reflect and join - reach for the sky: the care and feeding of an enterprise person registry brendan...
Post on 02-Jan-2016
216 Views
Preview:
TRANSCRIPT
Reflect and Join - Reach for the Sky:
The Care and Feeding of an Enterprise Person Registry
Brendan Bellina, University of Southern California
bbellina@usc.edu
NMI-EDIT CAMP Identity and Access Management Integration Workshop
June 27, 2005 IdM CAMP 2
People
Students
Employees
Alumni
Affiliates
Guests
Donors
Services
Portal
Online Learning
Academic Services
Administrative Services
Network Services
Identity
Management
System
Directory Services
Authentication Services
Authorization Services
Provisioning Engine
Messaging Engine
Metadirectory Services
June 27, 2005 IdM CAMP 3
Reflect
• Embody or represent something in a faithful and appropriate way
• Think deeply or carefully
Reflect what?Reflect Information
June 27, 2005 IdM CAMP 4
What is Information?
Information is …
Data
plus
Interpretation
plus
Policy as Practiced
June 27, 2005 IdM CAMP 5
Mining for Information
• Identify Potential Information Providers
• Identify Potential Information Consumers
• Interview Knowledge Experts• Validate Against Common
Practice• Examine Applicable Standards• Consider Peer Institutions• Document Findings• Distribute Findings• “Rinse and Repeat”
June 27, 2005 IdM CAMP 6
Information About Who ???
June 27, 2005 IdM CAMP 7
Posit: Roles are Simple
June 27, 2005 IdM CAMP 8
What about…Teaching AssistantsEmeritiResearchersVisiting ScholarsLibrariansCIO, CTO, and other officersPeople on approved leavePeople on unapproved leave
“Faculty”
Def.: People who are employed by the institution to teach students
Revised Def.: Whoever the Provost says, regardless of whether they teach or not or are employed by the institution.
June 27, 2005 IdM CAMP 9
What about…On-call event staffStudents who work for departmentsRetireesPeople who work at hosted institutionsPeople who work at sister-institutionsPeople working at on-campus vendorsConsultantsPeople on approved leavePeople on unapproved leave
“Staff”
Def.: People who are employed by the institution to support the educational mission of the institution
Revised Def.: Whoever the payroll department knows about, usually, but not always, excluding Faculty (see previous slide for clear definition of “Faculty” ;) ).
June 27, 2005 IdM CAMP 10
What about…Staff / Faculty who take coursesStaff / Faculty spouses who take coursesDistance learners who take course offeringsPeople studying abroadPeople who have graduatedPeople who are in between semestersPeople attending campsStudents at sister institutionsPeople on approved leavePeople on unapproved leave
“Student”
Def.: People who pursue the educational offerings of the institution
Revised Def.: Whoever the Registrar (and possibly others) say, regardless of whether they are taking courses or not, or are enrolled in the institution or not.
June 27, 2005 IdM CAMP 11
Conclusion: In Higher-Education, Roles are NOT Simple…
Plan on it, Plan for it
June 27, 2005 IdM CAMP 12
Information From Where ???
June 27, 2005 IdM CAMP 13
Potential Information Providers
• “Systems of Record”• Database structures - tables and views• Database Field Definitions and Triggers• Application Screen Templates• Application Logic• Practices - workflow• Access Controls - Network, System,
Database, Application, Policy• Gray matter of Institution “Veterans”
June 27, 2005 IdM CAMP 14
Balancing“Soft” Work
versus “Hard” Deliverables
June 27, 2005 IdM CAMP 15
The Lure of Being Technology-Driven
The Journey to the dark side…• Can we do this? Do we have time? Just get
something up and running.
• Buy-in to the myth
“What we don’t know can’t hurt us.”
• Scan for “usable” derivative data sources• Propagate misinformation• Declare success
June 27, 2005 IdM CAMP 16
You cannot escape the responsibility of tomorrow by evading it today.
- Abraham Lincoln
June 27, 2005 IdM CAMP 17
Once you start down the path to the dark side, forever will it dominate your destiny.
- Yoda, Star Wars
June 27, 2005 IdM CAMP 18
Now, here, you see, it takes all the running you can do to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that!
- Lewis Carroll, Through the Looking Glass
June 27, 2005 IdM CAMP 19
The Join
June 27, 2005 IdM CAMP 20
USC Communication Architecture
June 27, 2005 IdM CAMP 21
USC Systems of Record
• Student Information System• Administrative Information System• Graduate Enrollment Management System
(GEMS)• Merge Team• USCard Office• MU (Affiliates, UNIX Accounts, Email
Accounts)
June 27, 2005 IdM CAMP 22
USC Identity Resolution
“Golden Rule” attributes:
Social Security number
Given Name (reported and/or legal)
Surname (reported and/or legal)
Date of Birth
“Silver Rule” (partial) matches across SOR’s go to Merge Team for resolution
June 27, 2005 IdM CAMP 23
Challenges
• Whose Project is it, anyway?• Inconsistent data entry practices• Inconsistent data verification practices• Inconsistent merge practices and cultural momentum
An object at rest tends to stay at rest… unless acted upon by an unbalanced force.
- Newton’s First Law of Motion
• Data release policies for multi-affiliated individuals• Determining appropriate data hierarchy• SSN, names, and date of birth are not as reliable as
you might think.
June 27, 2005 IdM CAMP 24
USC Merge Team
• Chaired by Provost’s Office• Meets Weekly• Representatives from all SOR’s -
management and technical staff• Representatives from GDS Technical Team• Focuses on Operational Issues, but Flexible• Reviews Silver Rule Match Reports• Food
June 27, 2005 IdM CAMP 25
Merge Stats
• Initial Focus on Faculty and Staff (~11,000) to allow the issuing of USCID based Identity Cards
• Initial run of Silver Rules, February 2005 - 3,897 faculty and staff match sets
• As of June 22 - 395 faculty and staff match sets remaining
• Progress has required dedicated knowledge workers in Payroll and coordination with SIS
June 27, 2005 IdM CAMP 26
Links
USC GDS Documentation
<http://isd.usc.edu/~bbellina/gds>
Other presentations by the author
<http://isd.usc.edu/~bbellina>
June 27, 2005 IdM CAMP 27
Copyright Statement
Copyright © Brendan Bellina, 2005. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.
top related