Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized
description
Transcript of Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized
![Page 1: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/1.jpg)
Presenters (East to West):
Suresh Balakrishnan, University System of Maryland Dennis Cromwell, Indiana University - BloomingtonMelinda Jones, University of Colorado at BoulderMark Crase, California State University David Bantz, University of Alaska
Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized
![Page 2: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/2.jpg)
2003.10.14 [email protected]
UA Enterprise Directory
•Centralized core data
•Campus applications
•Contacts: self-service
![Page 3: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/3.jpg)
University of Alaska
![Page 4: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/4.jpg)
UA Directory Status
67,000 students; 10,000 employees; 760 departments
Departments fork linked to employees
Web gateway interface supports searching, listing, self-service data
Scheduled & ad hoc batch updates from multiple sources
![Page 5: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/5.jpg)
QuickTime™ and aPhoto - JPEG decompressor
are needed to see this picture.
UA Enterprise Directory StrategyEnvironmental Challenges
Distributed implementation team
Complex interface constraints - based on attributes or roles
Sub-set vs. super-set philosophies
![Page 6: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/6.jpg)
Two phase commit for self-service edits (Registry/EDir)
Registry (Oracle db) enforces UA rules (syntax, constraints, validation values)
Distributed admin facilitated by attribute-based roles (role-based ACIs)
UA Enterprise Directory Responses to Challenges
![Page 7: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/7.jpg)
UA Directory Architecture
SQL
![Page 8: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/8.jpg)
B*ntz
Directory Search (Anon.)
![Page 9: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/9.jpg)
Directory Search (Auth.)
![Page 10: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/10.jpg)
Detailed Results (Anon.)
![Page 11: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/11.jpg)
Self-service edits (Auth.)
![Page 12: Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized](https://reader034.fdocuments.in/reader034/viewer/2022051517/568157d6550346895dc55bb2/html5/thumbnails/12.jpg)
Employee ids, student ids, social security identifiers are not stored in the Directory
Web gateway intermediary communicates only via SSL
Data changed only by “known” processes (web gateway or MAU IT)
Gateway limits bulk harvesting
Protecting Information