COmanage 1.0.2 Compared to the TIER Entity Registry Requirements
For items flagged , there may still be specific capabilities or enhancements required to meet all use cases.
Requirement | Status | JIRA | Funded? | TIER HIgh Priority | Notes | |
---|---|---|---|---|---|---|
1 | Administration (User Interface) | |||||
2 | Delegated Administration | √ | Within existing CO/COU/Group structure | |||
3 | Record Search | √ | ||||
4 | Record Relinking | √ | Manual Linking Operations | |||
5 | Self Service | √ | For select attributes and operations | |||
6 | Bulk Operations | CO-802 | √ | Limited to group operations | ||
7 | "Enterprise Vocabulary" | Default terminology that maps closer University vocabulary (vs VO vocabulary) | ||||
8 | Customizable UI | Localizable, Plugins for custom links, etc; Needs scalability testing | ||||
9 | Accessible UI | CO-224 | Partially accessible, needs further testing and refactoring | |||
10 | Externalized Authentication | √ | Anything supported by Apache | |||
11 | Terms and Conditions | At enrollment or login | ||||
12 | Person Record Management | |||||
13 | No Hardcoded Identifier Assumptions | √ | ||||
14 | No SSN Dependency | √ | ||||
15 | "Secure" Attributes | √ | While (eg) SSNs can be stored as identifiers, there is no special handling to (eg) encrypt them; DoB is not in default data model, and Gender is in secondary demographic reporting record | |||
16 | Multiple (Typed) Attributes Per Record | eg: Name, Address, Email Address, etc | ||||
17 | Custom Attributes | √ | Simple built in model, or custom plugins | |||
18 | Custom Types | √ | Extending the Registry Data Model | |||
19 | Multiple Roles | √ | role=title+department+validity dates+etc | |||
20 | Multiple Identity Sources | √ | See Registry Data Model overview | |||
21 | Lifecycle Management | √ | Includes expiration and related transitions | |||
22 | Identifier Assignment | Configuring Registry Identifier Assignment | ||||
23 | Self Selected Identifiers | |||||
24 | Privacy / Attribute Release Policies | |||||
25 | Early Onboarding | Most of the infrastructure required for this will be implemented with new "Pipeline" capability | ||||
26 | Registry-as-SOR | Funded, sched 2H16 | √ | Default model; enhancements are to separate out "SOR-as-SOR" | ||
27 | Customizable UI Driven Enrollment | Registry Enrollment Flow Configuration | ||||
28 | Batch Importing | CO-76 | √ | Most of the infrastructure required for this will be implemented with new "Organiational Identity Source" capability | ||
29 | Attribute Election | Funded, sched 2H16 | √ | eg: To pick a Primary Name from multiple SORs | ||
30 | ID Match Integration | CO-1053 | √ | Limited existing capabilities. New "Pipeline" will include external callouts | ||
31 | Identity Proofing | √ | TBD what this would mean | |||
32 | SSH Key Management | |||||
33 | ORCID Linking | CO-579 | Funded, sched 2Q16 | √ | ||
34 | Audit / Changelog | |||||
35 | Human-Readable Transaction History | √ | Registry History and Changelogs | |||
36 | Manual History Records | ie: Comments | ||||
37 | Point-In-Time Record Capabilities | "Copy on write" means a delete is rarely actually a delete | ||||
38 | Provisioning and Integration | |||||
39 | REST API | √ | REST API v1 | |||
40 | lugin/Connector Driven Real Time Provisioning | √ | Provisioning From Registry | |||
41 | LDAP Provisioning | √ | Custom schemas not currently supported | |||
42 | Grouper Integration | √ | Grouper Provisioning Plugin | |||
43 | Unix Account Provisioning | CO-866 | Funding Proposed | Current support is experimental and will be rewritten | ||
44 | Message Bus Provisioning | CO-583 | ||||
45 | Cloud Services Integration | Experimental GitHub support | ||||
46 | Credential Management | CO-60 | Funded, sched 2H16 | √ | ||
47 | Asynchronous Provisioning | CO-552 | √ | |||
48 | TIER API Support | √ | ||||
49 | Reporting | |||||
50 | Plugin Driven Reporting Capabilities | CO-77 | ||||
51 | SQL Provisioner | CO-1164 | ||||
52 | Notifications | √ | ||||
53 | Database Support | |||||
54 | PostgreSQL | Recommended | ||||
55 | MySQL / MariaDB | Tested and supported | ||||
56 | Oracle | √ | Not supported by framework | |||
57 | SQL Server | √ | Supported by framework but not tested | |||
58 | Miscellaneous | |||||
59 | Replication / HA | √ | HA as PHP web app; Replication via database | |||
60 | Unicode | |||||
61 | Extensible via Plugins | √ | Writing Registry Plugins |