Authentication, Authorization, and Security Task Group

First Meeting May 17, 2005

Present:
Paul Peeling (TU)
Dave Cooper (CP)
Jamal Mitchell (Bowie)
Peter Burslem (UC)
Stephen Miller (UC)
Tom Wilson (ITD)
Jean Phillips (ITD)
Laura Wrubel (ITD)
Hans B. (ITD)

1. Review of charge:
   

        CHARGE FOR THE USMAI AUTHENTICATION, AUTHORIZATION, AND SECURITY TASK GROUP
   The purpose of this group is to examine issues, survey needs, and recommend policy and technical solutions related to ensuring access to consortial and individual campus resources for USMAI's library patrons and library staff.   Staff access issues may include, but are not limited to, account proxies, staff account permissions, and account security.  Patron access issues may include, but are not limited to, interfaces with current campus and consortium authentication and authorization systems and administrative systems (e.g., campus directory services, patron loaders, proxy services, and PeopleSoft), modifications to the patron database to support multiple affiliations or related services, investigation and implementation of technologies such as Shibboleth in conjunction with the campuses and the USM, and examination of the library role in identity management. 
   
     Due to the wide-reaching nature of the group's responsibilities, the work of the group will necessarily be accomplished in collaboration with ITD, the campus information technology units, and the Information Technology Coordinating Council of the USM.  The work of this group will focus on highly technical topics and policy issues that grow from those topics; membership will reflect this reality.
   
     The group will exist for two years with a possibility for renewal.

     Tom discussed the following types of issues the group will address:
   
   1. Pragmatic, detailed, immediate issues - proxies, SSN issue, account permissions, etc.
   2. Overall issues - Administrative interfaces with PS/Banner/Etc., patron loads, assisting campuses with interfaces and communication between library and IT
   3. Developmental, down-the-road, abstract issues - ID management, Shibboleth, how does library tie onto campus identity management systems so that effort isn't duplicated?
   
   

   USM ITCC Middleware group - 1.5 years old - addressing issues across entire USM, can assist campus with middleware, directory services, shibboleth, etc. An ITCC member will be involved to address USM-wide issues for libraries.

   USMAI Auth group is to assure libraries are making progress, including USM libs and affiliated institutions. Represents an opportunity to streamline and review possibly outdated business practices.

   The role of the group is to look at problems across the consortium, work for the good of the consortium (not a representational group). Communication paths available through members and Tom/Jean at low levels, library director levels, and at the CIO/campus level. A goal of groups is to make info available to rest of the consortium and take a broad view of the impacts of authentication technologies/policies.

2. Discussion of each member's interest in group
   
   • Peter/Stephen - Patron load, middleware and looking to the future, Peoplesoft/Illiad/EzProxy interfaces, SSN issue
   • Dave (CP) - Liaison w/campus IT, LDAP issues
   • Hans (ITD) - Patron loaders, Auth, ID card/barcode issues
   • Jamal (Bowie) - ID/Barcode issues, security
   • Paul (TU) - Authentication/Authorization, PS interfaces, Patron load, portals and single sign on
   • Jean (ITD) - Security in Aleph and cross-functional proxies
   
   
3. Group education issues - need to get up to speed/perform research across USMAI
   
   • Current state of affairs - Identity management systems on each campus - Active Directory, LDAP; PeopleSoft, Banner, etc.
   • Metalib/EzProxy Authentication (Dave K.)
   • Intro to Aleph Permissions (John Coogan) [Task - John and Jamal to review issues and survey consortium as subgroup, present issues and options to group]
   • Patron loader questions - load order, process, etc. Overview of current status and progress and review campus setups. [Peter - locate old questions from patron loader group.] Possible USMAI forum could be held for PL issues and reviewing current status with all schools, help campuses coming up with patron loaders.
   • Understanding Aleph authentication and patron file
   • ILLiad authentication/login and setup issues.
   • Ereserves systems authentication/login and setup issues.
   • Tie-ins with stats collection
   
   
5. Next meeting:
   
   • John - review of Aleph securities issues and tasks from old security group
   • Educational reviews - Aleph and patron loader status; discussion of authentication on individual campuses and at consortium level
   • Discussion of survey on campus Auth systems and issues/ERP systems being used

Discussion with Dave Cooper about Digitool and Dspace. Working on university archives documents/administrative archives materials in Dspace (DRUM). He will provide overview of what CP is doing after next Auth meeting for those interested.

= password protected

Information Technology Division College Park, MD 20742-7011
Please send comments and suggestions to ITD's Webmaster.
Content questions should be directed to Authentication, Authorization, and Security Task Group.