DRAFT - IN PROGRESS
Deadline for finalizing the survey questions is Monday 21-Feb-2011. After this date we will put the survey questions into SurveyMonkey for data collection.
NOTE: You must be logged in to edit, see access instructions at http://middleware.internet2.edu/docs/internet2-spaces-instructions-200703.html
OR send mail with your comments and suggestions to Steve Olshansky, MACE-Dir Flywheel <steveo AT internet2 DOT edu>.
---
Developing a survey about managing people entries, attributes, and affiliations from non-authoritative sources...
NOTE: Contact info is for internal purposes only, for use in contacting you later if questions arise. Any public reports will EXCLUDE your info unless you give us permission to include it.
- Name
- Title
- Institution
- May we identify you in public reports resulting from this survey?
Guest survey questions
- Trigger or initiation of a guest identity
- Who or what processes can trigger the provisioning of guest identity?
- Are guest identities in a separate store or in same store as identities of employees and students?
- Do guests require an explicit sponsor or approval - an explicitly designated person or unit or system responsible for the guest identity?
- Guest identity data
- What data is required about the guest? legal name, SS# or other government identifier, dob, email address, other?
- Is supplied data verified? Matched against existing systems of record?
- (How) is the source of this data retained? (save the paper or e-form, copy IDs,….)
- Do guest receive a netID or local equivalent in the same namespace as employees and students? If a separate namespace, how is namespace collision avoided?
- Is there an explicit indication of guest origin in identity record?
- What eduPersonAffiliation values are or may be provisioned?
- Uses of guest identity
- Does the guest identity receive automatically-provisioned service accounts as do employees or students
(e.g., automatically provisioned email account or address in the domain of the institution)? - Do guests appear in the institutional on-line directory? Designated as guests? Sponsor shown with record?
- Can guests edit their record with self-service data (contact information, description, etc.)?
- How do guests receive an initial password, claim accounts, or reset passwords?
- Can guests rely on external authentication (e.g., Facebook or Google) for access to institutional information resources? Has this feature been requested?
- (How) are guest identities asserted with an explicit level of assurance?
- Does the guest identity receive automatically-provisioned service accounts as do employees or students
- Deprovisioning
- What is the maximum amount of time a person can be affiliated on a guest account?
- If guests are sponsored, what occurs when the sponsor leaves?
- (How) do you control guest identities so as to provision only a single guest identity to a person?
- Are guest accounts ever converted to non-guest identities using the same identifier?