1 / 22

KEAS K -State E nterprise A uthentication S ystem

KEAS K -State E nterprise A uthentication S ystem. CITAC April 26, 2002. Project Management Staff. Project Web Site: keas.cns.ksu.edu. Chuck Gould Project Manager chuck@ksu.edu 532-4923. Neil Erdwien Senior Technical Sponsor neil@ksu.edu 532-4905. Harvard Townsend

minowa
Download Presentation

KEAS K -State E nterprise A uthentication S ystem

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. KEASK-State EnterpriseAuthentication System CITAC April 26, 2002

  2. Project Management Staff Project Web Site:keas.cns.ksu.edu Chuck Gould Project Manager chuck@ksu.edu 532-4923 Neil Erdwien Senior Technical Sponsor neil@ksu.edu 532-4905 Harvard Townsend Senior Management Sponsor harv@ksu.edu 532-6311 CITAC Briefing

  3. Agenda • Project scope – Harvard • Authentication 101 – Neil • Discussion/Questions CITAC Briefing

  4. The Goal • Build a university-wide directory and authentication service to support authorized access to university information and technology resources. • Store identity + role information about EVERYONE affiliated with K-State. • Using state IT Project Management Methodology to guide the process • Expect to complete phase I in April, 2003 CITAC Briefing

  5. Why? • Multiple IDs and passwords • Goal: One (few?) ID and password to remember • Goal: Uniform ID name space • Complexity for user and for system administrators • Goal: Reduced frustration for users and simplified access to IT resources • Goal: Reduced management costs • Goal: Replace current CNS ID management system • Support for distance students • Goal: Same access as resident students • Goal: Instant access CITAC Briefing

  6. Why? • Support new applications • Foundation technology for III, SIS/FRS, digital library, portal, wireless networking, Peoplesoft 8, etc. • Improve security • Fewer passwords to keep track of • Password stored in fewer places • Can force choosing “good” passwords • Simplifies shutting off people’s access CITAC Briefing

  7. Why? • Authenticate with other universities • Goal: support EDUCAUSE EduPerson initiative • Goal: Inter-realm authentication with KU • Transaction integrity (PKI) • Goal: encrypt e-mail • Goal: validate sender • Goal: guarantee message not altered CITAC Briefing

  8. Phase 1 • Uniform ID/name space • Build directory service with ID/password authentication • Directory-enable central services managed by CNS: • Central e-mail server (POP/IMAP) • Central UNIX and Web servers • Netscape Calendar • SAMBA server • Remote access to library electronic journals and databases CITAC Briefing

  9. Phase 2 Possibilities • K-State Online • KATS • Telecom dialup modems • PeopleSoft • Wireless network • Novell NDS • Microsoft Active Directory • Departmental servers/applications CITAC Briefing

  10. Later Phases • K-State Web Portal • III • SIS/FRS replacement • Authenticate with other universities • Public Key Infrastructure (PKI) for digital signatures, secure messaging • Single sign-on where you authenticate once and get access to all the services you need without re-entering the authentication information CITAC Briefing

  11. Authentication 101Neil Erdwien CITAC Briefing

  12. CITAC Briefing

  13. Authentication vs. Authorization • Authentication is checking credentials to verify identity • Authorization is the use of identity to control access to resources CITAC Briefing

  14. CITAC Briefing

  15. CITAC Briefing

  16. CITAC Briefing

  17. CITAC Briefing

  18. Unified Name Space • Existing systems have separate name spaces • Integration with KEAS will have name conflicts • Possible scenarios (3-8 character IDs) • Eliminate student license plate IDs? • Personal preference, first come, first serve for all faculty, staff, and students? • Standard naming convention? • 1st initial, first 7 characters of last name • 1st initial, 2nd initial, first 6 characters of last name • Conflict resolution, i.e. jsmith05@ksu.edu • Steering committee will decide in June. CITAC Briefing

  19. Questions? CITAC Briefing

  20. CITAC Briefing

  21. Who Is On The Steering Committee? • John Streeter, ISO • Mike Crow, Registrar • Patricia Havenstein, Human Resources • Tom Schellhardt, VPAF • Roger Terry, IET • Robert Burgess, Housing • Pat Akard, Faculty Senate • Karen Cole, Hale Library • Rebecca Gould, iTAC • Rob Caffey, DCE • Dave Hillier, DIA • Gail Simmonds, Salina • Andrew Bell, Student Senate CITAC Briefing

  22. How Long Will The Project Take? • Project plan approved January 25, 2002. • Requirements defined – January through mid-May 2002. • LDAP solutions tested and selected – January through February 2002. • Design developed – mid-May through June 2002. • LDAP server implemented – July through October 2002. • Phase 1 applications converted to KEAS – November through mid-February 2003. • UNIX, UNIX e-mail, Samba server • Hale Library services • K-State web server, central calendar server • E-mail forwarding, White pages • Documentation finalized, project closeout – mid-April 2003. CITAC Briefing

More Related