Old Dominion U Streamlines Identity Management with Business Process Automation

identity management workflow

Shutterstock.com

Old Dominion University (ODU) in Norfolk, VA, has implemented a workflow automation system to streamline the process of approving user accounts for the institution's identity management system.

Manual Workflow

ODU uses its own identity management system, called MIDAS (Monarch Identification and Authorization System), that provides faculty, staff and students with a single username and password to access various network resources. The system also allows people to request a new user account or changes to their account (such as access to new resources), and to request a password reset.

Before the IT department at ODU can create, delete or make changes to network user accounts, the change must be approved — and depending on which network resources the user needs to access, the request may require approvals from multiple people.

The account approval process at ODU used to be a manual one. The change request system was paper-based, and a form would traverse the campus snail-mail system from person to person until it had all of the required signatures. It would then return to the IT department, where the account managers would create, delete or modify the account as requested. The procedure was tedious and time-consuming, and the staff wanted to move it online.

The Search for Workflow Automation

In addition to automating the process through an online system, the IT department wanted the ability to generate reports about the number of requests going through the system, how much time they take to process, and so on, and they wanted an easy-to-use graphical user interface (GUI) for non-technical staff.

"We intended for the workflow system to be available to the whole university, not just to those highly technical people in the Information Technology Services department, and we were looking for something that would be intuitive to use," said Natalie Metzger, software engineer of middleware in the IT Services department at ODU.

For the technical people in the IT department, Metzger also wanted a workflow automation system that would be accessible by a REST (representational state transfer) client, so she could communicate with the system on a computer programming level rather than just through the GUI.

Metzger and her team researched potential solutions and whittled the list down to three contenders: Bonita BPM (business process management), jBPM and Activiti BPM, and then they compared and evaluated them on their ability to scale to ODU's requirements. "We finally settled on Bonitasoft primarily because it had a functioning REST interface, something that Activiti was just starting to develop at the time, so the relative ease of design really made us choose Bonita in the end," said Metzger.

Implementation Process

While implementing Bonita BPM, Metzger was also developing the rights system that operates in the background to define which systems a user is allowed to access. "It was a huge undertaking that was a big part of our accounts request process," said Metzger "It required a lot of database work, business logic development, and it also needed to have information about who our approvers are. We had to consolidate information from a lot of different systems so we could have quick access to that data."

The implementation of Bonita BPM itself was not overly complicated, according to Metzger, because the GUI is just drag-and-drop. However, the process of integrating it with ODU's custom rights system was not as straightforward as Metzger would have liked, mainly due to the lack of sufficient documentation. "To integrate with our rights system, I have independent code that I just load into the Bonita system so I can change it more easily, rather than implementing it in the Bonita system itself." Despite the challenges she faced, Metzger noted that the  documentation of Bonita BPM has improved significantly in the couple of years since she implemented the system.

Results

Bonita BPM has streamlined ODU's user account approval process by bringing it into the digital age. Users requesting accounts, changes to accounts or password retrievals don't see the Bonita interface; they see only the MIDAS identity management interface, which uses a wizard to guide them through the process of account requests, including asking them what type of account they need, who they work for and who their supervisor is. Once the user submits a request, MIDAS communicates with Bonita BPM in the background, and then Bonita determines who needs to approve the request, sends the task to them and those people receive an e-mail notification. The approvers can then log on to MIDAS to approve or deny the request.

The implementation of Bonita BPM has reduced the turnaround time for account requests from three days to one, on average. "It's not the creating the account that takes so long; it's getting all of the approvals," said Metzger. "Before, they would send the pieces of paper across campus, wait for a signature, wait till it comes back to us, and then create the account. Now it's just online where somebody clicks the button and says 'yes, I do approve' or 'no, I don't.'"

About the Author

Leila Meyer is a technology writer based in British Columbia. She can be reached at [email protected].

Featured

  • From the Kuali Days 2025 Conference: A CEO's View of Planning for AI

    How can a company serving higher education navigate the changes AI brings to ed tech? What will customers expect? CT talks with Kuali CEO Joel Dehlin, who shared his company's AI strategies with attendees at Kuali Days 2025 in Anaheim.

  • glowing blue AI sphere connected by fine light lines, positioned next to a red-orange shield with a checkmark

    Cloud Security Alliance Offers Playbook for Red Teaming Agentic AI Systems

    The Cloud Security Alliance has introduced a guide for red teaming Agentic AI systems, targeting the security and testing challenges posed by increasingly autonomous artificial intelligence.

  • Training the Next Generation of Space Cybersecurity Experts

    CT asked Scott Shackelford, Indiana University professor of law and director of the Ostrom Workshop Program on Cybersecurity and Internet Governance, about the possible emergence of space cybersecurity as a separate field that would support changing practices and foster future space cybersecurity leaders.

  • abstract pattern of cybersecurity, ai and cloud imagery

    OpenAI Report Identifies Malicious Use of AI in Cloud-Based Cyber Threats

    A report from OpenAI identifies the misuse of artificial intelligence in cybercrime, social engineering, and influence operations, particularly those targeting or operating through cloud infrastructure. In "Disrupting Malicious Uses of AI: June 2025," the company outlines how threat actors are weaponizing large language models for malicious ends — and how OpenAI is pushing back.