Center for Information Technology Services
UMB Directory/Authentication Strategy
Goal: To have a robust, secure campus Directory/Authentication environment that provides seamless, intuitive connectivity to contemporary systems and that protect against security breaches while supporting appropriate access to data for UMB research, teaching, and administrative operations.
- To implement and maintain a LDAP solution for Identity Management, Authentication, Authorization and integration for all central systems.
- To provide a compatible interface to connect University, UMMS and UPI applications.
- To develop an awareness, to educate and to promote the need for standards concerning Authentication, Authorization to current and future systems.
Current State: UMB currently has many central applications and servers with separate and distinct userids and passwords. Authorizations to these systems are difficult to obtain and the access removal process is very manual in nature. Most users have several different userids and passwords which drastically increases our technology support costs.
Jan./Feb. 2003: Develop Directory Services vendor evaluation chart.
Feb. 2003: Schedule meetings with internal UMB and external UMB IT Leaders to discuss directory services solutions.
Feb./ March 2003: Select directory vendor.
Feb./ March 2003: Develop Scope document
March/April 2003: Develop Logical/ Physical Design Documents
May/June 2003: Procure hardware
May/June 2003: Develop Implementation Plan (Phased approach)
June-Dec 2003: Implement Phase 1 Plan
Outcome: UMB will design and build a directory service that provides Identity Management, Authentication, Authorization and integration of multiple systems. This system will allow for the creation of a campus portal. This system will allow for the timely management of identities and access control to our applications more quickly and effectively. Using authoritative applications to provide access to our many systems will allow the University to provide more accurate solutions for protecting data, while at the same time, ensuring and authorizing data access for those who need it.