The NMI-EDIT Consortium defines Identity Management as "an integrated system of business processes, policies, and technologies that enable organizations to facilitate and control their users' access to online applications and resources — while protecting confidential personal and business information from unauthorized users. It represents a category of interrelated solutions that are employed to administer user authentication, access, rights, access restrictions, account profiles, passwords, and other attributes supportive of users' roles/profiles on one or more applications or systems."
Here at the University of Oregon we are working to address these issues. This website is intended to provide an overview of our efforts in this area.
Goals of the Identity Management Project
- Use a common username and password for access to services reducing the number of credentials a user must maintain.
- New and improved user self-service interfaces for creation and maintenance of computing accounts.
- Provide a better infrastructure for building single sign-on and/or portal applications.
- Centralize and streamline account and service provisioning to provide access to and remove access from resources in a more efficient and granular manner.
- Provide a single source of basic affiliation and directory information.
- Provide an infrastructure with the potential to support other technologies such as Public Key Infrastructure (PKI).
Scope of the Identity Management Project
- Identifier and service provisioning and management. The existing Authorize system is being completely rewritten.
- Enterprise Directory Service - a specialized database containing standard representations of information about people, groups, locations, services, and other resources. It includes:
- Data integration with source systems such as Banner.
- Authentication: the process of verifying whether or not a subject is who or what its identifier says it is. This is commonly done using a username and password.
- Authorization: the process of determining an entities eligibility to access an application of function or make use of a resource.
Identity Management Presentation
- On April 20, 2007, the Identity Management team gave a presentation on the Identitiy Management system to the campus IT community. The presentation was recorded and is available below.
- LDAP Presentation (.MOV format)
