1 / 35

Identity Management and Smart Cards

UCC Computer Centre. Identity Management in UCCUCC Direct Student Portal UCC Smart CardImplementing an Integrated Access Control System. Agenda. UCC Computer Centre. Two perspectives in IdMThe User Access (Log-on) ParadigmManages user authentication, access rights, access restrictions,

palmer
Download Presentation

Identity Management and Smart Cards

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. UCC Computer Centre Identity Management and Smart Cards Sinead O’Geran UCC Good afternoon my name is Sinead O’Geran. I am a member of the Enterprise Applications Group in the Computer Centre, UCC. We are responsible for the implementation and support of the central administration systems in UCC. E.g. Students Records System and HR, Finance. I am presenting a paper on Identity Management and Smart Cards in UCC Good afternoon my name is Sinead O’Geran. I am a member of the Enterprise Applications Group in the Computer Centre, UCC. We are responsible for the implementation and support of the central administration systems in UCC. E.g. Students Records System and HR, Finance. I am presenting a paper on Identity Management and Smart Cards in UCC

    2. UCC Computer Centre Identity Management in UCC UCC Direct – Student Portal UCC Smart Card Implementing an Integrated Access Control System Agenda The Agenda is ….. In my abstract I highlighted the management of the physical and electronic identity of staff and students and what I mean by this is the following:   New BIS lecturer starts work in UCC last year: -         HR -         Library -         BIS Access Control -         Mardyke Arena (Gym) -         Car Parking   New BIS student starts in UCC last year -         Registrars Office (Have Library Card) -         BIS -         Mardyke Arena -         Sign in for lecture attendance The Agenda is ….. In my abstract I highlighted the management of the physical and electronic identity of staff and students and what I mean by this is the following:   New BIS lecturer starts work in UCC last year: -         HR -         Library -         BIS Access Control -         Mardyke Arena (Gym) -         Car Parking   New BIS student starts in UCC last year -         Registrars Office (Have Library Card) -         BIS -         Mardyke Arena -         Sign in for lecture attendance

    3. UCC Computer Centre Two perspectives in IdM The User Access (Log-on) Paradigm Manages user authentication, access rights, access restrictions, account profiles, and passwords e.g. smart cards The Service Paradigm Manages all resources used to deliver online services, i.e. devices, network equipment, servers, portals, content, applications, and products as well as users credentials, address books, preferences, entitlements and telephone numbers UCC is trying to achieve identity coherence in order to deliver unified services to large numbers of users on demand Identity Management (IdM) In the context of engineering online systems Identity Management can be given two perspectives User Access Paradigm - Integrated system of business processes, policies and technologies enabling organisations to facilitate and control their users access to critical online applications and resources while protecting confidential business and personal information from unauthorized users. Manages user authentication, access rights, access restrictions, accout profiles, passwords etc. The Service Paradigm - Where organisations are evolving their systems to the converged services world where the scope of management becomes much larger and its application more critical. Including all the resources of the company to that are used to deliver online services I.e. devices, network equipment, servers, portals, content, applications, and products as well as users credentials, address books, preferences, entitlements and telephone numbersIn the context of engineering online systems Identity Management can be given two perspectives User Access Paradigm - Integrated system of business processes, policies and technologies enabling organisations to facilitate and control their users access to critical online applications and resources while protecting confidential business and personal information from unauthorized users. Manages user authentication, access rights, access restrictions, accout profiles, passwords etc. The Service Paradigm - Where organisations are evolving their systems to the converged services world where the scope of management becomes much larger and its application more critical. Including all the resources of the company to that are used to deliver online services I.e. devices, network equipment, servers, portals, content, applications, and products as well as users credentials, address books, preferences, entitlements and telephone numbers

    4. UCC Computer Centre Identity Management (IdM) UCC Currently has OID, MS Active Directory, Data warehouse, Oracle Applications, MS Exchange UCC is Looking for a single Managing Directory. Oracle Identity Manager OID Allows enterprises to manage end to end life cycles of user identities across all enterprise resources both within and beyond the firewall.UCC Currently has OID, MS Active Directory, Data warehouse, Oracle Applications, MS Exchange UCC is Looking for a single Managing Directory. Oracle Identity Manager OID Allows enterprises to manage end to end life cycles of user identities across all enterprise resources both within and beyond the firewall.

