About the UCTrust Work Group

The UCTrust Work Group is comprised of identity management professionals at all of UC's campuses, as well as service providers that utilize the UCTrust federation. As of 2013, UCTrust is a subgroup of the UC IT Architecture Committee (ITAC), which in turn reports to UC's Information Technology Leadership Council (ITLC). ITLC ultimately serves as the governing board for resolution and adoption of recommendations made by UCTrust and endorsed by ITAC.

This group meets regularly for the following purposes:

• Advise the ITAC, the UC ITS Enterprise Architecture committee, and the ITLC on issues related to identity management - creation and management of digital identity, authentication, person profile data/directory services, central authorization management, and management and exchange of person profile date.

• Provide campus-level input on identity management design for system-wide applications
• Partner with the UC ITS EA Team, and particular the IAM Lead at UCOP, on the definition and adoption of reference architectures for UC identity management services
• Coordinate with other UC IT working groups to promote compatible standards and best practices

We develop and maintain working relationships across UC and Campus IT Leadership, Business colleagues and partners; identify opportunities that enable progress along IT roadmaps and enable campus execution of strategic goals and objectives of the UC system; establish and leverage common practices that can plug into and play across multiple campuses, achieve efficiencies, and assure success across the dimensions of predictable, reliable, scaleable, and secure enterprise architecture and infrastructure.

Purpose and Responsibilities

On behalf of the ITLC, UC campuses and medical centers, the primary responsibility of UCTrust, as a subgroup of ITAC, is to provide input on design and implementation of identity management solutions for the UC system and to foster collaboration on IAM solutions among the campuses. Members are expected to attend monthly conference calls and periodic in-person meetings, and to volunteer as necessary/appropriate for topic-specific task forces to address priority concerns.  UCTrust members meet regularly for the following purposes:

• Discussion of technical, policy, and operational issues related to UCTrust. As appropriate, issues and recommendations are forwarded to ITAC for endorsement and then passed on to ITLC for resolution and adoption.
• Discussion of technical, policy, and operational issues related to campus identity management systems with the goal of fostering effective identity management practices throughout UC.

UCTrust strives to maintain an open exchange of information relevant to accomplishing our goals and work efforts, unless doing so violates confidentiality. We conduct deliberations and make decisions using methods that reasonably represent all UCTrust members and their respective IT strategic objectives.

UCTrust also provides:

• Collaboration with project-specific implementation teams, to ensure appropriate deployment and utilization of identity management approaches that comply with UCTrust federation standards and are design to interoperate well with campus IAM systems.
• Engage in discovery, review, and planning of interoperable solutions that meet the defined need and satisfies the intended purpose
• Champion and facilitate campus utilization of IAM-specific EA principles, standards, reference architectures, infrastructures, information, and tools
• Identify and apply lessons learned, perform lifecycle management (continuous improvement and maturity) of the EA body of knowledge
• Facilitation of communications across our respective campuses, in consultation with and as guided by the ITAC and  ITLC
• Broadly communicate UC’s vision for information technology architectures and interoperability to campus and medical center stakeholders
• Represent our respective campus stakeholder investments, and advocate for our campus communities with regard to architectural planning and decision-making

Structure

UCTrust membership consists of one representative from each UC location - campus, medical center, Office of the President, and the Lawrence Berkeley Laboratory, as well as a representative from the California Digital Library. Each location's ITLC representative (typically the CIO) appoints his/her ITAC member, who shall be afforded the necessary empowerment to act in accordance with the purpose and responsibilities of the ITAC.

Campus Representation

Membership shall consist of the following representatives:

• Representative, Lawrence Berkeley National Laboratory
• Representative, UC Berkeley
• Representative, UC Davis
• Representative, UC Davis Medical Center
• Representative, UC Irvine
• Representative, UC Irvine Medical Center
• Representative, UC Los Angeles
• Representative, UC Los Angeles Medical Center
• Representative, UC Merced
• Representative, UC Office of the President
• Representative, UC Riverside
• Representative, UC San Diego
• Representative, UC San Diego Medical Center
• Representative, UC San Francisco
• Representative, UC San Francisco Medical Center
• Representative, UC Santa Barbara
• Representative, UC Santa Cruz
• Representative, California Digital Library

For the current list of named members, please see the UCTrust Membership List

The representative shall possess a solid grasp of the University's strategic mission, a broad understanding of their respective campus IT environment, as well as technical expertise in one or more of the following architectural domains: authentication, authorization, directory/person data, data integration. The ideal UCTrust member will:

1. Be dedicated to UCTrust efforts at least four hours per month
2. Be willing and able to serve on occasional topic-specific task forces (two-factor authN, SP on-boarding, etc)
3. Commit to a minimum one year membership on UCTrust

Leadership

The UCTrust Leadership is comprised of a Chair and Co-Chair (chairpersons). An additional 2-4 hours of work may be required of any UCTrust member holding a leadership position.

Chairpersons are elected by the UCTrust regular membership on an annual basis, where the Co-Chair is identified as the next incoming Chair. The election is held shortly before the start of each fiscal year. Each Chairperson's term lasts through one fiscal year.

The UCTrust Chairpersons are responsible for:

• Convening the UCTrust meetings, and coordinating activities, action items and deliverables across the UCTrust membership.
• Meeting regularly with the IAM Lead in the UCOP Enterprise Architecture team to plan UCTrust discussions, prepare recommendations for ITAC, other subcommittees, and ITLC, and collect input from across the UC system to influence decisions related to IAM across UC.
• Coordinating the review and evaluation of requests to UCTrust, framing/scoping our recommendation for next steps (proceed with or forward to appropriate parties), and presenting to /ITAC and/or ITLC for concurrence and/or guidance
• Administering the UCTrust wiki, including structure and content, and ensuring UCTrust members and others have appropriate access and permissions to our Listserve and our Wiki
• Facilitating engagements with other UC sub-committees and working groups who may inform and/or participate in our work efforts

When voting actions are necessary, each UCTrust member carries one vote, and the Chairpersons shall confirm the necessary information is available to  members before proceeding with a vote; the vote concludes when a majority are in agreement, and Chairpersons shall record the vote.

In collaboration with ITAC, the Chairpersons are responsible for providing both written and oral reports to the ITLC, and facilitating reviews and prioritization of UCTrust work efforts.

Sub-Committees and Relationship to Other UC IT Working Groups

UCTrust members shall collaborate with other UC IT working groups as necessary, including (but not limited to) the IT Policy and Security Group, the IT Educational Technology Leadership Group, the Electronic Accessibility Leadership Team, the Collaboration Tools Group, the Communications Planning Group, the Data Center Management Group, and the Technology Acquisition Support Group.