Versions Compared

Old Version 23

changes.mady.by.user user-c1a6f

Saved on

compared with

New Version 24

changes.mady.by.user user-c1a6f

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

BruinCard is UCLA's employee and student photo ID card. It is a physical door access token, a debit card, and is used for meals and access to events on campus. UCLA is in the process of replacing the BruinCard application (moving from an old Blackboard software to Blackboard Transact). While migrating, we are integrating When we replaced the BruinCard technology stack in 2015, we integrated BruinCard systems with Grouper, using Grouper to manage/automate door access provisioning and de-provisioning.. Grouper is now the engine behind most of BruinCard's group and role management needs. These include:

  • Door access assignment - delegated function to let departmental door administrators manage door access in the departments
  • Door administrator role assignment - manage who is a door administrator, and for which unit
  • Photo API access - manages the ACL for BruinCard photo downloads

Gliffy Diagram
size600
nameGrouper and BruinCard integration

...

Type: Service Eligibility Declaration / Group Membership Management 

UCLA deployed multi-factor authentication (MFA) in its Shibboleth Single Sign-On service in June 2016. Our goal, over time, is to require MFA use campus wide. On our way to that goal, we recognize that it is necessary to develop a flexible architecture allowing us to flexibly configure which population we turn on MFA for. Grouper is calculation engine we use to track who needs to enroll, who has enrolled, and who are the exceptions.Image Added

External Service Entitlement Attribute Management (PAC-12 TV and HBO GO)

Type: Service Eligibility Declaration/ManagementTODO: Write use case description

UCLA uses Grouper to calculate and set eduPersonEntitlement values for a number of external services. These include PAC-12 TV Network mobile access and HBO Go access. We are in the process of converting all similar entitlement assertions (Google Apps, Gartner, etc.) to user Grouper.

Box Group Management

Type: Group Membership Management

UCLA is in the process of rolling out Box (box.com) to employees and studentsis UCLA's online file storage and collaboration service. Box's built-in group management is awkward and difficult to scale to a distributed environment. We are externalizing group management from Box to Grouper, using Grouper to:

1. automate Box group membership updates (from book-of-record data sources)
2. enable more flexible, distributed group membership management by project, department, or collaboration groups.

...