    5. UCC Computer Centre UCC Directory Project Directory Project currently being scoped Aim of Project is to provide a single, scalable application-independent directory, initially for the Computer Centre and ultimately for UCC, in place of existing application-specific directories. The directory may be a logical “metadirectory” synchronizing multiple physical directories. To provide an authoritative source for identity management in UCC. Identity Management (IdM)

    6. UCC Computer Centre ‘UCC Direct’ - Student Portal UCC Direct - Student Portal Developed in Oracle Portal Using Single Sign On (SSO) Technology to connect to external applications: Student Records System Student E-Mail System Using Oracle Internet Directory Populated nightly from Student Records System (ITS) Student number and PIN updates New students added nightly Integrated with Student IT Web Page

    7. UCC Computer Centre UCC Direct Students now log onto one web site for all IT services Username and PIN are passed through to Student PortalStudents now log onto one web site for all IT services Username and PIN are passed through to Student Portal

    8. UCC Computer Centre UCC Direct uses SSO to connect with External Applications ITS students records system Webmail Students e-mail system UCC Direct uses SSO to connect with External Applications ITS students records system Webmail Students e-mail system

    9. UCC Computer Centre Smart Cards “A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size” Types of Smart Card Contact Smart Cards Contactless Smart Card, Radio Frequency Identification (RFID) Swipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tagSwipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tag

    10. UCC Computer Centre Contact Smart Card Contains a small gold chip about ˝ inch in diameter on the front of the card. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. Swipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tagSwipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tag

    11. UCC Computer Centre Contactless Smart Card Chip communicates with the card reader through RFID induction technology. These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free. UCC selected the contactless 1K Mifare type A chip with a passive RFID tag Swipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tagSwipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tag

    12. UCC Computer Centre Radio Frequency Identification (RFID) Is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response Swipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tagSwipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tag

    13. UCC Computer Centre Access Control Project Background With one vendor since 2001 – good relationship Vendor provided software and hardware With one vendor since 2001 – good relationship Vendor provided software and hardware

    14. UCC Computer Centre Scope of Project What is the purpose of this project, scope? Who initiated it ? Where is included ? How ? Why ? Students register on line - data in ITS Staff set up on HRIS – data in HRIS Access Control Interface listens and brings over student information into HRIS - modules Access Groups are set up doors and times to module Students get access to doors by cardWhat is the purpose of this project, scope? Who initiated it ?Where is included ?How ? Why ? Students register on line - data in ITS Staff set up on HRIS – data in HRIS Access Control Interface listens and brings over student information into HRIS - modules Access Groups are set up doors and times to module Students get access to doors by card

    15. UCC Computer Centre Key Project Deliverables

    16. UCC Computer Centre Project Stake Holders Computer Centre – Central Admin Office PM Buyer and Seller PM for internal departmental projects Buy in external PM for other projects Computer Centre – Central Admin Office PM Buyer and Seller PM for internal departmental projects Buy in external PM for other projects

    17. UCC Computer Centre Project Summary WBS

    18. UCC Computer Centre Project Timescale

    19. UCC Computer Centre Multiple Systems and Cards Every year UCC takes in approximately 15,000 students (both undergraduate and post graduate) each requiring up to three different access cards UCC ID Dept Access Control Card Mardyke Arena Gym Card Potentially this means up to 45,000 cards to be created and maintained outside of other issues such as loss, damage etcEvery year UCC takes in approximately 15,000 students (both undergraduate and post graduate) each requiring up to three different access cards UCC ID Dept Access Control Card Mardyke Arena Gym Card Potentially this means up to 45,000 cards to be created and maintained outside of other issues such as loss, damage etc

    20. UCC Computer Centre Multiple Systems and Cards In addition the 3,000 staff require up to four cards each which is a further 10,000+ cards. However these aren’t redone ever year.In addition the 3,000 staff require up to four cards each which is a further 10,000+ cards. However these aren’t redone ever year.

