...
OSS
...
Tools
...
session
...
concept
...
of
...
higher
...
ed
...
IdM
...
suite
...
what's
...
in
...
the
...
box
...
and
...
what's
...
next
...
to
...
the
...
box
...
how
...
to
...
we
...
get
...
to
...
the
...
box
...
-
...
what
...
do
...
we
...
need
...
next
...
steps
...
-
...
diagram
...
architecture,
...
documentation?
...
do
...
we
...
care
...
about
...
packaging
...
that
...
much?
...
differences
...
-
...
but
...
if
...
we
...
can
...
make
...
interfaces
...
standard,
...
we
...
can
...
make
...
progress
...
important
...
thing
...
-
...
standards
...
around
...
each
...
one
...
of
...
the
...
boxes
...
inventory
...
of
...
the
...
boxes
...
that
...
are
...
missing
...
fill
...
in
...
boxes
...
w/no
...
OSS
...
equivalent
...
to
...
what
...
Oracle
...
or
...
Sun
...
provided
...
how
...
to
...
connect
...
the
...
pieces
...
-
...
interfaces
...
defined
...
-
...
provisioning
...
to
...
directories
...
or
...
authentication
...
systems
...
define
...
what
...
an
...
abastract
...
authentication
...
system
...
components
...
that
...
those
...
interfaces
...
connect
...
to
...
-
...
what
...
are
...
they?
...
need
...
end
...
to
...
end
...
vision
...
of
...
what
...
the
...
components
...
are
...
high
...
level
...
-
...
need
...
to
...
demonstrate
...
-
...
unique
...
aspects
...
around
...
higher
...
ed
...
the
...
market
...
has
...
never
...
addressed
...
influence
...
some
...
of
...
the
...
commercial
...
products
...
to
...
support
...
some
...
of
...
higher
...
ed's
...
standard
...
interfaces
...
lack
...
of
...
vendor
...
support
...
for
...
heterogeneous
...
environment
...
open,
...
not
...
necessarily
...
open
...
source
...
-
...
open
...
interfaces
...
that
...
are
...
documented
...
immediate
...
plans
...
-
...
Sun
...
customers
...
-
...
Mn
...
State
...
Colleges
...
-
...
Oracle
...
bought
...
Sun
...
just
...
after
...
selection
...
-
...
they
...
have
...
four
...
years
...
on
...
their
...
contract
...
-
...
many
...
have
...
a
...
2
...
to
...
5
...
year
...
window
...
One
...
place
...
has
...
a
...
2
...
month
...
window
...
-
...
switch
...
to
...
Oracle
...
or
...
turn
...
it
...
off
...
Directory
...
server
...
-
...
they
...
couldn't
...
migrate
...
that
...
fast
...
Sun
...
identity
...
manager
...
-
...
provisioning
...
engine
...
-
...
need
...
to
...
move
...
away
...
from
...
Have
...
to
...
switch
...
to
...
Oracle
...
Sun
...
directory
...
server
...
not
...
necessarily
...
enough
...
to
...
just
...
have
...
open
...
interfaces,
...
you
...
want
...
the
...
favorable
...
software
...
licensing
...
terms
...
of
...
open
...
source
...
any
...
solutions
...
can
...
be
...
considered,
...
commercial
...
and
...
open
...
source
...
SPML
...
potentially
...
can
...
be
...
the
...
connectors
...
missing
...
piece
...
-
...
no
...
way
...
of
...
shipping
...
information
...
between
...
provisioning
...
components
...
these
...
things
...
haven't
...
been
...
standardized
...
time
...
horizon
...
-
...
two
...
years?
...
probably
...
not
...
enough
...
What's
...
going
...
on
...
now
...
that
...
could
...
solve
...
pieces
...
of
...
this
...
problem
...
We
...
have
...
the
...
middleware
...
model,
...
at
...
least
...
most
...
of
...
the
...
high
...
level
...
components
...
Gap
...
analysis
...
Short
...
term,
...
interim
...
solution
...
based
...
on
...
open
...
source
...
-
...
nothing
...
for
...
provisioning/deprovisioning
...
Underlying
...
LDAP
...
information
...
model
...
-
...
most
...
people
...
have
...
more
...
complicated
...
information
...
in
...
their
...
registry
...
-
...
information
...
model,
...
LDAP
...
won't
...
be
...
enough
...
Evaluate
...
the
...
information
...
model
...
We
...
don't
...
know
...
what
...
the
...
problems
...
are
...
We
...
haven't
...
tried
...
to
...
put
...
the
...
end-to-end
...
suite
...
together
...
Open
...
metadir
...
OpenRegistry
...
Grouper
...
biggest
...
gap
...
is
...
in
...
the
...
provisioning
...
space
...
timing
...
-
...
people
...
are
...
paying
...
attention
...
to
...
the
...
issue
...
because
...
of
...
