Data Stewardship: Defining Attribute Release PolicyTying Data management to business strategy
Marjorie Campbell; EA, Mgr Integration Services Kathy Wright; CRLT, IT Architect
Phase I: Populate CUVault in Parallel with Existing SystemsConnect to authoritative sources for employee/student info
• Develop rules to resolve identities across sources• Identify additional authoritative sources and connect to them• May be able to connect to CUID for secure attribute access• Prototype web applications
Phase II: Change Business Rules so CUVault is Auth Source for Identity
• Deploy identity management applications (self and proxy)• Connect CUVault to CLEMSONU, CUID, and the mainframe• Change HR/Registrar processes such that ID is created or associated at application
Phase III: Connect additional applications to CUVault
• Identify applications that need data stored in CUVault• Design Connectors and Business Rules for each application
• Customer service• Unique person• Dynamic identification• Trust, role-based directories • Secure access
• Technology change: Easy• Policy change: Not so much • Start policy talks early.
BACKGROUND THE PATH TO IMPLEMENTATION USER AUTHENTICATION
ATTRIBUTE TRANSFER
KEY CONCEPTS
Challenges?
IT call unique person “identity attributes”
CHALLENGES / ISSUES
CLEMSON’S UNIQUE PERSON (CU Vault)
Clemson University call unique person “University records”
WHAT IS AN ATTRIBUTE?
A single piece of information associated with an electronic identity database record. Example:
Unique IDRoles – employee, student, HHSRelationships – groups, classes, entitlements
CUVAULT GOALS:
Goals:• Single view of person• Secure access for applications to identity data• Stream line process – time and money savings• Identity access audit• Historical identity (cradle to grave)• Improved customer experience
Strategic planning and management for establishing policies, procedures, and guidelines for management of institutional data across Clemson University for:
1. Secure & Access Provisioning2. Education & Awareness3. Policy4. Retentions & Preservation
It is incumbent upon IT management to establish a high level of trust & communication between IT and University record’s administrators through support engagement with Data Stewardship Committee.