changed:
-
Ken Klingenstein joined the meeting as an ad hoc participant after lunch and took part in the discussion of Identity Management.<br />
<br />
The participants pointed out that this is a many-to-many problem affecting almost every “higher-level” application needing and ID management service. There are production requirements for enterprise interoperability in both the DM and KS projects. There are a number of authentication and authorization approaches (JAAS, OID, LDAP, Shibboleth, etc), as well as a variety of underlying models for types of service (federated identity, peer-to-peer).<br />
<br />
The participants pointed out that this area is of interest to the entire IT industry with interested parties not limited to higher ed. A lot of standards-related activity is underway. Some participants said that this area is going to be addressed faster and more definitively in the industry at large than within the HE community. Others emphasized the unique requirements of the HE community and the need for members of the HE community to participate actively in work on the topic.<br />
<br />
Some strategies for coping with ID management emerged from the discussion. Brad Wheeler from IU. advocated putting a stake in the ground or placing a bet on one solution in order to stimulate consolidation of similar approaches and better reveal substantive differences in requirements. John Norman mentioned that in the UK, high-volume adoption of Shibboleth was leading to de-facto solutions. The approach that Sakai is using is a pragmatic agent with a growing list of attributes. George Ward mentioned his strategy is to use the Authentication OSID as a defensive strategy for risk-management. He expects the OSID to provide a means to buffer consuming applications from specific choice of implementation by individual campuses, which is beyond his control. John Norman seconded the concern for managing risk and the use for OSIDs as an insurance policy against the UK-wide adoption of Shibboleth. Ken Klingenstein and Jens Haeusser mentioned that underlying models of identity management also might change. <br />
<br />
Gerry Hanley outlined the use case of incoming high school students who have separate identities in the high school, various testing services, and with the CSU. CSU needs gather these identities to form a single stable picture / profile of the student so that it can better manage preparedness, customization, etc.<br />
<br />
George Ward made an analogous point regarding the DM requirement for tracking student performance in order to identify effective content and approaches. Jens Haeusser and Gerry Hanley expanded this use at some length, describing innovative uses of student information made possible by real-time tracking of student performance and various interventions before failure.<br />
<br />
Interested Parties for further work on Identity Management: Jens Hauesser, Ken Klingenstein, George Ward, Gerry Hanley, John Norman, Sakai (maybe)