iam reference architecture bricks embeded architects community of practice march 5, 2015
TRANSCRIPT
IAMREFERENCE ARCHITECTURE BRICKSEMBEDED ARCHITECTS COMMUNITY OF PRACTICEMARCH 5, 2015
AGENDA
>What is IAM?>Vision & mission>Evolution: the why behind “bricks”>Practice: making “bricks”>Discussion, reflection, etc.
TOPICS DISCUSSED
WHAT IS IAM?
“Identity and access management is a security, risk management, and business discipline that ensures the right individuals have the right access to the right resources at the right time for the right reasons.”(Source: Gartner, Inc.)
DEFINITION
WHAT IS IAM?
A team?
At the UW, IAM is anorganizational unitwith these responsibilities:
• Identity registration& administration
• Account & passwordmanagement
• Access management• Authentication &
Authorization• Non-person identity
management• Federation & trust
WHAT IS IAM?
A set of services.
We offer these IAMservices through thecentral IT service catalog:
• UW NetID• Access Management• Authentication• Directory Services• UW Windows
Infrastructure
WHAT IS IAM?
A set of capabilities.
The essential workof our IAM team iscoordinating theseIAM processes andactivities with ourdiverse customersand stakeholders.
IDENTITY REGISTRATION & ADMINISTRATION
“Help me register people affiliated with the university to participate in online activities.”
CUSTOMER ASKS:
ACCOUNT & CREDENTIAL MANAGEMENT
“Give me and my users trustworthy identification to use online.”
CUSTOMER ASKS:
ACCESS GOVERNANCE & ADMINISTRATION
“Help me manage how I enable and disable access to my resources.”
CUSTOMER ASKS:
PROVISIONING & INTEGRATION
“Help me integrate with identity services and orchestrate processes to provision data and access.”
CUSTOMER ASKS:
ACCESS CONTROL
“Help me authenticate and authorize users as they access my resources and make online transactions.”
CUSTOMER ASKS:
REPORTING & ANALYTICS
“Give me reports and activity data I can analyze to make decisions and manage risk.”
CUSTOMER ASKS:
IAM VISION
“Trusted online identities enriched with the attributes of the UW.”
INSPIRES OUR WORK & CREATIVITY
IAM MISSION
“To help our community apply IAM solutions in ways that promote trust, privacy, collaboration, and innovation in research and education.”
GIVES OUR WORK PURPOSE & DIRECTION
REFERENCE ARCHITECURES
>Help us manage complexity in an evolving ecosystem
>Help us develop situational awareness
>Help us provide guidance>Help us communicate consistently>Help us identify costs of decisions
PURPOSE
IAM REFERENCE BRICKS
A “brick” describes the status of technical standards, protocols, service options, and other technologies used for identity and access management (IAM) within the IT environment at the University of Washington.
PURPOSE
IAM REFERENCE BRICKS
Each “brick” focuses on a set of IAM technologies from the same functional area and uses the same set of designations to describe the lifecycle status of individual options coming into or exiting from the environment.
WHAT
IAM REFERENCE BRICKS
Each “brick” focuses on a set of IAM technologies from the same functional area and uses the same set of designations to describe the lifecycle status of individual options coming into or exiting from the environment.
WHAT
BRICKS TEMPLATE
The template describes the designations used within a brick to categorize technology options according lifecycle status, related customer risk, investment levels, support, adoption, etc.
HOW
BRICKSTEMPLATE
HOW
BRICKS PRACTICE
BRICKS PRACTICE: STRATEGY MAP
BRICKS PRACTICE: STRATEGY MAP
BRICKSTEMPLATE
HOW, CONT.
BRICKS PRACTICE