Child pages
  • Access Management Team Meeting Minutes 10-19-2011
Skip to end of metadata
Go to start of metadata

Access Management Team Meeting Minutes

Date: 10/19/2011




Tom Barton


Jacob Farmer


Scott Gibson


Chris Hyzer


Jimmy Vuccolo


Meeting Agenda:

  1. Note taker, agenda bash.
  2. Review of tasking remaining to be done.
    1. Identifying elements of the work stream for Access Management.
    2. Identifying potential products and/or partners for #1.
    3. More detailed take on recommendation #2 (from the team's page).
    4. Gather specific technical or functional requirements and combine those with other sources of ideas to help us initially define what we think this activity should aim to achieve.
    5. Other?
  3. Define & assign next steps for any of those
  4. Recurrence?
  5. Else?


We need a standard vocabulary between KIM and Grouper.  Work has been done in PACCMAN already with the translation between the two.  Existing work does exist for Access Management.

Chris: Are we going to mandate that the permissions of the system be policy-based or something else?  With a common UI, point and time stuff, you may not be able to use policies.

Tom: Policy engine requirements, "grants and removing access shall be done automatically by defined business rules".

Tom to Scott: Do other sources of requirements exist that bare into the Access Management puzzle?  Scott: Initial set of use cases that Matt wrote up has Access Management requirements in them.

One of the next steps will need to be going through the requirements for Kuali and adding them into project.

AI: Scott to add the Kauli requirements to the wikispace.

Could the PACCMAN use cases be used as a benchmark?  Need to see if additional requirements exist for them.

AI: Jimmy to review the PACCMAN use cases to determine if there are any relevant requirements.

Penn State, Kuali, PACCMAN have good collections of use case.  We could use them and measure the gap against them.  Scott not in favor of the use case approach because Kauli is customer driven.  The same thing can be said about Grouper.

In a review of the Hampton Deliverable Document, we decided that for the Glossary of terms, that we would like out to the PACCMAN glossary.

Scope for Access Management could include things like:

  • Grouper, roles, permissions
  • Namespace for delegation
  • and so on.

Quick exercise: "What are some of the GAPs that exist for the various products? (name one):

Grouper: needs a better UI, its a major gap: Tom

Kuali: Not enough management capabilities supported through the service interfaces.

Right now our columns for GAP analysis will be Grouper and Kauli.  Once we have a better idea of what is going on with the OpenAM stuff, we could add them later.

We as a team need to review Recommendation #2 in more detail.

Next Meeting: 10/24/2011: 10:00-11:00 Eastern.

  • No labels