ITANA Meeting Minutes - April 14, 2011

---------------
Attending
Jim Phelps, University of Wisconsin-Madison (chair)
Jim Behm, University of Michigan
Chris Eagle, University of Michigan
Scott Fullerton, University of Wisconsin-Madison
Karen Hanson, University of Wisconsin-Madison
Paul Hobson, University of British Columbia
Mark Rank, University of Wisconsin-Milwaukee
Ann Kitalong-Will, Internet2 (scribe)

---------------
Action Items

(AI) - Jim - will organize the group for the planning committee for F2F. Please let Jim know if you are interested.

---------------
UW-Milwaukee IAM Governance
(Mark Rank, UW Milwaukee)

At the start of 2010, UWM chartered a formal IAM Program to coordinate what had previously been several separately operated services. Today's
presentation briefly discussed the structure and goverance of the program and the progress that was made in the first year. The talk
concluded with a summary of currently active projects and ongoing challenges.

Presentation Discussion Points:

  • Growing research portfolio was university-wide goal. Delivery of IAM was critical to its success.
  • There is a need for a more coordinated effort of IDM.
  • 2010 - Mark was assigned as program manager (a systems engineering role) to manage the initiative; initial focus was on assessment and stabilization.
  • The outcome: formal chartering of IAM program, with governance structure and a clear statement.
  • Service portfolio was a consolidated ID repository: a "people registry."

The governance structure consisted of a Steering committee (IT directors) that was charged with developing the goal/vision for IAM,
and Program Sponsors (subset, central IT) that provides resources.

The group also included an Account Access Management Team (people registry, etc.), a Single Sign-on Team (deployment), an Infrastructure
team (report to Program Sponsors), and Ad-hoc Working Groups.

All teams tie in to a series of project teams, using service management and IDM teams to provide documentation and methodology.

Open Discussion Points:

  • Issue to address is that the UW-Milwaukee IDM Infrastructure grew organically, and most parts grew out of context of email, ERP, desktop
    support. There were very specific goals that were not necessarily tied together, which resulted in a series of services that were not aligned
    and not sustainable. The goal was to provide a common vision/roadmap for all services to increase efficiency and to deliver better services.
  • The people registry is viewed as the system of record. The open ldap directory service plays a special role because it is used as a
    back-end for much of the provisioning infrastructure. Prior to deployment of the people registry, there was a discussion about
    whether the open ldap should be treated as the system of record, vs. other options.
  • Synchronizing several directory service infrastructure systems is a challenge, the goal was to consolodate.
  • Relied heavily on single sign-on to build out. When UW-Milwaukee formalized IDM efforts, they made the decision to do as much as
    possible in a single infrastructure instead of using several solutions. One of the design goals is to keep complexity down.
    UW-Miliwaukee is participating with InCommon and several service providers there, particularly with online library services.
  • UW-Milwaukee has an on-going review, formalizing and documenting processes and documenting.

Active Efforts:

  • build out of sso and federated id services via SAML
  • stabilization of IAM infrastructure
  • LOA-2 credential assurance capabiility
  • IAM process review, formalization, documentation

Challenges:

  • engaging campus community - particularly with more transparent items
  • managing culture change
  • matching rate of change with organization maturity - some parts of the service portfolio are more mature than others
  • unified group/affiliation management
  • accommodating external initiatives
  • reconstructing past design decisions - why did we set things up the way we did? what's teh impact if we change things?
  • resources

Question raised: what are other institutions doing in terms of group management?

UW-Madison - Using Grouper, need to define processes and supporting systems that overlay grouper to support a process where affiliations
can be related. There is need to be able to map members of groups to define services. An extra complication: some affiliations require
extra fees - need to figure out a fee handling process that is supported.

See: http://www4.uwm.edu/itsecurity/resources/iam/

Also see: http://www.project-moonshot.org/ for reference, further information.

Moonshot will be presenting at Internet2. Perhaps they would be interested in presenting to ITANA?

---------------
Architecture and Organizational Arrangements Survey Reminder

Please respond to survey: https://spreadsheets.google.comviewformformkey=dEdoSnZUEZkYmxDalpmenYySGtoSEE6MQ

---------------
Other Business

F2F Planning at Educause
(AI) - Jim - will organize the group for the planning committee for F2F. Please let Jim know if you are interested.

---------------
Next Call: Thursday, April 28, 2011
2:00 p.m. (ET) / 1:00 p.m. (CT) / noon (MT) / 11:00 a.m. (PT)

  • No labels