Oracle/Sun
...
Opportunites
...
we
...
can
...
leverage
...
now
...
-
...
What
...
Sun
...
components
...
are
...
replaceable
...
by
...
other
...
products
...
Whether
...
commercial
...
or
...
open
...
source
...
-
...
rethinking
...
of
...
your
...
architecture
...
approach
...
-
...
most
...
people
...
have
...
been
...
running
...
our
...
IdM
...
infrastructure
...
for
...
10
...
years
...
-
...
opportunity
...
to
...
review
...
those
...
choices
...
Framework
...
for
...
how
...
it
...
ought
...
to
...
work
...
How
...
you
...
ought
...
to
...
be
...
thinking
...
about
...
IdM
...
issues
...
List
...
of
...
components
...
-
...
all
...
institutions
...
can
...
provide
...
and
...
compare
...
Multiple
...
approaches
...
that
...
can
...
run
...
concurrent
...
-
...
technical
...
plumbing,
...
issues
...
and
...
decisions
...
Defined
...
layers
...
so
...
you
...
can
...
pull
...
out
...
and
...
fix
...
just
...
parts
...
Framework
...
for
...
how
...
they're
...
going
...
to
...
do
...
things
...
Easier
...
to
...
share
...
components
...
Common
...
vision
...
of
...
where
...
we
...
ought
...
to
...
be
...
heading
...
Framework
...
won't
...
connect
...
systems
...
-
...
you
...
need
...
a
...
protocol
...
for
...
that
...
Grouper
...
-
...
looking
...
a
...
groups
...
-
...
you
...
can
...
share
...
if
...
you're
...
only
...
doing
...
that
...
-
...
but
...
most
...
provisioning
...
is
...
much
...
more
...
complex
...
-
...
going
...
to
...
require
...
another
...
level
...
of
...
complexity,
...
and
...
those
...
things
...
don't
...
exist
...
SPML
...
-
...
can
...
get
...
around
...
LDAP
...
-
...
next
...
level
...
is
...
going
...
to
...
be
...
semantic
...
web
...
stuff
...
Are
...
we
...
prepared
...
as
...
a
...
community
...
to
...
take
...
on
...
that
...
work?
...
Can
...
tackle
...
it
...
in
...
layers
...
High
...
level
...
framework
...
-
...
reference
...
architecture
...
-
...
interfaces
...
-
...
technical
...
protocol
...
specifications
...
reference
...
implementations
...
that
...
exercise
...
the
...
interfaces
...
Time
...
horizon
...
-
...
better
...
for
...
people
...
who
...
have
...
3
...
years,
...
2
...
to
...
5
...
years
...
Higher
...
Ed
...
community
...
not
...
big
...
enough?
...
Draw
...
a
...
line
...
in
...
the
...
sand
...
-
...
anyone
...
who
...
has
...
to
...
have
...
it
...
solved
...
by
...
a
...
certain
...
date
...
Of
...
those
...
people
...
-
...
who
...
will
...
realistically
...
not
...
just
...
go
...
to
...
Microsoft
...
ILM
...
Monetary
...
question
...
-
...
you
...
can
...
budget
...
and
...
fund
...
it
...
because
...
there
...
is
...
a
...
monetary
...
driver
...
Is
...
it
...
on
...
CIO's
...
radar
...
screen?
...
Top
...
5
...
in
...
the
...
ECAR
...
report.
...
But
...
not
...
necessarily
...
the
...
Oracle/Sun
...
problem
...
IAM
...
issue,
...
and
...
resourcing/funding
...
issue,
...
leaning
...
away
...
from
...
open
...
source
...
don't
...
let
...
a
...
good
...
crisis
...
go
...
to
...
waste
...
Oracle
...
is
...
going
...
to
...
present
...
there
...
are
...
no
...
alternatives
...
-
...
we
...
want
...
to
...
create
...
alternatives
...
Oracle
...
is
...
selling
...
it
...
as
...
a
...
suite
...
-
...
but
...
really
...
what
...
are
...
the
...
boxes?
...
registry,
...
directory,
...
authn
...
services,
...
provisioning
...
worried
...
about
...
LDAP
...
registry
...
is
...
the
...
mainframe
...
-
...
how
...
to
...
attack
...
that
...
problem
...
where
...
are
...
our
...
pain
...
points
...
Shibboleth
...
-
...
pretty
...
mature
...
project
...
-
...
why
...
pay
...
money
...
for
...
something
...
else
...
can
...
you
...
make
...
that
...
same
...
argument
...
for
...
the
...
other
...
boxes?
...
core
...
missing
...
piece
...
is
...
provisioning
...
engine
...
intelligence
...
lies
...
at
...
end
...
points
...
of
...
the
...
network
...
-
...
how
...
do
...
you
...
transfer
...
-
...
but
...
if
...
a
...
segment
...
is
...
missing
...
