Initial Activity - Coordination of Identity and Access Management Projects

Owned by David Walker (Unlicensed)
Last updated: Aug 03, 2010Version comment
1 min read

Initial Activity - Coordination of Identity and Access Management Projects

In addition to the IAM Project, there are currently multiple activities at UC Davis that are building parts of our overall identity and access management system for both the Davis and Sacramento campuses.  In brief,

  • The IAM Project is working to 1) replace the legacy IAM system's identity matching, person repository, and provisioning; 2) move to role-based access management; 3) enable audit and compliance reporting; 4) implement the "ESSO" password vault for non-web legacy applications within UCDHS; and 5) establish business processes on campus and in the health system to manage the IAM system 
  • The KDC Replacement Project is replacing the Kerberos software that is used for authentication by the IAM system.  It is also establishing password strength requirements. 
  • The Online Directory Project is implementing the "telephone book" view of the person repository.
  • The project to identify technical specifications for a two-factor authentication project is complete.  Implementation, however, should be integrated into the IAM System for use by all applications requiring a higher level of assurance. 
  • Support activities for IAM components, such as CAS, Shibboleth, and ITX, are currently in production with no formal associated project but still introduce and/or modify functionality. 

The group will discuss these activities to identify areas where coordination is required, or there is overlapping or conflicting effort.  Reporting will be to the activities' management and the IETLC.