1 / 20

Campus Identity and Access Management Services

Campus Identity and Access Management Services. Objectives. Learn how the university assigns and manages electronic identities Learn how this information is used for authentication and authorization. IAM Overview. Terms & Concepts IAM Goals & Principles IAM Services Overview

leigh
Download Presentation

Campus Identity and Access Management Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Campus Identity and Access Management Services

  2. Objectives • Learn how the university assigns and manages electronic identities • Learn how this information is used for authentication and authorization

  3. IAM Overview • Terms & Concepts • IAM Goals & Principles • IAM Services Overview • Identity Management • Directory Services • Authentication Services • Authorization Services

  4. IAM Terms

  5. Attributes & Credentials Attributes • Identity and affiliation characteristics of an entity which are of interest to the university Credentials • Used to establish a person’s identity and help the university maintain a high degree of confidence in it • Helps to define the levels of service, access, or privileges available to a particular identity • Physical Credentials – UT ID Cards • Electronic Credentials - UT EIDs

  6. IAM Goals & Principles • Entities have a single identity • Identity is a ubiquitous public user name • Identities have lifelong community membership • Consistent sign-on (authentication) • Self-service • Distributed management

  7. Identity Management Services Source Systems Enterprise Directory Other Directory Services Identity Management System Authentication Services Authorization Services

  8. UT EID • An electronic identifier that contains two key attributes – UT EID and UIN • Several EID types: Person, Business, Department, Service, Group, Resource, ID-Only • Person UT EID is an individual’s public username and their electronic credential that allows them to use online secure services

  9. Person EID Affiliations & Classes

  10. Additional Person EID Concepts

  11. Did You Know? • Approximately how many EIDs have been issued by UT Austin? 4.5 Million EIDs (3.8M Person) • On an average day during the regular semester how many EID logons occur? ~130,000 EID logons

  12. Enterprise Directory Services Source Systems Enterprise Directory Other Directory Services Identity Management System Authentication Services Authorization Services

  13. Enterprise Directories • uTexas Enterprise Directory (TED) • TED on the Mainframe (TOM) • White Pages Directory • Austin Active Directory Sample Person Attributes in TED

  14. Authentication Services Source Systems Enterprise Directory Other Directory Services Identity Management System Authentication Services Authorization Services

  15. Web Authentication Web Server Web Browser AuthN. Agent DataStore Authentication Service

  16. Authentication Methods

  17. Authorization Services Source Systems Enterprise Directory Other Directory Services Identity Management System Authentication Services Authorization Services

  18. Authorizations Apollo Group - EID Stewards NRRECS Group Mediated Auth: View unrestricted student records BACS Group – App-empl. BACS System Internal - Group Auth: Access Main 25th Floor Task Manager System Internal - Individual Auth: Update DP Auth: Submit DP

  19. Authorization Products

  20. In Closing • An entity has only one identity and this is represented by the UT EID • UT EID is the ubiquitous public user name • Identities have lifelong membership in our community • Identity & Access Management services include: Identity Management, Directory Services, Authentication Services, & Authorization Services

More Related