MACE-paccman Working Group at 2012 FMM

Monday, Oct 1, 2012
10:30  - 11:30 a.m.
Location: Freedom E

http://events.internet2.edu/2012/fall-mm/agenda.cfm?go=session&id=10002530&event=1149

Proposed Agenda

- Welcome - Tom Dopirak and Keith Hazelton

- Intellectual Property Reminder  -  http://www.internet2.edu/membership/ip.html

- Agenda Bash

- Access Management Stories

  •  Clemson  Report on the status of access management project at Clemson- (Boyd Wilson) -- confirmed
  •  CMU Student services and their custom access management system (Tom Dopirak) -- confirmed
  •  Rutgers and Open Registry work?

- CIFER Provisioning and Integration work stream update

  • Emerging use cases: Guest/Invitation systems and provisioning from them
  • Planning for P&I and Access Management work at ACAMP

- Discussion of survey regarding prescriptive and optional access management principles (Chris Phillips)

- Why is federated authorization so hard and do we have to do it anyway? (Heather Flanagan)

- Simple Lightweight Access Markup Language (SLAML =), a policy protocol for the feint of heart and simple of problem. (Keith)

  • Implementing a PDP that speaks SLAML on  the front end and pulls policy info from Grouper on the back. 
  • It could handle questions as complicated as: 
  • Is the authenticated principal a member of any group that carries a role that entitles them to perform action A on resource (class) R?
  • Bamboo is the use case
  • Doing CIFER before CIFER exists at U of Utah. (need to reach out to Bryan Wooten or another representative from U. of Utah)

- Pitch Upcoming Sessions at FMM

  • "Grouper After Groups - Enabling Net+ Services with PAP, PEP, and PDP, Oh My!"  ( Bill Thompson preview, session is Wed. at 4:30pm )
  • "IAM Soluctions for the Community from the Community: CIFER and Friends" (Keith preview, session is Thurs. at 10:30am)

- Questions / Comments

  • No labels