Versions Compared

Old Version 5

changes.mady.by.user Karl R. Grose

Saved on

compared with

New Version 6

changes.mady.by.user Karl R. Grose

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Generic Functional Requirements

  1. information Information about a user should include attributes as specified by the organization
  2. only Only the IdM system should be able to write to log/audit data stores
  3. the The IdM system must be able to associate user account data across multiple systems each having different schemes for local identifiers
  4. the The IdM system needs to notify downstream systems of user-related events in a timely and secure fashion
  5. the The IdM system must consume upstream user-related events from systems of record in a timely and secure fashion

...

  1. Design data integration components to be loosely coupled, not tightly integrated to avoid "lock-in" and "lock-out" problems. Components which are loosely-coupled can bring flexibility and interoperability with products from different vendors.
  2. Base user account data integration on the mapping of a meaning-free identifier. Use a meaning-free identifier such as UUID to map to local user IDs to facilitate working across multiple systems with different schemes for local identifiers.
  3. Use commodity message queuing products. For example, use products such as ActiveMQ for messaging needs where possible.
  4. Integration with downstream systems should be asynchronous and loosely-coupled. For example, user provisioning can use event notification mechanisms using generic "user event" messages.

Technical Solutions

  1. Commodity messaging products such as ActiveMQ
  2. Integration technologies such as Apache Camel

Case Studies

See, for example, the data integration tips in the LIMA design model.

Specific Products