The Identity Management System NMIEDIT CAMP Synopsis ISCSI

  • Slides: 15
Download presentation
The Identity Management System NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And

The Identity Management System NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of Net. ID By Jonathan Higgins Presentation Template available from Microsoft

NMI-EDIT CAMP Synopsis • Directory Workshop covering directory implementation steps, architectures, person registries, and

NMI-EDIT CAMP Synopsis • Directory Workshop covering directory implementation steps, architectures, person registries, and operational issues. • Basics for implementing an Identity Management System.

What is Identity Management? • Identity Management is an abstract for a system that

What is Identity Management? • Identity Management is an abstract for a system that manages: Identification, Authentication, and Authorization. • Identification is the act of pre-assigning a unique namespace (a username) to an individual. • Authentication binds a person with an Identity • Authorization is the act of ensuring that a person is afforded access only to services and data required to support allowed tasks.

The Big Picture

The Big Picture

Growing Pains and Silos vs. Suites • Why are we doing this? • Impending

Growing Pains and Silos vs. Suites • Why are we doing this? • Impending Growth of student, faculty, and staff population • Scalability • Silos: authentication, authorization and application are all self contained and individually administrated. • Integrated Suites: Set of applications that authenticate and authorize from a central service for multiple applications.

What Are We Doing? • Net. ID project ongoing since 9/2002 • Open. LDAP

What Are We Doing? • Net. ID project ongoing since 9/2002 • Open. LDAP and Kerberos completed 5/2003 • Active Directory integration synchronized with Open. LDAP and trusted by Kerberos 2/2004 • Negotiation of data to provide individual affiliations for dynamic groups in progress. • Blade Technology and new resources. • ISCSI storage solution for remote data storage in progress.

The State of Net. ID • 3 rd semester in production, and working as

The State of Net. ID • 3 rd semester in production, and working as intended. • New attributes are on the way. • Dynamic groups based on affiliations • Password Expiration notification system

Groups • Students, Future Students, Undergraduate, Graduate, Staff, Faculty, Employees, Visitors, Temp Employees, Student

Groups • Students, Future Students, Undergraduate, Graduate, Staff, Faculty, Employees, Visitors, Temp Employees, Student Assistants, Alumni, and Retired • Groups that will exist before this Fall include: Department based groups, Degree of Study groups, College based groups, and Courses. • What other groups do you think we may need?

Linux Blade Cluster • This project is ongoing and dependant on the ISCSI storage

Linux Blade Cluster • This project is ongoing and dependant on the ISCSI storage solution. • The MTA project will provide a single mail exchange for the @Kennesaw. edu domain. The MTA will include Spam control and Virus scanning. • Public Visible LDAP replica (FERPA controls will be in place for students)

ISCSI Storage Array? • A procedure will be available to acquire disk space. •

ISCSI Storage Array? • A procedure will be available to acquire disk space. • As a system administrator you just need to know that ISCSI provides a block level network device, not a file IO share.

How does the ISCSI Storage System work? • Client Systems • OS Layer •

How does the ISCSI Storage System work? • Client Systems • OS Layer • Physical Layer

What Still Needs To Be Done? • Upgrade Net. ID and Administration Tools to

What Still Needs To Be Done? • Upgrade Net. ID and Administration Tools to include: • Modify schema and add attributes as needed • Modify RDN for user objects to free the uid attribute to allow multi-values or aliases • Add Radius for wireless authentication • Add Account Locking/Deletion • Pursue Campus buy-in to Net. ID though identifying services and providing documentation for integration. • And more…

What can we expect in the future? • Solution for guest computing may be

What can we expect in the future? • Solution for guest computing may be Sponsorship? An idea introduced at the CAMP. • Individual account holders would be responsible for the sponsorship and creation of an account. • The new account would have no more access than the sponsor. • Access control would be monitored by the sponsor. • Possible solution to guest computing issues, parental access to their students resources, and other.

What else can we expect? • Inter-Institutional Applications • Shibboleth, a Web-based inter-organizational authorization

What else can we expect? • Inter-Institutional Applications • Shibboleth, a Web-based inter-organizational authorization system, leverages attribute repositories such as directories and the larger identity management infrastructure to service inter-institutional applications and resource sharing. • Authentication for students from another trusted university to applications and services hosted here at Kennesaw and vice-versa.

Any Questions? • Feel free to ask anything, except topics that do not concern

Any Questions? • Feel free to ask anything, except topics that do not concern KSU.

ISCSI MAC ISCSI 4 global SAN3 3 0ISCSI MAC ISCSI 4 global SAN3 3 0
CAMP Wrapup Identity Management Resources from NMIEDIT OpportunitiesCAMP Wrapup Identity Management Resources from NMIEDIT Opportunities
Camp Coordination Camp Management CCCM Camp Coordination CampCamp Coordination Camp Management CCCM Camp Coordination Camp
GUIDELINES FOR PREPARATION SUBMISSION OF SYNOPSIS SYNOPSIS SynopsisGUIDELINES FOR PREPARATION SUBMISSION OF SYNOPSIS SYNOPSIS Synopsis
CAMP Med CAMP Wrapup Identity Management Resources CAMPCAMP Med CAMP Wrapup Identity Management Resources CAMP
NMIEDIT and Rice University Federated Identity Management ManagingNMIEDIT and Rice University Federated Identity Management Managing
Using Levels of Assurance Renee Shuey nmiedit CAMPUsing Levels of Assurance Renee Shuey nmiedit CAMP
nmiedit Privilege Management the Big Picture 2004 Advancednmiedit Privilege Management the Big Picture 2004 Advanced
CAMP Carmen Miranda CAMP Camp es un tipoCAMP Carmen Miranda CAMP Camp es un tipo
Welcome to Camp Day Camp is Fun CampWelcome to Camp Day Camp is Fun Camp
Camp Noah Wanblee Camp Noah What is CampCamp Noah Wanblee Camp Noah What is Camp
Kuali Identity Management Advanced CAMP Identity Services SummitKuali Identity Management Advanced CAMP Identity Services Summit
COMPLETION OF A LIGHTWEIGHT SECURITY SCHEME FOR ISCSICOMPLETION OF A LIGHTWEIGHT SECURITY SCHEME FOR ISCSI
CAMP Med Welcome to CAMP Med Identity andCAMP Med Welcome to CAMP Med Identity and