Скачать презентацию Governance in Identity Management Federations Clair Goldsmith Ph Скачать презентацию Governance in Identity Management Federations Clair Goldsmith Ph

e15413f35ac2c9392d046170a06697c5.ppt

  • Количество слайдов: 15

Governance in Identity Management Federations Clair Goldsmith, Ph. D. The University of Texas System Governance in Identity Management Federations Clair Goldsmith, Ph. D. The University of Texas System Administration 1

Governance: A Definition “It is the process through which a group of people make Governance: A Definition “It is the process through which a group of people make decisions that direct their collective efforts. ” Institute on Governance It is fluid, time-consuming and unpredictable n Complicated by number and variety of stakeholders n Focuses on strategic aspects of decisionmaking n 2

Why is Governance Needed? n Oversight and Conflict Resolution n Establish and manage trust Why is Governance Needed? n Oversight and Conflict Resolution n Establish and manage trust agreements n Determine direction and formulate policy n Ensure services meet business needs while maintaining the appropriate security and compliance with legal requirements n Establish and communicate operational standards and processes 3

What is the Alternative? n Collection of one-to-one agreements n Conflicting agendas and no What is the Alternative? n Collection of one-to-one agreements n Conflicting agendas and no common goal n No technology standards and inconsistency in operating practices n No assurance of appropriate security and compliance with legal requirements 4

Governance Models Homogeneous Institutions Considerations n Operating Standards and n Governance may be more Governance Models Homogeneous Institutions Considerations n Operating Standards and n Governance may be more Practices may vary from tightly structured institution to institution, but… n Governance policies should n Governance through Executive Committees or be relatively consistent, Governing Boards and… n Legal requirements should n Key executives make decisions be similar if not the same 5

Governance Models (cont. ) Diverse Institutions n Operating Standards and Practices vary from institution Governance Models (cont. ) Diverse Institutions n Operating Standards and Practices vary from institution to institution, and… Considerations n Governance may be more loosely organized n Reliance on advisory groups to formulate recommendations n Governance policies are not consistent, and… n No formal authority to force a decision, and… n Guidance through Steering Committees n Legal requirements may not be similar at all. n Collegiality as opposed to strong governance 6

Where Does The University of Texas System Fit? n 16 Institutions • • • Where Does The University of Texas System Fit? n 16 Institutions • • • n 9 General Academic institutions 6 Health institutions 1 System Administration Homogeneous • Share a common Mission • Same governance body and consistent governance policies • Same legal requirements n And Also Diverse • Significant differences in size and budgets • Significant differences in culture • Institutions enjoy considerable autonomy • 16 “stovepipes” 7

Governance Models in Shibboleth Federations n The most common examples are: In. Queue Diverse Governance Models in Shibboleth Federations n The most common examples are: In. Queue Diverse In. Common UT System EAF Homogeneous 8

UT System Id. M Federation ü Test Identity Management Federation Exists ü Initially, for UT System Id. M Federation ü Test Identity Management Federation Exists ü Initially, for UT institutions only: Sixteen UT member institutions ü UT System Identity Management Federation Board appointed ü Policy Documents created ü Will operate under the authority of the UT System Board of Regents 9

UT System Id. M Federation (cont. ) ü Five Shibboleth Applications in Production ü UT System Id. M Federation (cont. ) ü Five Shibboleth Applications in Production ü The guest wireless network at System Administration ü The Monthly Financial Reporting application (MFR) is used by budget coordinators from each UT institution. ü Shibboleth version of Blackboard at the UT Health Science Center at Houston to provide courses offered by the Health Science Center to students at M. D. Anderson. ü Research Collaborations Inventory application at UT System Administration Academic Affairs to report on collaborative research efforts throughout the UT System. ü Time Sheet application at the Office of Facilities Planning and Construction used project managers at several UT institutions 10

What is Needed? n Vision n Business Drivers n A Plan n Executive Buy-In What is Needed? n Vision n Business Drivers n A Plan n Executive Buy-In n Funding It Is A Continual Process 11

UT System Id. M Federation: Governance 12 UT System Id. M Federation: Governance 12

Governance: Issues to Ponder n The Technical implementation aspects of Federation can get way Governance: Issues to Ponder n The Technical implementation aspects of Federation can get way ahead of Policy and Governance n Governance entangled with power / autonomy conflicts • Priorities vary by institution • Conventions may be seen as dictates n Managing trust relationships is complex enough when dealing with institutions within the same system (among “family”. ) Complexity increases as diversity of membership increases 13

Governance: Issues to Ponder (cont. ) n Indemnification • What happens when something goes Governance: Issues to Ponder (cont. ) n Indemnification • What happens when something goes wrong? Who is liable? • How to handle intra-institutional trust and indemnification n Federation to Federation Trust Agreements 14

THANK YOU 15 THANK YOU 15