    21. UCC Computer Centre New ID Card ID Cards - Multi Functional Bar Code Used by Library for Book Circulation Magnetic Strip Used for Access Control and Photocopying Smart Card Chip Access Control and other applications Swipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tagSwipe card have a magnetic strip contains information coded on it during or after manufacturing. This magnetic strip is just like as a magnetic tape found on audio or video cassettes. It is made of plastic material with ferromagnetic coating on it. This ferromagnetic coating contains the information regarding the user. Swipe cards are very good at secure places to prevent intruders or unauthorized access. Swipe card is coded with necessary information like - "username", "usernumber" or "ownernumber" and other information necessary for the acquaintance of a user. A smart card is defined as any pocket-sized card with embedded integrated circuits, typically credit card size Contact Smart Cards have a small gold chip about ˝ inch in diameter on the front. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. The cards do not contain batteries; energy is supplied by the card reader. A second type is the Contactless smart card, in which the chip communicates with the card reader through RFID induction technology .These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders Chip-based RFID tags contain silicon chips and antennae. Passive tags require no internal power source, whereas active tags require a power source The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response UCC selected the contactless 1K Mifare type A chip with a passive RFID tag

    22. UCC Computer Centre How it all works! Student walks up to a door and scans in card. The system checks the students profile and finds it correct so the door unlocks and the student enters If the system finds that the profile does not allow entry the door remains locked. So the student must get support: 1st Level Support - Student has to go to the Departmental Administrator first – then 2nd Level Support – Student sent to Computer Centre 3rd Level Support – Student may require new card sent to Registrars Office UCC needs a Central ‘ID Card Office’ – where all problems can be resolved There the students profile is checked and if an error has been made its amended and the student re attempts to enter. If the student should not have access the door again remains locked Student may need to get card reprinted in Registrars Office Reasons for not being allowed entry Student may not be registered to subjects set up for access control in the building or Door Incorrect time for access to room/building Student may have registration issues Student Fees may not be paid Card may not be working ( old version or damaged) Student walks up to a door and scans in card. The system checks the students profile and finds it correct so the door unlocks and the student enters If the system finds that the profile does not allow entry the door remains locked. So the student must get support: 1st Level Support - Student has to go to the Departmental Administrator first – then 2nd Level Support – Student sent to Computer Centre 3rd Level Support – Student may require new card sent to Registrars Office UCC needs a Central ‘ID Card Office’ – where all problems can be resolved There the students profile is checked and if an error has been made its amended and the student re attempts to enter. If the student should not have access the door again remains locked Student may need to get card reprinted in Registrars Office Reasons for not being allowed entry Student may not be registered to subjects set up for access control in the building or Door Incorrect time for access to room/building Student may have registration issues Student Fees may not be paid Card may not be working ( old version or damaged)

    23. UCC Computer Centre Project Challenges This project fell into the functional category with part –time staff working on it Functional project organisation so part –time PM and project team all reporting to functional manager No high level sponsor, meant very little authority over the scope Each Department can buy what ever system they chose. IF they pproach the Computer Centre then we recommend a solution to them. There is nothing stopping them from buying what ever system they choose. Composite org Part – time project PM and project team Power to purchase any access control system Computer Centre has no authority to make them purchase perferred solution This project fell into the functional category with part –time staff working on it Functional project organisation so part –time PM and project team all reporting to functional manager No high level sponsor, meant very little authority over the scope Each Department can buy what ever system they chose. IF they pproach the Computer Centre then we recommend a solution to them. There is nothing stopping them from buying what ever system they choose. Composite org Part – time project PM and project team Power to purchase any access control system Computer Centre has no authority to make them purchase perferred solution

