UCTrust Workgroup
Child pages
  • Meeting Notes - 2008-10-23 at UCI

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

DRAFT Meeting Notes - 2008-10-23 at UCI

Attendees


Summary of Action Items (tick)

  •  It was agreed that campuses would post links to their SP documentation, both policy and technology, on the wiki.

Updates on Significant Campus Identity Management Activities

  • UCD
    • UCD is currently finalizing the planning for its identity management project, identifying the priorities of and products to support identity "joining" among payroll, student system, etc. (Sun MDM, Mural, Initiate), an application provisioning engine (Sun Identity Manager), and permission management (Sun Role Manager or other).
  • UCSB
    • UCSB is continuing on their implementation of Sun Identity Manager.  They are using it for the identity join.
  • UCSD
    • UCSD is expanding their Shibboleth-supported SPs (constantly).  They are using Shibboleth 2.x for new deployments.
      • The configure UCSD-only SPs with a "WAYF" of their identity management system to avoid the "Where are you from?" prompt by InCommon.
      • They don't register UCSD-only SPs with InCommon.  The SPs, though, do load InCommon metadata for information about IdPs.
    • They're looking at Shibboleth 2 for their IdP, but it will take a while, as they have built a custom data conector that will need some reimplementation.
    • They have a home-grown Java-only SP that they're trying to move away from by having people integrate Apache into their Java environments.
  • UCM
    • They are currently cleaning up their processes so they can start asserting UCTrust Basic.
  • UCB
    • UCB has gotten the go-ahead to implement Sun Identity Manager.  They're trying to get the cost of Role Manager down, but  MDM is likely to be too expensive.
    • They're looking at how to distribute authentication and other critical servers around the campus.
  • UCOP
    • UCOP is looking at moving to a single repository of identity information.
    • They went live with Connexxus on September 19 and have been running President Yudof's Project Tracker application for a number of months.
    • They have tested their IdP with the SumTotal learning management system, but there is no imminent use right now.
    • They're starting to work on interfacing with AYSO and UC Ready.
    • There was some discussion of the new Enterprise Risk Management (ERM) system.  It appears that funding for its UCTrust interface may be cut.  The group's consensus was that this should not be done if it would increase campus administrative burden to support some other authentication scheme.
  • UCSF
    • UCSF's Tivoli-based identity management system, MyAccess, is up.  Mass deployment will start in late October.
    • They're doing a proof of concept with AYSO and are ready to start Connexxus testing.  There's been some confusion within the Connexxus project of who UCSF should work with for testing.
    • They asked for documentation for SP administrators/developers from other campuses.  It was agreed that campuses would post links to their SP documentation, both policy and technology, on the wiki.  (tick)
  • UCSC
    • UCSC is in the final stages of completing their InCommon membership.  Shibboleth should be up very soon.
    • They decided to deploy a new user name / password pair for this project.  It will be LDAP-based.
    • They're in the middle of evaluating what they need to do for UCTrust certification.  They're using Berkeley's principles.
    • For federated applications, they're focused on UC Ready, the learning management system, and Connexxus.
  •  
  • No labels