Understanding ADAMUnderstanding ADAM Version 2.0Version 2.0

ADAM Training SessionADAM Training Session

2.2

What is ADAM?What is ADAM?

Authority Delegation and Management (ADAM)

• MoFR web-based application• Enables granting & managing of

application access Delegation of user access

administration to select individuals Efficient authorization of End Users for

any MoFR web-based (Web-ADE) application

2.3

Authorization vs. AuthenticationAuthorization vs. Authentication

Adam does NOT manage authentication• Authentication is the process of

determining you are who you say you are Performed by authenticating source

(IDIR or BCeID)

ADAM does manage authorizations• Authorizations are the functions a user can

perform in an application For example run reports, enter data, etc.

2.4

Why Implement ADAM?Why Implement ADAM?

Before ADAM With ADAMCustodian must submit one or more web forms which generate emails to central agency.

Delegated personnel (gov or no-gov) can grant application access to users (whom have a BCeID or IDIR ID). End user access available instantly.

Users may require separate BCeIDs for each client on whose behalf they conduct business.

Multiple BCeID User IDs not required.

Difficult to determine who has access to a specific application.

Application Admin. and Authorization Grantors can easily determine who can access applications.

Technical staff responsible for granting access to applications. MoFR burdened with assoc. liabilities.

Application Admin. can delegate granting capability. Electronic Agreements can be put in place.

2.5

Linking WebADE & ADAMLinking WebADE & ADAM

WebADE is a framework Allows the implementation of authorizations for

enterprise level applications

ADAM is the interface User friendly interface to grant & manage

application authorization Distribution of authorization management to

appropriate representatives

The Web Application is responsible for implementing the Authorization (i.e. asking the right questions). ADAM is the management tool of the authorization.

2.6

Who Uses ADAM?Who Uses ADAM?

ADAM is role specific• You must have one of five “roles” to use

ADAM: ADAM Administrator Application Administrator Authorization Grantor End User Help Desk

2.7

ADAM OverviewADAM Overview

2.8

Know the StructureKnow the Structure

2.9

Finding Your Role in ADAMFinding Your Role in ADAM

Key Personnel ADAM Roles

Ministry Security Architect ADAM Administrator

Data Custodians Application Administrator

Authorization Grantor

Ministry/Org Unit Application Representatives

Authorization Grantor

Client Application Representatives Authorization Grantor

Application Users End User

Ministry BCeID Consultant

Business Application Support Staff

Help Desk

2.10

TerminologyTerminology

Delegation The act of giving an appropriate representative

the ability to manage user access to applications

Authorization The ability to perform specific actions within an

application

Organization An organizational unit/company/community

group/public institution/discrete entity/etc.

2.11

Terminology (cont.)Terminology (cont.)

Profile:• Refers to one or more “Application Roles”• Typically reflects a business function, rather than

a specific application function• Profiles can be associated with an organization• Profiles can span applications

Note: This capability is available but implementation is still under consideration

2.12

Understanding the Profile/Org LinkUnderstanding the Profile/Org Link

If a profile is not secured by organization then: Application Administrators & Authorization

Grantors can NOT select an organization during delegations/authorizations

End Users have access to the application based on the profile

2.13

Understanding the Profile/Org Link (cont.)Understanding the Profile/Org Link (cont.)

If a profile is secured by organization then:• Application Administrators may:

Select a specific organization for a delegation• Auth Grantor can then authorize the profile for the

specified organization• End Users have access to the application based on

the profile and on behalf of the organization

2.14

Understand Organizational SecurityUnderstand Organizational Security

2.15

User Access ProcessUser Access Process

2.16

Organization Access ProcessOrganization Access Process

2.17

DemoDemo

Demonstration of: ADAM Home Page Online Help Guide

Next Presentation: Working with Delegations