...
COmanage 1.0.2 Compared to the TIER Entity Registry Requirements
Excerpt |
---|
This document is a historical reference comparing an earlier COmanage version to the TIER Entity Registry Requirements. |
For items flagged , there may still be specific capabilities or enhancements required to meet all use cases.
| Requirement | Status | Funded? | Notes |
---|
1 | Administration (User Interface) |
2 | Delegated Administration | |
|
| Within existing CO/COU/Group structure |
3 | Record Search | |
|
|
|
4 | Record Relinking | |
|
|
|
5 | Self Service | |
|
| For select attributes and operations |
6 | Bulk Operations | |
|
| Limited to group operations |
7 | "Enterprise Vocabulary" | |
| |
|
|
8 | Customizable UI | |
|
| Localizable, Plugins for custom links, etc; Needs scalability testing |
9 | Accessible UI | |
|
| Partially accessible, needs further testing and refactoring |
10 | Externalized Authentication | |
|
| Anything supported by Apache |
11 | Terms and Conditions | |
|
| At enrollment or login |
12 | Person Record Management |
13 | No Hardcoded Identifier Assumptions | |
| |
|
|
14 | No SSN Dependency | |
| |
|
|
15 | "Secure" Attributes | |
|
| While (eg) SSNs can be stored as identifiers, there is no special handling to (eg) encrypt them; DoB is not in default data model, and Gender is in secondary demographic reporting record |
16 | Multiple (Typed) Attributes Per Record | |
|
| eg: Name, Address, Email Address, etc |
17 | Custom Attributes | |
|
| Simple built in model, or custom plugins |
18 | Custom Types | |
| |
|
|
19 | Multiple Roles | |
|
| role=title+department+validity dates+etc |
20 | Multiple Identity Sources | |
| |
|
|
21 | Lifecycle Management | |
|
| Includes expiration and related transitions |
22 | Identifier Assignment | |
|
|
|
23 | Self Selected Identifiers | |
| |
|
|
24 | Privacy / Attribute Release Policies | |
|
|
|
25 | Early Onboarding | | | Most of the infrastructure required for this will be implemented with new "Pipeline" capability |
26 | Registry-as-SOR | | Funded, sched 2H16 | Default model; enhancements are to separate out "SOR-as-SOR" |
27 | Customizable UI Driven Enrollment | |
| |
|
|
28 | Batch Importing | | | Most of the infrastructure required for this will be implemented with new "Organiational Identity Source" capability |
29 | Attribute Election | | Funded, sched 2H16 | eg: To pick a Primary Name from multiple SORs |
30 | ID Match Integration | | | Limited existing capabilities. New "Pipeline" will include external callouts |
31 | Identity Proofing | |
|
| TBD what this would mean |
32 | SSH Key Management | |
| |
|
|
33 | ORCID Linking | | Funded, sched 2Q16 |
|
|
34 | Audit / Changelog |
35 | Human-Readable Transaction History | |
| |
|
|
36 | Manual History Records | |
|
| ie: Comments |
37 | Point-In-Time Record Capabilities | |
|
| "Copy on write" means a delete is rarely actually a delete |
38 | Provisioning and Integration |
39 | REST API | |
|
|
|
40 | Plugin/Connector Driven Real Time Provisioning | |
|
|
|
41 | LDAP Provisioning | |
|
| Custom schemas not currently supported |
42 | Grouper Integration | |
|
|
|
43 | Unix Account Provisioning | | Funding Proposed | Current support is experimental and will be rewritten |
44 | Message Bus Provisioning | |
| |
|
|
45 | Cloud Services Integration | |
|
| Experimental GitHub support |
46 | Credential Management | | Funded, sched 2H16 |
|
|
47 | Asynchronous Provisioning | |
| |
|
|
48 | Reporting |
49 | Plugin Driven Reporting Capabilities | |
| |
|
|
50 | SQL Provisioner | |
|
|
|
51 | Notifications | |
| |
|
|
52 | Database Support |
53 | PostgreSQL | |
|
| Recommended |
54 | MySQL / MariaDB | |
|
| Tested and supported |
55 | Oracle | |
|
| Not supported by framework |
56 | SQL Server | |
|
| Supported by framework but not tested |
57 | Miscellaneous |
58 | Replication / HA | |
|
| HA as PHP web app; Replication via database |
59 | Unicode | |
| |
|
|
60 | Extensible via Plugins | |
|