Access Management Team Meeting Minutes
Date: 10/19/2011
Attendees:
Person |
Attended |
---|---|
Tom Barton |
|
Jacob Farmer |
|
Scott Gibson |
|
Chris Hyzer |
|
Jimmy Vuccolo |
|
Meeting Agenda:
We need a standard vocabulary between KIM and Grouper. Work has been done in PACCMAN already with the translation between the two. Existing work does exist for Access Management.
Chris: Are we going to mandate that the permissions of the system be policy-based or something else? With a common UI, point and time stuff, you may not be able to use policies.
Tom: Policy engine requirements, "grants and removing access shall be done automatically by defined business rules".
Tom to Scott: Do other sources of requirements exist that bare into the Access Management puzzle? Scott: Initial set of use cases that Matt wrote up has Access Management requirements in them.
One of the next steps will need to be going through the requirements for Kuali and adding them into project.
AI: Scott to add the Kauli requirements to the wikispace.
Could the PACCMAN use cases be used as a benchmark? Need to see if additional requirements exist for them.
AI: Jimmy to review the PACCMAN use cases to determine if there are any relevant requirements.
Penn State, Kuali, PACCMAN have good collections of use case. We could use them and measure the gap against them. Scott not in favor of the use case approach because Kauli is customer driven. The same thing can be said about Grouper.
In a review of the Hampton Deliverable Document, we decided that for the Glossary of terms, that we would like out to the PACCMAN glossary.
Scope for Access Management could include things like:
Quick exercise: "What are some of the GAPs that exist for the various products? (name one):
Grouper: needs a better UI, its a major gap: Tom
Kuali: Not enough management capabilities supported through the service interfaces.
Right now our columns for GAP analysis will be Grouper and Kauli. Once we have a better idea of what is going on with the OpenAM stuff, we could add them later.
We as a team need to review Recommendation #2 in more detail.
Next Meeting: 10/24/2011: 10:00-11:00 Eastern.