    24. UCC Computer Centre Project Challenges This project fell into the funtional category with part –time staff working on it Functional project organisation so part –time PM and project team all reporting to functional manager No high level sponsor, meant very little authority over the scope Library Computer Centre have to be notified of Dept. Access Control request No formal internal communications plan Dept implementing the change was also the project sponsor which is also of equal status with all other departments (customers) Scope creep was difficult to manage WIT have a central card office dealing with all card issues, however in UCC this is across several offices.This project fell into the funtional category with part –time staff working on it Functional project organisation so part –time PM and project team all reporting to functional manager No high level sponsor, meant very little authority over the scope Library Computer Centre have to be notified of Dept. Access Control request No formal internal communications plan Dept implementing the change was also the project sponsor which is also of equal status with all other departments (customers) Scope creep was difficult to manage WIT have a central card office dealing with all card issues, however in UCC this is across several offices.

    25. UCC Computer Centre Key Achievements Online realtime integration with student and staff systems ( The systems uses “real time links” to reflect any changes in student or staff dynamically. example: If you have a student who has completed a Computer module the information is stored against that student which means that the student does not have access any more to that building / room. Or if a staff member left or a student cancelled registration their access would be denied. Suite of online integrated reports provides on “through puts” per hour/day/month/year. This meets business needs of the Mardyke Arena and Libaries which will clearly highlight their spikes and troughs. Example: The Mardyke Arena can then forecast volumes accurately, staff accordingly, reducing cost base and then use promotions to try to level out the peaks which will ultimately drive in more revenues. Proximity technology introduced Magnetic Strip technology was originally being used , but as a result of the Boole Library who bought their own system with proximity turnstyles this project team then also introduced proximity technology – which is more secure, cheaper and more efficient Project team could have opted for ordinary proximity but instead upgraded the smart card incorporating proximity technology. Smart card encoded chips are already being used by departmental applications and ready to be used by future ones. Online realtime integration with student and staff systems ( The systems uses “real time links” to reflect any changes in student or staff dynamically. example: If you have a student who has completed a Computer module the information is stored against that student which means that the student does not have access any more to that building / room. Or if a staff member left or a student cancelled registration their access would be denied. Suite of online integrated reports provides on “through puts” per hour/day/month/year. This meets business needs of the Mardyke Arena and Libaries which will clearly highlight their spikes and troughs. Example: The Mardyke Arena can then forecast volumes accurately, staff accordingly, reducing cost base and then use promotions to try to level out the peaks which will ultimately drive in more revenues. Proximity technology introduced Magnetic Strip technology was originally being used , but as a result of the Boole Library who bought their own system with proximity turnstyles this project team then also introduced proximity technology – which is more secure, cheaper and more efficient Project team could have opted for ordinary proximity but instead upgraded the smart card incorporating proximity technology. Smart card encoded chips are already being used by departmental applications and ready to be used by future ones.

    26. UCC Computer Centre Introduction of ‘one’ UCC ID card One UCC Student, Staff and Contractor card For example If you take a typical student doing a 3 year degree course in History they would normally be issued with 3 cards for their first year made up of a UCC ID Card, Dept Access Control card and Mardyke Arena Gym Card. These cards would then expire at the end of each year and the student would be re-issued with another 3 cards for year 2 and finally for year 3. This is a total of 9 cards per student for their time spent at UCC over a 3 year period. This project has now significantly reduced the STUDENT card production numbers alone going from 9 cards down to 1 card which equates to aprox 75% reduction. This is equivalent to a reduction of aprox 90,000 cards in a 3 year cycle !!! Originally going from aprox 110,000 cards down to 15,000. 3 cards per student multiplied by 15000 students per year = 45000 x 3 years = 135000 cards produced over a 3 year cycle ! 1 card per student over 3 years multiplied by (15000 students per year) = 15000 cards produced over a 3 year cycle ! 15000 v 135000 = Reducing card production by 88.9% !!! (120000 cards less by x ) One UCC Student, Staff and Contractor card For example If you take a typical student doing a 3 year degree course in History they would normally be issued with 3 cards for their first year made up of a UCC ID Card, Dept Access Control card and Mardyke Arena Gym Card. These cards would then expire at the end of each year and the student would be re-issued with another 3 cards for year 2 and finally for year 3. This is a total of 9 cards per student for their time spent at UCC over a 3 year period. This project has now significantly reduced the STUDENT card production numbers alone going from 9 cards down to 1 card which equates to aprox 75% reduction. This is equivalent to a reduction of aprox 90,000 cards in a 3 year cycle !!! Originally going from aprox 110,000 cards down to 15,000. 3 cards per student multiplied by 15000 students per year = 45000 x 3 years = 135000 cards produced over a 3 year cycle ! 1 card per student over 3 years multiplied by (15000 students per year) = 15000 cards produced over a 3 year cycle ! 15000 v 135000 = Reducing card production by 88.9% !!! (120000 cards less by x )

