|
Track: Ramping Up for Distributed Services
Salon A-D, 2nd Floor
Moderator: Jacob Farmer, Indiana University |
Track: Federation and Distributed Services: What's Working and What's Next,
Salons F, 2nd Floor
Moderator: Kevin Morooney, Penn State |
9:30 - 10:15 am |
Identity Management and Distributed Services: Challenges and Solutions
Session Moderators: Jacob Farmer, Indiana University; Ann West, Internet2
From library databases to outsourced email, your campus departments and budget officers want to provide better service at a lower cost. And, they look to you to make it all possible with your identity management infrastructure. We'll kick off CAMP with a series of lightning talks, polls, and discussions to set the stage, identify the challenges, and offer up solutions. |
Identity Services: Strategy, Governance, Practice
Speakers: Kevin Morooney and Renee Shuey, Penn State
The role of executive sponsorship and organizational governance is important for bringing together awareness and stewardship for identity management practices and support of processes and policies. Join a conversation about one institution’s approach to aligning the components needed to bring executive sponsorship and a governance strategy for Identity and Access Management services. |
10:15 - 10:30 am |
Refreshment Break, Salon E |
Refreshment Break, Salon E |
10:30 - 11:30 am |
The State of Identity Management on Your Campus
Session Moderators: Jacob Farmer, Indiana University; Theresa Semmens, North Dakota State University
Download the slides
This interactive session will lead you through a self-assessment of your identity and access management system. Are you "just starting" or "battle scarred?" This tool will help you identify focus areas as you move toward outsourced or cloud services. |
10:30 - 11:00 am
Outsourcing IAM in North Carolina
Speakers: Mark Scheible and Steve Thorpe, MCNC
Download the slides
This session will present the background and the process that resulted in the creation of an Outsourced IAM “Managed Service” and highlight the benefits it brings not just to K-12 but to higher education - particularly at the touch-points between the two. It also connects the earlier K-20 NCTrust federation to current efforts to provide a Regional Federation for North Carolina.
11:00 - 11:30 am
Identity Management in the Cloud
Speaker: Maria Schuett, Capella University
Download the slides
When Oracle announced that it would not support Capella’s legacy Sun IAM platform it became an opportunity to evaluate the current infrastructure. The IAM gap analysis revealed inadequate lifecycle management, inefficient provisioning and de-provisioning processes, limited role provisioning, incoherent IAM environments, inconsistent user experience, and limited integration with its PeopleSoft systems. Capella needed to better manage its identities, but understood the challenges of assembling a team to deploy and manage an IAM infrastructure. The university chose to go with an IAM Cloud solution using Lighthouse Gateway. |
11:30 am - 12:30 pm |
Lunch, Salon E |
Lunch, Salon E |
12:45 - 1:30 pm |
Joint Session: InCommon Steering Panel, Salon F
InCommon Steering is working closely with Internet2 to take on more responsibility for trusted identity in the research and education space. The Steering committee will describe the vision and projects underway and how they are advancing trusted identity and then take questions and comments from the community. |
Joint Session: InCommon Steering Panel , Salon F
InCommon Steering is working closely with Internet2 to take on more responsibility for trusted identity in the research and education space. The Steering committee will describe the vision and projects underway and how they are advancing trusted identity and then take questions and comments from the community. |
1:30 - 2:30 pm |
Identity Stores, ERPs - Getting the Data into the IAM System
Speakers: Keith Hazelton, University of Wisconsin; Rob Carter, Duke University; Peter DiCamillo, Brown University; Dan Malone, Cal Poly State University
Do you have an ERP system that contains identity data? Do you have different identity stores for students, faculty/staff, and alumni? How do you take data contained in these disparate systems and get it into your IAM system, where you can then feed the outsourced/cloud services? Our panelists will share their solutions for this common problem.
Download the slides - Peter DiCamillo
|
1:30-2:00 pm
memberOf: Box to ERP
Speakers: Clark Trimble and Jared Housh, University of Tulsa
Download the slides
We trace group membership as used by Box file sharing to its indication in the University ERP. Techniques and troubles encountered along the way are presented for Box, Shibboleth, LDAP, Grouper, attribute store, and the ERP data warehouse. Special emphasis is given to synchronization procedures employed between each component. As a result, a holistic view of the University's identity management system is conveyed.
