Academic journal article College and University

Identity and Access Management: Technological Implementation of Policy

Academic journal article College and University

Identity and Access Management: Technological Implementation of Policy

Article excerpt

Navigating the multiple processes for accessing ever-multiplying campus information systems can be a daunting task for students, faculty, and staff. This article provides a brief overview of Identity and Access Management Services. The authors review key characteristics and components of this new information architecture and address the issue of why a campus would want to implement these services. Implementation issues, particularly those where technology and policy intersect, are also discussed.

Jeff's in his office and the telephone rings. The display gives him the number; it's one he recognizes. "Hi Dave, what can I do for you, " he says. Dave is the director of First Year Programs and they speak pretty often. "Hi, Jeff. Some of the students in my Peer Mentoring classes are registered for the wrong sections. What's the best way to fix it?," Dave asks. "Send me a list, " he replies. A few minutes later, he receives an e-mail message with a list of students to move to different sections. He gives the list to one of the staff in the Enrollment Services section of his department and a while later can let Dave know that the students are now in the correct sections.

Later a student knocks on his door. She's dressed in a suit and she's in tears. "Can you help me? I was in your class a few years ago. " She asks. "Sure, Jennifer, I remember you. What do you need?" "Host my purse and I need a transcript for an internship interview and I can't get a transcript without my ID card, what can I do?" "No problem, I know who you are, " he tells her and informs the appropriate staff person that it's ok to give Jennifer her transcript.

What do these two situations have in common? In both, the transactions depended on the identities of the people involved, Jeff's ability to verify their identities (and his staff members' ability to verify his identity), and the appropriateness of the transactions they requested to their roles.

Clearly, it works on an occasional basis, since we do it all the time. However, it doesn't scale. Many of the nearly two thousand faculty and 26,000 students like their problems solved promptly, but Jeff likes to sleep at night and take the occasional day off!

Identity and Access Management

Automated approaches to these problems are not new. Access is typically managed differently in each system and then augmerited in an ad hoc fashion by people like the examples above. This wasn't a big problem years ago, when the number of systems that a person might use was limited. Now, a person might be granted access and authorities for e-mail, voicemail, the student information system, the human resources system, the financial system, the course management system, the library system, an electronic portfolio, a campus portal, a data warehouse or data mart or two, a local area network, and who-knows-what-other campus resources. All of these might require separate applications for access, customization profiles, and IDS and passwords. Navigating the multiple processes for gaining access can be a daunting task for any new student, employee, or faculty member.

Enter the identity and access management services. This new information infrastructure has several key characteristics.

* It integrates all the pertinent information about people from multiple authoritative source systems such as those listed above. This reconciles the accounts we all have in these systems and joins our identities together under one campus unique identity. Using such a system, an application in the library, for instance, might use a person's library system ID to look up that person's e-mail address, campus address, and role at the institution to generate a message that a recalled book was being sent, print a label to use to send the book through the campus mail system, and verify the person's role at the institution to determine a due date for the book, extracting information from separate systems with separate identifiers. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.