ORCHESTRATING AN IDENTITY AND ACCESS MANAGEMENT IMPLEMENTATION

Session Speakers: Sara Rodgers, Aaron Perry

Lehigh University provides electronic resources and services to an expanding set of constituents, including not only the campus community of faculty, staff and students, but also distance education students, alumni, trustees, admitted students, parents, applicants, and partners from other institutions. We are currently on track to expand our user base by a factor of five within a five-year period. With this expanded user base, Lehigh is challenged with ensuring that the individuals using our systems are properly identified and are granted appropriate access. At the same time, protecting privacy and safeguarding confidential information, intellectual property and strategic information is essential, while guaranteeing compliance with the licensing and contractual agreements that allow the provision of these resources. In March, 2008, Lehigh launched an Identity and Access Management initiative as the foundation for its enterprise application security framework, embarking on a two-phase project that includes the implementation of Oracle Identity Manager. To accomplish our objectives we formed a project team which consists of stakeholders, project managers, architects, administrators, developers, and support staff, as well as external consultants. Phase I involved discovering the current business practices and functional/technical requirements to manage the life-cycles of our users. Based on the findings, we documented our current and future state, and designed the identity management solution that will replace our current home-grown system. Phase II is currently underway with development and testing; deployment is scheduled for early summer. This session will give the audience an opportunity to jam with us as we go through an interactive case study describing our challenges, experiences, and lessons learned. They will walk away with a better understanding of what is required of their institution in terms of people, process and technology to implement an identity and access management solution.