Error!

Spaces has been migrated to the cloud. Please go to https://ucla-confluence.atlassian.net to update your space/s.

IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode through July 31st, 2024
UCTrust Workgroup
Child pages
  • Meeting Notes - 2011-08-25 Conference call

Versions Compared

Old Version 4

changes.mady.by.user Cheung, Celia

Saved on

compared with

New Version 5

changes.mady.by.user Cheung, Celia

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Next generation IAM solutions*

  • Joint Venture update from Hampton: two weeks ago, he met with different groups in Chicago to determine what open source IAM solutions exist today, and to identify what remaining gaps there are. There are three primary areas of functionality - person registry including identity reconciliation, provisioning, and access management. Between now and mid-September, there will be three workgroups form based on those primary areas of functionality, and they will be working on a weekly basis gathering requirements and looking at componenents within these areas to see what needs to be enhanced and what pieces are missing entirely. The groups will come together in mid-September and share their findings with the larger group.

...

  • There was discussion on using a vendor soluction and Oracle products - but it would cost a lot to convert to a license, and it would require support and professional services. Alternatly, we could hire a developer that could contribute back to the Joint Venture project.

...

  • We will have a better idea of what's out there in mid-September. Penn State has developed a person registry; Hampton mentions that it might be what the group decides to use as a starting point, and then use that code base to make it more generic to the different campuses. It may take a year, but if we had a contribution model where schools could have a venue for offering a resource or two to help accelerate the schedule, then that would be a great help.

dedra: fitgap *Dedra mentions that UC Berkeley will request a fitgap analysis instead of RFI. fitgap a formal RFI from their meeting with Oracle so that they can get an analysis of their specific needs and see how their product would meet them from oracle? instead of doing RFI not really an upgrade from SIM to oracle IM.matt
vendor app Oracle would meet those needs.

eCompliance

  • eCompliance is a vendor application that some campuses have rolled out

...

  • without Shib. Since UCSD uses only Shib, they have no choice but to roll it out with Shib enabled. Matt asks what the official way is to bring this to the group and find out what we will accept from them as an SP

...

  • .
  • In terms of dealing with SP's that want to provide a service to multiple UC schools

...

  • , there is a suggestion that we create bundles of attributes for SP's; if we pre-negotiate packages based on what type of SP it

...

  • is, it would

...

  • streamline the whole process.

...

  • It would not be efficient to have t negotiate attribute release for every single SP.
  • Dedra notes that while we do have documentation to show SP's that provide services to all UC campuses, and also documentation on SP integration with Shib, we do not have documents to give guidelines on attribute release at multiple schools. Doing this method of bundling attributes to send off to data proprietors could be very useful.
  • There is existing documentation on how each campus handles data release. This will be posted on the UC Trust wiki page.

Next UC Trust meeting

The next meeting is proposed to be moved to September 29th, 2011.

can suggest this to ITLC too.

sp inventing stuff not cool going through the back channels
ucop has several more sp's

ucla has fabulous documentation to give to sp's to integrate to shib
eric's link shows sp's that provide service to all uc's
attribute release at multiple schools - guildelines for streamlining this - no resource yet. proposed bundle of attributes. send off to data proprietors

albert: docuemtn data release on campuses - document this. how does our process compare
other schools: procedure to get permission to release data - write this up
there are already writeups for this; will put this on the wiki, schools not on the document can add their own campuses - bruce will create page on wiki

dedra: is there a way we can prevent an sp from goign from one campuse to the next, are there certain attributes that require

blanket approval that makes it through the uc trust, vetting at uc trust level

data proprietor - give the agreement to them after blanket approval and has been vetted at uc trust level - create doc

dedra: handful of people to volunteer now before that documentation is even up on the wiki? a few people said ok.

workgroup only content - first child page

sd and davis are looking to roll it out with shibboleth. field safety plan, insurance plan relating to travelling.

EPTID

mary already taking resource request to itlc?

Next UC Trust meeting
september 29th next uc trust meeting