1.
...
Sun/Oracle,
...
what
...
to
...
do
...
2.
...
What
...
are
...
the
...
pieces
...
out
...
there,
...
and
...
reasons
...
why
...
to
...
choose
...
it?
...
2
...
goes
...
to
...
the
...
reference
...
framework
...
long
...
term
...
-
...
to
...
be
...
competitive
...
-
...
you
...
need
...
to
...
have
...
a
...
good
...
understanding
...
of
...
the
...
boxes,
...
the
...
suite,
...
enough
...
of
...
a
...
concept
...
so
...
that
...
there
...
can
...
be
...
commercial
...
support
...
-
...
try
...
to
...
get
...
that
...
commercial
...
support
...
define
...
boxes
...
make
...
sure
...
that
...
there
...
can
...
be
...
solutions
...
that
...
either
...
institutions
...
or
...
commercial
...
providers
...
can
...
offer
...
such
...
a
...
low
...
profile
...
budget
...
wise
...
-
...
IT
...
doesn't
...
get
...
much
...
attention
...
-
...
Oracle
...
going
...
gangbusters,
...
Microsoft
...
coming
...
in
...
-
...
can't
...
sell
...
open
...
source
...
solutions
...
because
...
this
...
is
...
diverse
...
and
...
complex
...
-
...
unless
...
we
...
can
...
make
...
it
...
more
...
manageable
...
so
...
it
...
can
...
be
...
supported
...
Some
...
name
...
recognition
...
in
...
management
...
for
...
Kuali,
...
etc.
...
But
...
they're
...
all
...
about
...
having
...
Oracle
...
do
...
everything
...
Higher
...
education
...
differentiaters
...
that
...
are
...
built
...
into
...
this
...
suite
...
Who
...
is
...
using
...
it?
...
Apple is
...
using
...
OpenLDAP
...
component
...
stream
...
-
...
combine
...
components
...
into
...
a
...
framework
...
-
...
packaging
...
of
...
the
...
model
...
open
...
identity
...
solutions
...
gained
...
traction
...
through
...
marketing
...
Some
...
entrepreneur
...
will
...
see
...
the
...
value
...
in
...
offering
...
support
...
package
...
for
...
the
...
open
...
source
...
IdM
...
stack
...
pick
...
a
...
date
...
get
...
people
...
in
...
the
...
room
...
who
...
are
...
committed
...
sales
...
force
...
for
...
IdM
...
on
...
the
...
web,
...
on
...
the
...
net
...
version
...
of
...
IdM
...
SaaS
...
for
...
IdM
...
jump
...
ahead
...
of
...
the
...
market
...
never
...
be
...
able
...
to
...
win
...
that
...
conversation
...
with
...
our
...
CIO
...
how
...
to
...
build
...
it
...
as
...
a
...
web
...
service
...
figure
...
out
...
a
...
way
...
to
...
build
...
it
...
-
...
have
...
some
...
revenue
...
model
...
on
...
the
...
other
...
end
...
IdM
...
as
...
a
...
service
...
needs
...
to
...
be
...
the
...
same
...
across
...
multiple
...
schools
...
if
...
we
...
are
...
to
...
attract
...
commercial
...
support
...
Schools
...
who
...
really
...
need
...
support
...
may
...
not
...
be
...
the
...
ones
...
represented
...
here
...
Commercial
...
affiliates
...
-
...
how
...
to
...
take
...
a
...
system
...
and
...
integrate
...
it
...
into
...
what
...
customer
...
has
...
Having
...
hard
...
numbers
...
on
...
savings
...
1.
...
software
...
registry
...
with
...
functions
...
and
...
supportability
...
2.
...
group
...
to
...
deal
...
with
...
Sun/Oracle
...
problem
...
3.
...
standards
...
group
...
-
...
provisioning,
...
registries
...
Jens
1.
...
marketing
...
2.
...
what
...
are
...
the
...
boxes
...
survey
...
inventory
...
-
...
what
...
the
...
pieces
...
are
...
gap
...
analysis
3. connecting the boxes
framework
reference architecture
protocols
4. what do we need to do
projects
lightweight projects people can work together on over the next six months
what is the functionality that goes with the boxes
https - Jboss - SAML - policy engine
Identity manager - need to support SPML
how does it take data in?
define to a lower level what the functionality of each box is
that being in the framework can help when something like Oracle/Sun happens
look at services catalog for IAM
WebSSO CAS and Shib - kind of the same, but different
options - need to understand the components
something that more fits your campus needs
come up with a high level architecture
Jack is on MS Higher Ed Advisory group
many of us will have to run a MS directory product
if you could move in a direction favorable to us, you can make inroads into higher ed
not in lieu of the OSS, but another option
follow-up
tomorrow morning - forming working groups
please think about what you and your institution can do
streams - technical, managerial, coordination, marketing