TIER Entity Registry Working Group Home
Future Calls: Chose the one (Wed. or Fri.) that works best for your schedule and time zone):
- Subgroup 2: Friday, 15 April, 2016 at 10 am Eastern, 7 am Pacific, 3 pm UTC
Subgroup 1: Wednesday, 20 April, 2016 at 3 pm Eastern, Noon Pacific, 8 pm UTC
Agenda for upcoming WG meetings plus meeting notes for the past ones are here: http://j.mp/1PWMCp5
Attendees are encouraged to participate in live-scribing the meetings on the above Google doc.
Email List: tier-entreg@internet2.edu
– To subscribe, browse to https://lists.internet2.edu/sympa/admin/tier-entreg
Working Group Chair: Warren Curry, University of Florida
Charter for the TIER Entity Registry Working Group (wiki page)
Key Deliverables for TIER R1
COmanage 1.0.2 Compared to the TIER Entity Registry Requirements IAM Functional Model: Diagram, Table and Glossary Internet2’s Trust and Identity in Education and Research (TIER) program provides a range of core functionality, including group and access management, single sign-on, and federation management. But peering deeper into the layer that forms the basis for Identity and Access Management (IAM) functionality, the TIER Entity Registry Working Group and the TIER Data Structures and APIs Working Group have proposed a data ecosystem required to support the TIER components. Central to this ecosystem is a well-defined strategy for the creation and use of data repositories. These repositories must be complete, flexible, and extensible.
Access Control The act of allowing access to facilities, programs, resources or services to authorized persons (or other valid subjects), and denying unauthorized access. Access Control requires that rules or policies be in place, that privileges be defined, so that they can be enforced. Access Management That part of Identity Management comprising the processes and tools used to associate privileges with subjects in accord with the wishes of Authorities. A comprehensive set of tools and processes for assign and revoke access to resource to digital identities.
Narrative form
By April 2016 (from Charter)
- Document Functional Requirements for System of Record (SoR) to the Entity Registry Define a minimal first iteration Registry person schema/resource
- Draft a first iteration functional model for IAM with a glossary of institutional processes around identity lifecycle management.
- Draft fit/gap analysis between current COmanage registry functionality and this WG’s Entity Registry requirements.
- Provide COmanage WG with rough definition of work required to fill gaps in COmanage functionality
Entity Registry Requirements
- From CIFER Registry Team
- From CIFER Enrollment (Registration) Requirements
- From TIER campus surveys
- From U Florida (courtesy of Warren Curry)
Functional Model for Entity Registry and Allied Services
- Identity Registry Functional Model (Sept. 2011, CIFER)
Schema for core IAM resources
Prior work: CIFER SOR-Registry Core Schema Specification
Gabor’s overview: https://gist.github.com/geszes/3d4b9ff49441058db434
Draft Based on Schema.org: https://gist.github.com/geszes/6bfd8926bded03786a63
Clemson Authology schema: http://authology.org/doc/VaultServiceReference/vaultServiceReference.html
Penn State Person Bio Record
COmanage Registry Data Model
Person Schema Comparisons:
Member-contributed Resources
- University of Wisconsin - UDS Person Schema
- Comparison of UW-Madison UDS Person API and CIFER API
- Rob Carter thoughts on fine-grained authZ on APIs for data access
See Also:
- TIER Working Groups Home
- TIER Data Structures and APIs Working Group
- Background information on TIER, Internet2 initiative on Trust and Identity in Education and Research