...
In the financial operations of Penn State most things access management mechanisms were hard coded.
When someone resigned or changed departments, there was a need to go in and manually remove IDSthem.
This was an expensive solution. Used
We used an LDAP approach to create a better system.The approach was to use , using roles to control access. Took the policy and made it into
actual software . The financial community got a solution, and now academic community wants it. It's called WebRAT.
http://ais.its.psu.edu/newsletter/jul_09.asp?page=2
They Now we need to figure out how to take it to WebRAT and make it work for the academic/research community.
Q: dso problem is Are roles are different for academic than for finance dept?
A: yes
. In academic side we don't have spending limits. COuldnCouldn't reuse sane roles.
Tool has to gather info to define roles. Sounds like left column of Rob's use case analysis
Liz: we have
Comment: U-M has a similar situation. Debating if we need to build something to capture
Who who is everyone's budget approver, etc. Haven't started or scoped theprojectthe project.
Does anyone know if this has been built anyone?
Jimmy Comment: Data sources are the big problem.