Click here to receive your FREE subscription to Campus Technology
Focus
Security: Trend Report: Identity Management
10/20/2005
In this latest update on “Everything You Need to Know About IdM,” columnist Doug Gale lays out the old, the new, and the soon to be must-haves.
INCREASINGLY, A HIGHER EDUCATION institution’s ability to provide services over the network depends on its ability to authenticate, authorize, and provision user access rights in a unified, consistent, straightforward, and effective way. That’s easy to say but devilishly hard to do, and far too complex to cover in a single column!
Still, as we wade into this Byzantine morass of identity management (IdM), it helps to remember that there are four underlying components:
- Identification (your name or network/system identifier)
- Authentication (proof you’re you)
- Authorization (what resources you have permission to access)
- Directory (information about you and what you are allowed to do)
For now, let’s look at the first two: identification and authentication. Future columns will consider authorization and directory services.
Identification
At the heart of these schemes is how individuals are identified. Over time, single names evolved into first and last names, and more recently, into unique identifiers such as the Social Security Number (SSN). Unhappily, the use of SSNs as identifiers in higher ed creates identity theft and privacy problems, and d'es not easily adjust to our international community. We’re left with the need for a unique identifer or name.
A unique identifier is more than just a long string of numbers (see box, page 18). For example, at Indiana and George Mason (VA) universities, each student is assigned a unique and persistent multidigit identifier (used by the student information system), as well as a unique but easier to remember eight-character network ID and password that can be mapped back to the longer multidigit identifier. Defining a unique identifier is often a politically contentious process.
Authentication
Authentication (AuthN) is used to prove in some fashion that an individual is who he says he is. We can categorize that proof in three ways: something you have (e.g., a key or a birth certificate), something you know (a password), or something you are (e.g., your fingerprints). (See “Security: It’s Not All About Hackers,” Campus Technology, September 2005.)
The higher education environment involves multiple authentications: A student must prove her identity when she first enrolls. This is usually done by the admissions or registrar’s office, and is normally based upon a series of documents (such as high school transcripts) that the student sends the institution. Some institutions are beginning to require arriving students to show a picture ID, although that creates problems in enrolling distance ed students, and may not be any more secure than the traditional process. Jack Suess, vice president for Information Technology at the University of Maryland-Baltimore and co-chair of the Educause/Internet2 Security Task Force, recommends the identity proofing standards developed by the federal government as being both quantitative and flexible. The government’s E-Authentication Web site can be found at www.cio.gov/eauthentication.
Recommended Reading
- Talisma Launches New Version of CRM with Built-in Application Management
Talisma Corp. announced version 8.0 of its constituent relationship management (CRM) application for higher education. The new release includes application management, a revamped user interface, two-way text messaging, personalized Web portals, and an ADA-compliant Web client, among other enhancements.
- Bringing Composers into Classrooms Through Skype
Two Pennsylvania teaching colleagues with an interest in music and technology are bringing remote experts into classrooms at almost no cost, using Skype's free videoconferencing technology.
- Columbia U Going Live on iTunes U
Columbia University has been beta testing its content through iTunes U, the Apple desktop media player for education-related podcasting. The New York-based university expects to go live with its release at the start of the fall semester.
- Let the Games Begin! Google vs. Microsoft
Pursuing a strategy as a consumer of services and choice, Drexel University has partnered with both Google and Microsoft to provide students with massive e-mail mailboxes, gigabytes of file storage with collaboration tools, Web-based calendars, personal blogs, and more.
- Ferrum College Enrolls Juniper Networks To Extend 10 Gigabit Ethernet
Ferrum College in southwestern Virginia has chosen to replace its campus-wide legacy Cisco network infrastructure with Juniper Network switching, network access control (NAC), and firewall/virtual private network (VPN) solutions. The college chose the new equipment after deciding to extend 10 Gigabit Ethernet (10GbE) throughput across the network in support of advanced voice over IP (VoIP) by fall 2009.
- Tiffin U's New Online College to Use Pearson's eCollege for Course Management
Beginning this fall, students in Tiffin University's newest online program, Ivy Bridge College, will use eCollege, a course management system from Pearson, for all of their online courses. The 2,350-student Tiffin U is located in Tiffin, OH and offers both on-campus and online classes. Since 2005, those online courses have been managed through Jenzabar Internet Campus Solution.
Related Articles
- California Community Colleges Partner with Waterfall Mobile on Statewide Emergency Notification Coverage
- King's College and ASU Add e2Campus for Improved Emergency Notifications
- Saint Joseph Builds Out Wireless Network in Multi-year Upgrade
- Vista Ramp Up Is Happening Now, Study Says
