Stage 1: Intra-campus Web Single Sign-on - Central Identity Provider
Task |
Limited Scope ....................................... |
Broader Scope .......................................... |
|---|---|---|
Policy Steps |
|
|
Define who establishes various policies related to single sign-on (SSO) and authentication |
|
|
Have basic identity management policies in place, including data and service stewardship responsibilities and use of the system |
|
|
Have policy in place specifying whether NONE/SOME/ALL campus authenticated web sites are REQUIRED to use the central web single sign-on system |
|
|
Business Practice Steps |
|
|
Create Help desk support for users encountering problems accessing central web sites protected by SSO |
|
|
Reliably issue credentials to on-campus faculty/staff/students |
|
|
Create Help desk support for users encountering problems accessing department web sites protected by SSO |
|
|
Technical - Basic Identity and Access ManagementSteps |
|
|
Provision/de-provision accounts for and authenticate on-campus faculty, staff, and students |
|
|
Provision/de-provision accounts for and authenticate other constituencies (e.g. applicants, alums, affiliates) |
|
|
Technical - Shibboleth software Steps |
|
|
Install/operate/manage Shibboleth identity provider software |
|
|