Welcome to CAMP Identity Management Integration Workshop

Ann WestNMI-EDITEDUCAUSE/Internet2

June 27, 2005 2

Overview

Workshop Context

A Word from the Sponsors

June 27, 2005 3

CAMP Themes: Identity Management

Functional and data-flow model

Integration issues, challenges, strategies

Opportunities to network with peers

Case studies

Available resources

Participation

June 27, 2005 4

CAMP Schedule and Tracks

Monday – Introduction to the Model– Model and Case Studies Tracks– Discussion– Reception

Tuesday – Model and Case Studies Tracks – Discussion

June 27, 2005 5

CAMP Schedule and Tracks

Wednesday– Emerging requirements: Federal E-Authentication

Initiative– Strategies for making progress at home– Identity Management Corporate Solutions

ShowcaseSun, Novell, Oracle, Microsoft

June 27, 2005 6

Integration Model Track

Case Studies Track

Monday

Credentialing Privilege Management

Reflect and Join Provisioning - Nexus

Managing Affiliations/Groups

Credentialing - Portal Services and Credentials

Tuesday

Managing Privileges Reflect and Join Policy

Provisioning and Delivery

Multiple Affiliations - Portals

Authentication Sakai

June 27, 2005 7

Workshop Details

• Slides will be available on the conference website– Program link - www.educause.edu/camp052

• Lunch discussion roundtables ideas• Comments suggestions for the CD can be

forwarded to awest@educause.edu• Free Internet access in the sleeping rooms

June 27, 2005 8

A Word From Our Sponsors

• National Science Foundation’s Middleware Initiative (NMI)

• NMI – Enterprise Desktop Integration Technologies (EDIT) Consortium– Internet2 – EDUCAUSE– Southeastern Universities Research

Association (SURA)

June 27, 2005 9

NMI-EDIT: Goals

• Create a ubiquitous common, persistent and robust core middleware infrastructure for the R&E community

• Provide tools and services to support inter-institutional and inter-realm collaborations

June 27, 2005 10

NMI-EDIT: Identity and Access Management

www.nmi-edit.org

• Identity and Identifiers – namespaces, identifier crosswalks, real world levels of assurance

• Directories – enterprise directory services architectures and tools, standard object classes, inter-realm and registry services

• Authentication – campus technologies and policies, inter-realm interoperability via PKI, Kerberos

• Authorization – permissions and access controls, delegation, privacy management

• Integration Activities – common management tools, use of virtual, federated, and hierarchical organizations

June 27, 2005 11

NMI-EDIT: Strategic Direction

• Overall technical direction set by MACE–Middleware Architecture Committee for Education (MACE)–RL “Bob” Morgan, University of Washington, Chair–Campus IT architects and representatives from Grids,

national, and International communities

–Directions set via–NSF and NMI management team–Internet2 Network Planning and Policy Advisory Council –PKI and Directory Technical Advisory Boards–Internet2 members

June 27, 2005 12

NMI-EDIT: Participants

• Higher Ed – 15-20 leadership institutions, with 50 more campuses

represented as members of working groups; readership around 2000 institutions

• Corporate– Microsoft, SUN, Liberty Alliance, DST, MitreTek,

Radvision, Polycom, EBSCO, Elsevier, JSTOR, OCLC, Baltimore Technologies,….

• Government – NSF, NIST, NIH, Federal CIO Council,…

• International –Terena, JISC, REDIRIS, AARnet, SWITCH,…

June 27, 2005 13

How the pieces fit together…

• Campus infrastructure– Name space, identifiers, directories

– Enterprise authentication and authorization

• Inter-realm infrastructure– edu schemas– Secure exchange of attributes

• Inter-realm Upperware– Grids– Digital libraries

June 27, 2005 14

Thanks

• National Science Foundation• Our Program Committee:

Steven Carmody, Renee Frost, Michael Gettes, Keith Hazelton, Shelley Henderson, Jocelyn Lindenmuth, Bill Weems, Ann West.

• All the wonderful speakers!• Showcase support:

Sun Microsystems, Novell, Oracle, and Microsoft• R.L. Bob Morgan and Steve Olshansky