions and tools supported by TIER — supports the critical goals supporting Harvard’s teaching and research mission.