CIFER Community Identity Framework Keith Hazelton for Education - PowerPoint PPT Presentation

CIFER Community Identity Framework Keith Hazelton for Education and U. of Wisconsin-Madison Research Internet2 MACE VAMP, Utrecht 6 September 2012

2 What is CIFER, really? • A developing practice of coordination across existing projects in Kuali, Internet2, Jasig and elsewhere • …with the goal of making radical improvements in higher education Identity and Access Management (IAM) capability, ease of integration, and affordability • A sponsor and coordinator of new development—but only where it has to be • An alternative business model for higher education IAM • NOT Yet Another Open Source Software Development Organization

3 CIFER Timeline Workstream Year 1 Year 2 Registries • Person Registry v1.0 • Guest management • Identity Match v1.0 • On-going OpenRegistry enhancement PSU CPR) Provisioning & • System of Record (SoR) • Dev. tool plug-ins to Integration to Registry & Registry to accelerate integration Consumer Toolkits • More SoR and Grouper • Connectors to select Consumer connectors KIM Consumer systems • Business rules & (email, LMS, library) engine for automated • Community-contributed ID & affiliation life- System of Record (SoR) cycle management to Registry connectors

4 CIFER Timeline Workstream Year 1 Year 2 Access • Expand integration • Workflow-based Management between Grouper & permission mgmt. in Kuali Identity Grouper, using Kuali Grouper Management Enterprise Workflow KIM, KEW • Refine KIM service • Business rules & engine interfaces for access policy enforcement Authentication • Password • AuthN for mobile apps Management v1.0 • Multiple Levels of • Social IdP support Assurance Shared Services • Management • Management console console beta v1.0 • Instrumentation API • Reporting v1.0

5 Late-night Epiphanies re P&I • 1) There are many strategies or models • Each one is appropriate to some set of facts on the ground • Event-driven messaging (the ideal, conceptually) • Change-log processing • Periodic diffs • SO, CIFER should produce a Book of P&I Recipes: • Common dishes • Common ingredients • With optional substitutions

6 Late-night Epiphanies re P&I • 2) As always, the right tool/utensil makes the job easier • SO, CIFER should identify good, useful tools (or create them IFF necessary) • Describe their uses

7 Late-night Epiphanies re P&I • 3) Show is always better than tell • SO, CIFER should actually bake a cake, sauté some morels or cook a goose (or not) • More “Sample Solutions” • Less “Reference Implementations”

8 CIFER Provisioning and Integration • A Recipe Book • Toolkits • Sample Solutions • CIFER can’t do it for you (no one can) • But CIFER CAN , maybe, help you succeed at DIY

9

10

11

12

13 CIFER Development and Sustainability • Lots of work. Where will the resources come from? • Direct investment (people and funding) by I2 and Kuali • In existing (where possible) or new (where necessary) projects • With a significant fraction coming from institutional contributions • Targeted to crucial gaps—Identity Registries at Berkeley, Penn State • Or seconding local talent to the work • Or direct contributions to a development funding pool • And with a defined model for long-term sustainability • Campus annual subscription model • Commercial partners (e.g., Unicon) who contribute back a share of revenues from service contracts

14 CIFER Development and Sustainability • The goal: Comprehensive IAM solutions • by the education and research community • for the education and research community

CIFER Community Identity Framework For More Information for Education and Research http://ciferproject.org