...
- IAM Responsibilities
- Accuracy and currency of identity information
- Maintenance of identity attributes to enable selection of the users to transmit to each authorized application
- Implementation of Grouper, the Internet2-sponsored open source group management system, to facilitate a common interface for specifying the users of intercampus applications throughout UC.
- Individual campuses may propose alternatives to Grouper for implementation at their site.
- Implementation of an unchanging and unique identifier for all identity records sent to a specific application.
- eduPersonTargetedID should be considered for this during the detailed design phase of the project.
- Deployment and operation of the Common Interface, as well as the Shibboleth interface
- Deployment and operation of the middleware that will be utilized by the Common Interface
- Kuali Rice should be considered for the middleware during the detailed design phase of the project.
- The process for approving attribute release policies
- Application Administrator Responsibilities
- Implementation of provisioning interfaces for the application
- Implementation of appropriate protections for the identity information received
- UCTrust Responsibilities
- Unique naming of all IdPs (IAMs) and SPs (inter-campus applications), as is already done for Shibboleth
- Other UCTrust operational responsibilities, such as identification of support contacts, maintenance of logs, etc. These are described in UCTrust University of California Identity Management Federation Service Description and Policies.
...