2:00 - 2:30 pm
Synchronizing Active Directory Groups
Speakers: Eric Kool-Brown and Nathan Dors, University of Washington
Download the slides
Institutions with one or more authorization systems may be interested in the areas covered by this project: 1) Event-driven architecture: pros and cons, platforms, and alternatives, 2) Unified authorization: keeping authorization groups synchronized between systems, 3)
Integrating Linux and Windows authorization: AD supports LDAP and Kerberos; could AD be used in addition to or as an alternative to OpenLDAP and MIT Kerberos in your institution? |
2:30 - 3:15 pm |
Managing Your Service Provider Interactions
Speakers: Brendan Bellina, University of Southern California; Nathan Dors, University of Washington, Michael Brogan, University of Washington
Download the slides
As you support more and more service providers (both on-campus and off-campus), you may find yourself spending more time resolving problems and troubleshooting, perhaps both policy and technical issues, particularly with external partners. Our speakers will discuss how they manage their SP relationships and some of the lessons they have learned over the years. |
Lowering Barriers for Distributed Service Integration: The Cloud Service Cookbook
Speakers: Keith Wessel and Mark Nye, University of Illinois at Urbana-Champaign; Keith Brautigam, University of Iowa
Download the slides
Partnering with a new cloud service provider can be complicated and time-consuming. By the time you educate a new cloud vendor about identity management in higher ed, work your existing single sign-on and federation into their model, and integrate their service into your existing campus services, it’s easy to question the value of a cloud service in the first place.
The CIC Identity Management task force is creating a Cloud Service Cookbook to help lower these barriers. The cookbook will explain the IDM landscape in higher ed, propose best practices, and make suggestions from procurement to implementation. It will also document the value of InCommon membership for vendors and how joining InCommon helps simplify cloud integration. This session will show the cookbook and the process that went into creating it. We will discuss how it’s helping the CIC schools and can help other schools and their vendors. |
3:15 - 3:30 pm |
Break Sponsored by Unicon, Salon E |
Break Sponsored by Unicon, Salon E |
3:30 - 4:30 pm |
Outsourcing your IAM or Federated IAM System: Policy and Technical Considerations
Speakers: Tim Calhoon, California Community Colleges; Dedra Chamberlin, University of California; Rob Chevalier, University of Oregon; Greg Haverkamp, Lawrence Berkeley Lab; Noreen Hogan, University of Oregon
You understand the value of an Identity and Access Management system. You see the possibilities of federation. But the staffing levels and dealing with the learning curve just aren't in the cards. While outsourcing of email has become somewhat common, but how about outsourcing identity and access management, and/or federated IAM? Hear the policy and technical pros and cons, and listen to case studies from our panelists and lightning talkers. |
InCommon TAC: Priorities for 2014
Download the slides
The InCommon Technical Advisory Committee (TAC) will provide one of the regular updates of its work plan and discuss some of the projects that are currently underway. In addition to interest in hearing feedback about current work, the TAC is interested in hearing about current problems as well as suggestions of areas that deserve attention. Most of this work is done in subgroups that draw their membership from the community. The face-to-face environment is expected to provide an opportunity for active discussion of some of these topics. |
4:30 pm - 5:30 pm |
Joint Session: Google! Facebook! Can Social Identities Make Your Life Easier?
Speakers: Dave Langenberg, University of Chicago; Dedra Chamberlin, Cirrus Identity; John Krienke, Internet2
Download the slides
Do you serve constituents that have an arms-length relationship with your campus? High schoolers applying for admission, for instance? Parents? Community members taking continuing education classes? Oftentimes, portals and other low-risk applications serve these groups, but you have to issue NetIDs and manage the whole credentialing process. Can you have them bring their own credentials, in the form of Google and Facebook IDs? Hear about the community work being done and case studies from early implementers. |
Joint Session: Google! Facebook! Can Social Identities Make Your Life Easier?
Speakers: Dave Langenberg, University of Chicago; Dedra Chamberlin, Cirrus Identity; John Krienke, Internet2
Download the slides
Do you serve constituents that have an arms-length relationship with your campus? High schoolers applying for admission, for instance? Parents? Community members taking continuing education classes? Oftentimes, portals and other low-risk applications serve these groups, but you have to issue NetIDs and manage the whole credentialing process. Can you have them bring their own credentials, in the form of Google and Facebook IDs? Hear about the community work being done and case studies from early implementers. |
6:00 - 7:30 pm |
CAMP Reception, Lobby Level |
CAMP Reception, Lobby Level |