Oregon State University  

Executive Summary

The land-grant mission is intrinsic in what we do at Oregon State University. Our role in serving the public good and ensuring the success of the people of Oregon is evident throughout the state. IT and identity management practices, however, have focused on our campus constituencies. We are easily able to provide access to systems and services to our students, employees, and associates, but we struggle to provide the same access to others. 

Each year sees increased the demand for access to digital services as part of our outreach programs. To assist our campus in fulfilling these digital outreach needs, Oregon State must implement an entity registry that allows the creation identities and accounts from outside of our traditional campus constituencies.

Organization Description

Oregon State is an international public research university located in Corvallis, Oregon.  Founded in 1868, Oregon State is the state’s Land Grant university. 

Enrollment at Oregon State is 31,412 students who study in our colleges of Agricultural Sciences; Business; Earth, Ocean, and Atmospheric Sciences; Education; Engineering; Forestry; Liberal Arts; Pharmacy; Public Health and Human Sciences; Science; and Veterinary Medicine.  With 11 colleges, 15 Agricultural Experiment Stations, 35 county Extension offices, Hatfield Marine Science Center in Newport, and OSU-Cascades in Bend, Oregon State has a presence in every one of Oregon’s 36 counties.  The 4,700 students in our Ecampus extend this presence across the nation and around the world.

Oregon State is one of only two land, sea, space, and sun grant institutions in the U.S. and is the only university in Oregon to have earned both Carnegie Classifications for Highest Research Activity and Community Engagement.  It is the state’s largest comprehensive public university, preeminent for both scholarly achievement and the direct impact of applied development, fulfilling the land-grant mission to serve the public good.

Containerized TIER Component(s) to be implemented

  • Shibboleth IdP and SP  
  • Grouper Access Management Software
  • COmanage Collaboration Management Platform    
  • Entity Registry, such as midPoint

Short Management-Level Use Case Description of Your Project

The implementation of a stand alone entity registry is a key component to the overhaul of OSU's IAM infrastructure.  It is step one in a longer term project to expand the account base that we support.

We plan to implement the TIER midPoint entity registry and populate it from our existing systems of record.  Scope details for outbound provisioning will be determined during the fall term scoping.

Expected Deliverables:

  • Scope midPoint project – Fall term 2017
  • Deploy midPoint development environment environment – Winter term 2018
  • Feed data from Banner to midPoint - Winter-Spring terms 2018 

Scope

Implement midpoint as an Entity Registry for OSU.

Excluded from Scope

Significant changes to existing IAM infrastructure for Grouper and Shibboleth.

 

Key Stakeholders

 

SponsorErica Lomax, Director, Identity & Infrastructure
Campus Success Program Contact(s)Erica Lomax, Director, Identity & Infrastructure, erica.lomax@oregonstate.edu
Communications contactErica Lomax
Project managerErica Lomax
Project team members

Andy Morgan, Identity & Access Management, Information Services

Josh Zojonc, IT Infrastructure, Information Services

Stacy Brock, Infrastructure Integrations, Information Services

Deployment Partners/ContractorsUnicon

 

Project Milestones

 

ActivityAssigned ResourcesStart StateEnd Date
Install midpoint in a test/demo configurationAndy MoganFall 2017Fall 2017
Scope definition for entity registry projectErica LomaxFall 2017Winter 2018
TBD by fall scoping phase   

Synergistic Projects

SSO in the Cloud 

The IAM team is currently working on adding nodes of Shibboleth IdP and LDAP into AWS for redundancy and resiliency of our SSO environment. This project will complete in fall term 2017. 

IdP Proxy 

Through the fall of 2017, Oregon State will install and configure an IdP proxy. We currently provide social logins for our Professional and Continuing Education (PACE) students through Cirrus Identity’s Gateway product. A recently acquired software for course delivery provides only a single SAML configuration, so a proxy will allow all students access to the resources. The evaluation of purchased versus in-house built solutions is required before the technology direction is decided. 

Constraints, Assumptions, Risks and Dependencies


Constraints      TBD
AssumptionsOSU will be able to implement the entity registry in phases, starting with parallel implemenation to our current custom engineered code, and then transitioned to new business processes.
Risks and Dependencies

Risk: Recent staff turnover and reorganization have left the IAM team short staffed and in a period of transition.

  • No labels