Karen Hanson (Assistant Registrar) and I ran a half-day workshop at the AACRAO Technology Conference on Identity and Access Management (IAM) and the Registrar’s role in IAM. We had a great time even though the session was Sunday at 8AM. The slides are here: AACRAO 2007 IDM Slides
We had a mix of people from central IT to Registrars in the audience. We had schools that had fairly mature IAM systems to some who were just starting. It was a fun time and there was good conversations.
Karen and I also had fun running around Minneapolis. We had great food at Zelo and Masa and listened to the Spaghetti Western String Company. We also saw the Picasso exhibit at the Walker Art Museum.
One of the better conferences trips that I’ve had in a while.
There were two break out sessions at the CIC Identity Conference.
The first was a breakout By Peer Groups. In this break out, Registrars sat together, CIOs sat together, etc. I was in the IT Idenity Management peer group. There were strong themes that came up during this discussion. Interestingly, the strongest themes were around:
- Governance – how do you establish it on campus, how do you get buy in, who should be on the governance board,
- Communication – the need for a common vocabulary for communicating with campus about Identity Management.
- CAF Credential Assessment Framework PDF – Especially as a tool to find gaps in the infrastructure and as a communication tool with campus. If the campus want’s to use FASTLANE and NIH Grants and other applications, we will have to fill these gaps that are identified in the CAF Process.
- Mapping of Levels of Assurance to Risk Assessments for various applications. Development of a Framework to map LOAs to Risk Levels for Applications.
This panel session discussed Federated Identity Management and Sharing Resources. The slides are here as a PDF
I was the moderator for the session. The panelists were:
- Kevin Morooney, PSU, Senior Director, Academic Services
- Kenneth Forstmeier, PSU, Director Office of Research Information Systems
- Mike Grady, UIUC, Sr. Technology Architect & Strategist
- Phyllis Davidson, IU, Interim Assistant Dean for Digital and I.T. Services
Below are the highlights that I took away from the panel.
When my cell phone rings, I flip open the cover and check the phone number of the caller. If the caller’s number is blocked or is not in my address book, I usually let the call go to voice mail. If the caller leaves a message, I listen to the message and then decide whether or not I will call them back. This is a simple case of Identity Assertion, Checking Access Rights and Extending Service.
Keith’s Opening Presentation
Dealing with new hires. Desire to deliver email prior to hire. Getting HR to understand that they are part of a larger flow. The only interest isn’t just in the HR department.
Can’t treat the value of the identity of a “potential student” as equal with a “PI” on campus.
What do you want to do for people? Getting agreement on that on campus is 80% of the work.
We have to create a vision of the better place to be. Then you can talk about the vision for the future and the techniques for getting there
Key functions of the future:
- Reflect – track information from key systems. Can’t gather all information from all systems but pick the best source for the population
- Join – combine identities from various sources to represent the actual individuals.
Michael Gettes – Credentialing
What are the process (business process) that you have for credentialling?