    27. UCC Computer Centre Introduction of ‘one’ preferred Access Control System Prior to this project various individual departments within UCC implemented 6 different stand alone Access Control Systems and a separate Car Parking System to meet their own individual requirements. These departments were then responsible for administering their own systems and their corresponding access cards and keys for their students and staff. This resulted in duplication of data work, multiple access cards and keys throughout the college. This one card has been developed so that it is “backward” and “forward” compatible with all current access systems old and new. All new buildings will have this ‘preferred’ access control system implemented and older building can request to come on board as they choose to. It will not be forced upon departments. Prior to this project various individual departments within UCC implemented 6 different stand alone Access Control Systems and a separate Car Parking System to meet their own individual requirements. These departments were then responsible for administering their own systems and their corresponding access cards and keys for their students and staff. This resulted in duplication of data work, multiple access cards and keys throughout the college. This one card has been developed so that it is “backward” and “forward” compatible with all current access systems old and new. All new buildings will have this ‘preferred’ access control system implemented and older building can request to come on board as they choose to. It will not be forced upon departments.

    28. UCC Computer Centre Future Project Objectives Smart Card Technology “Cashless Campus” Vending and catering printing and photocopying car parking registration fees and library fines This project will start when UCC charges students for printingThis project will start when UCC charges students for printing

    29. UCC Computer Centre Smart Card Technology Lecture attendance recording Examination attendance recording Biometric access controlled areas Future Project Objectives Can enable UCC to evaluate their attendance levels with accuracy and can also provide security for those building with those requirements Can enable UCC to evaluate their attendance levels with accuracy and can also provide security for those building with those requirements

    30. UCC Computer Centre Questions?

    31. UCC Computer Centre Additional Information

    32. UCC Computer Centre

    33. UCC Computer Centre http://depthris.ucc.ie

    34. UCC Computer Centre Roll out of Access Control in UCC Departments using Core AC currently – Local Admin: Brookfield Library – students and staff Boole Library – students and staff (March 20th 2007) Computer Centre – staff only Dental Hospital – staff only (Time Recording using T&A) Department of Accounting – students and staff Department of Speech and Hearing Sciences – students and staff School of Clinical Therapies – students and staff School of Medicine – students and staff School of Nursing and Midwifery – students and staff Mardyke Arena – students only Department of Food Business – students and staff

    35. UCC Computer Centre CC Administration Role on Access Control User Management Zone Management Data integration with the Student Record system Recommend hardware configuration Software/hardware configuration and testing Liaise with Core and Time and Data User Training Support for Local Administrators Support for out of office hours

    36. UCC Computer Centre Departmental Rollout Template Computer Centre meets and requests a quote from: Time and Data for hardware Buildings and Estates for cabling and related costs Department make decision on purchase of system Meeting with Department, CC and Buildings and Estates Agree timescale for installation of system Obtain purchase order for hardware Obtain purchase order for cabling and related costs Organise user training Implement system for department

More Related