MACE-paccman Working Group at 2012 FMM
Monday, Oct 1, 2012
10:30 - 11:30 a.m.
Location: Freedom E
- Welcome - Tom Dopirak and Keith Hazelton
- Intellectual Property Reminder - http://www.internet2.edu/membership/ip.html
- Agenda Bash
- Access Management Stories
- Clemson Report on the status of access management project at Clemson- (Boyd Wilson) -- confirmed
- CMU Student services and their custom access management system (Tom Dopirak) -- confirmed
- Rutgers and Open Registry work?
- CIFER Provisioning and Integration work stream update
- Emerging use cases: Guest/Invitation systems and provisioning from them
- Planning for P&I and Access Management work at ACAMP
- Discussion of survey regarding prescriptive and optional access management principles (Chris Phillips)
- Why is federated authorization so hard and do we have to do it anyway? (Heather Flanagan)
- Simple Lightweight Access Markup Language (SLAML =), a policy protocol for the feint of heart and simple of problem. (Keith)
- Implementing a PDP that speaks SLAML on the front end and pulls policy info from Grouper on the back.
- It could handle questions as complicated as:
- Is the authenticated principal a member of any group that carries a role that entitles them to perform action A on resource (class) R?
- Bamboo is the use case
- Doing CIFER before CIFER exists at U of Utah. (need to reach out to Bryan Wooten or another representative from U. of Utah)
- Pitch Upcoming Sessions at FMM
- "Grouper After Groups - Enabling Net+ Services with PAP, PEP, and PDP, Oh My!" ( Bill Thompson preview, session is Wed. at 4:30pm )
- "IAM Soluctions for the Community from the Community: CIFER and Friends" (Keith preview, session is Thurs. at 10:30am)
- Questions / Comments