Kitty Bridges
David Ackerman
Christopher Small-Warner
Robert Capellini
Joseph Pawletko (Leader)
Nicholas Likos
Shari Halter
Lynn Rohrs
Michael K. Singer
Library interested in Role based authorization, mapping between role and abilities
kb)Deciding from policy re: Shibboleth
Implementing Grouper w/Gary Chapman
(da) We’ve licensed Sailpoint
Org-Synch?
(nl) interested in self serve group manageent
(nl) Gallatin trying to get best value for their work, looked into cloud infrastructure, for Drupal. 24 hour support, but authentication issue on cloud
(kb) need w/website made more clear w/cloud – we are part of group called “In Common” so we can partner quickly
thinks it may be in NYUClasses
some may be Sakai and Google integrated (repurposed)
some groups should be automated
but question beyond simple authentication will utilize Grouper/Sailpoint
Will happen in this fiscal year
(da) things not on Shibboleth, will be moved over, thinks we’ve just upgraded to recent version of Grouper
(jp) how will this impact guest faculty, for instance? (kb) can sponsor a guest account, (da) already have in performance comptuting
(nl) some should be fed from authoritative systems, some
(csw) trouble with visiting resource scholar (kb) that will continue. This can be shared, to an extent between participating Shibboleth schools (Educause as one example)
(kb)EduRoam will do same thing for network access
much of push from Shibboleth came from Library world for sharing between universities, corporate publishers, as well. Beteween Guest accts, Sailpoint, EduRoam most of the authorization should be taken care of
Shibboleth marries Grouper and Sailpoint and EduRoam (lightweight authorization N-number?). Grouper and Sailpoint will be customizable by respective schools.
Can tell you that I am faculty (Grouper), for instance, fine-grained access control provisioning through Sailpoint.
(lp) is there any place that aggregates user stories, yes there are use-cases that Gary is working with a consultant. Gary will be warned.
(ms) will this tie into ID cards? is there next gen for ID? i.e. New School can use some of our facilities. (kb) how to deal better w/circulation database, many ways to do that that add in what the Library needs. As we move into HR system
(nl) Part of problem is knowing what the authoritative systems are. (kb & da) yes, Gary has pictures. NetIds come from Registration, more realtime now.
(nl) looking for very fine grained privilege delegation (XML RPC based) Hackathon, came up w/Rails based app, wanted control down to a single URL.
(csw) looking for central web service access control is metadata than can be expired, – we will work together
(da) Send Authorization Use Cases to Gary Chapman and David Basson in ITS.
.