UITS

This fall, we are bringing you a major refresh of our website. Visit the beta now:

Try the beta
 
 
Indiana University

ARCHIVED: Identity Management Systems

"Identity management is the set of business processes, and a supporting infrastructure, that provides identity-based access control to systems and resources in accordance with established policies."
-Burton Group

The Identity Management Systems team provides technical leadership and support for identity and access solutions at Indiana University, including account management, authentication, authorization, passphrase management, and directory services. The mission is to simplify the process of obtaining and managing access to electronic resources both inside and outside the university.

Principles

  • Business process: Identity Management solutions are deeply embedded within university business processes. When new people join the IU community or when roles change, staff react immediately to enable access to new resources. Tight integration with other enterprise systems ensures that these changes happen in a timely manner.

  • Policy: Working in conjunction with the Public Safety and Institutional Assurance Office, staff design and implement systems to ensure that the university maintains strict compliance with all applicable laws, regulations, and policies with regard to controlling access to electronic resources.

Infrastructure

  • CAS: The Central Authentication Service allows web applications to delegate the process of authenticating users. CAS can authenticate users using both passphrases and OTP (One Time Password) tokens. CAS also provides single sign-on functionality for web applications.

  • Account Management System: The Account Management System allows users to centrally manage access to most enterprise systems. Users can create initial accounts, change preferences regarding email delivery, and create and manage access for others (e.g., conference attendees, affiliates, guests).

  • Passphrase: Most electronic access at IU is controlled by means of a Network ID username and passphrase. The passphrase management site allows changing a passphrase or resetting a forgotten passphrase, and provides support staff with the ability to reset a passphrase.

  • Directory Services: Identity Management uses a central metadirectory to facilitate lifecycle identity management. The metadirectory connects to all key enterprise systems and then aggregates and synchronizes identity information across all systems, including enterprise directories. This provides a consistent and accurate representation of each person within the entire organization. As data is changed in one system, it automatically updates in all other connected systems.

Future research

  • Information cards
  • Security token service
  • Role-based access management

Contact Identity Management Systems

If you are having problems with your IU Accounts, contact your campus Support Center.

For emergencies with production systems at any time of day, call 812-855-9910. Provide a description of the problem and request a page.

For assistance with non-production issues, contact Identity Management Systems.