Error!

Spaces has been migrated to the cloud. Please go to https://ucla-confluence.atlassian.net to update your space/s.

IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode.
UCTrust Workgroup
Child pages
  • Meeting Notes - 2009-04-27 at UCSF

Versions Compared

Old Version 8

changes.mady.by.user David H Walker

Saved on

compared with

New Version 9

changes.mady.by.user David H Walker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • UCLA
    • UCLA is looking at compliance with InCommonSilver, and they have found that Silver has requirements to retain records of the identifiers (e.g., driver's license number) of the identification "documents" used to verify someone's identity.  David Walker said he'd ask about that requirement.  It's not something that is required by UCTrust, and it also requires the creation of a new repository of PII that must be protected.
    • Work is ongoing to implement Grouper for group management.
  • UCSF
    • UCSF is using Connexxus in production.  It's their first UCTrust application.
    • They are using Shibboleth 2.0.  From the discussion, it appears that many campuses are using Shibboleth 2.0 or have plans to migrate.
  • UCB
    • Shibboleth support for Connexxus is working fine.  They're working on how to assign trip IDs.
    • Deploying Sun Identity Manager; they're currently looking at guest account provisioning and self-service password reset.
    • UCB is currently doing 3-5 year budget planning.
    • UC Ready is being proposed to be one of the Kuali applications.
  • UCI
    • UCI is adding student applicants to their identity repository.
    • They plan to deploy a new campus directory this Fall and Shibboleth 2.0 by the end of 2009.
    • Work is proceeding on support for UC Ready.
  • UCM
    • SIM is in maintenance mode.
    • They're thinking about role-based permission management and are evaluating Sun Role Manager.
    • Brian recently developed CASShib to smooth the path for CAS-ified applications to become Shibbolized.
  • UCOP
    • UCOP plans to deploy Shibboleth 2.0 in August
    • They're running Shibboleth in a redundant VM cluster and will be implementing disaster recovery at UCSD later.
    • They're working with UCSD to integrate the Enterprise Risk Management project's software into UCTrust.
    • There is concern about granting direct access to UCOP's LDAP server for UC Ready.
    • They are now providing identity service for UCLA Spaces.
    • UCOP has implemented a launch page for Shibbolized applications.
    • They're reviewing the InCommon Silver audit requirements.
  • LBNL
    • Not certified for UCTrust Basic yet.
    • They're currently running Shibboleth 2.1 for Google Apps and are planning to use it for local SSO.
    • They're looking a a user-friendly multi-factor authentication solution for Shibboleth.
  • UCD
    • UCD is currently reimplementing their identity management system using Mural, Sun Identity Manager, and Sun Role Manager.
    • Work is proceeding on UC Ready and Connexxus.
  • InCommon
    • David Walker discussed the InCommon Pilot that's being done with the National Institutes of Health (NIH).  NIH's Enterprise Research Administration (ERA) application will be made available for institutions certified for InCommon Silver

...