Versions Compared

Old Version 1

changes.mady.by.user Keith Hazelton (wisc.edu)

Saved on

compared with

New Version Current

changes.mady.by.user Keith Hazelton (wisc.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

  • P&I projects are everywhere
    •   New OS open source registry deployments (CPR and OR) at multiple institutions are anchor tenants for IAM infra and must be wired in for P&I
    •   Grouper deployment projects abound, driving new models of managing service eligibility
    •   Numerous campuses are on verge of deploying major commercial offerings in this space (OIM, etc.)
    •   Meanwhile COmanage, CoCoA and SurfConext SURFconext packages are targeting Research VOs (complementing institutional focus elsewhere)
  • HE & R community can take full advantage of the range of current activity IFF we *  
    • Articulate a common functional framework within which we can discuss P&I use cases and requirements (in progress)
     
    • Capture use-case driven requirements across an identified set of projects
     
    • Document solutions emerging from these projects
     
    • Highlight successful aspects of specific projects to guide next round of institutional or VO projects
  •   We already have adequate resources to start shepherd this work (additional resources would accelerate progress)
     
What's in the Open Source P&I toolchest tool chest today?
  • Change-driven messaging from identity registries (CPR and OR) and Grouper
    • ActiveMQ in CPR, explorations w Grouper (including SCIM)
    • Amazon SQS, SNS as alternatives to ActiveMQ for queuing and notifications (UDub)
    • Camel routes in OR (CAMELCamel: runnable/configurable Enterprise Integration Patterns)
  • Feeding the Identity Registries from the Systems of Record
    • Batch approach for OR (Rutgers own and Unicon-developed Spring Batch approachfor UC Berkeley OR)
    • Batch and API approaches CPR message-driven approach to SOR integration in CPR
    • CIFER SOR-to-Registry APIs
  • RESTful push/pull APIs from registry (CIFER)
    • SCIM flavor for cloud services & similar cases
  • Provisioning engines
    • OpenIdM (ForgeRock) investigations at CPR & Stanford
      • Shareable connectors for specific provisioning targets
      • Extension points:
        • CAMEL Camel "routes"
        • Activiti for workflows involving humans
  • Investigation/Experimentation stage: *
    • ESB: Mule
    • Rules engine: DroolDrools