Identity Management Systems
"Identity management is the set of business processes, and a
supporting infrastructure, that provides identity-based access control
to systems and resources in accordance with established policies."
Business process: Identity Management solutions
are deeply embedded within university business processes. When new
people join the IU community or when roles change, staff react
immediately to enable access to new
resources. Tight integration with other enterprise systems ensures
that these changes happen in a timely manner.
- Policy: Working in conjunction with the Public Safety and Institutional Assurance Office, staff design and implement systems to ensure that the university maintains strict compliance with all applicable laws, regulations, and policies with regard to controlling access to electronic resources.
CAS: The Central Authentication Service allows
web applications to delegate the process of authenticating users. CAS
can authenticate users using both passphrases and OTP (One Time
Password) tokens. CAS also provides single sign-on functionality for
Account Management System: The Account Management
System allows users to centrally manage access to most enterprise
systems. Users can create initial accounts, change preferences
regarding e-mail delivery, and create and manage access for others
(e.g., conferences attendees, affiliates, guests).
Passphrase: Most electronic access at IU is
controlled by means of a Network ID username and passphrase. The
passphrase management site allows changing a passphrase or resetting a
forgotten passphrase, and provides support staff with the ability to
reset a passphrase.
- Directory Services: Identity Management uses a central metadirectory to facilitate lifecycle identity management. The metadirectory connects to all key enterprise systems and then aggregates and synchronizes identity information across all systems, including enterprise directories. This provides a consistent and accurate representation of each person within the entire organization. As data is changed in one system, it automatically updates in all other connected systems.
- Information cards
- Security token service
- Role-based access management
Contact Identity Management Systems
|Email Identity Management Systems|
|Contact information for Identity Management Systems staff|