Why are we doing this?

Problem Statement:

As our campus community continues to grow, it becomes increasingly important to have a structured process for access management. UNC Charlotte is seeking to implement an enterprise-ready solution to campus partners using community-supported stable technologies.

Impact Statement:

By providing such a service, campus partners will have a clearly defined process for identifying and delivering targeted access control to a variety of applications.

How do we judge success? Success metrics

  • Stable software product on a resilient architecture accessible to the appropriate staff members.
  • Thorough documentation available on the use of the software product along with usage guidelines and administrative best practices.
  • Availability of access control information for release through existing Shibboleth IdP.
What are possible solutions?

Solutions include Grouper from InCommon and OpenAM from ForgeRock.

Grouper has been chosen as part of an overall strategy to leverage all four components from the InCommon Trusted Access Platform to deliver a unified and community-driven approach to IAM.

High-level timeline

November 27: Complete CSP Project Plan / Roadmap
December 15: Complete Test Environment / Sandbox

January 3: Finalize documentation/SOP template for Grouper

February 1: Complete Prod Environments

March 1:  MVP/Access Control in Production

Issues trackingJIRA (Internal Access Only)

Stakeholder Impact

Who is the customer and how does this help them?Applications which can utilize SAML/SSO for authorization
Why will the customer want this?Proper level of access control applied immediately at the time of use
Scale and scopeThe scale of this project has been reduced to provide adequate time and resources to achieve. The scope of this project will be to populate the existing Active Directory environment with a sampling of access-specific groups managed by Grouper which will be released by our existing Shibboleth IdP to provide authorization data to applications for consumption.
  • No labels