Bridging the Gap: Integrating Authentication w/ Authorization to Solve Critical Access Challenges скачать в хорошем качестве

Bridging the Gap: Integrating Authentication w/ Authorization to Solve Critical Access Challenges

Higher education institutions face ongoing challenges in efficiently managing who can access what resources and why. IT departments are overwhelmed with managing access to services and applications, enforcing licensing controls, and handling departmental access requests. Immediately deprovisioning access from people who leave the institution is especially difficult. Manual verification of training requirements to ensure only certified individuals can access certain resources drains staff time, creates security risks, and delays legitimate access requests. Addressing these issues means moving beyond requiring thousands of services to block invalid access, merging authentication with authorization. In this webinar, the University of Pennsylvania, Harvard University, and the University of Alaska will share how they each tackled this critical authorization challenge. –University of Pennsylvania will showcase how they delivered “front door authorization” to block invalid access using Grouper coarse-grained reference groups, specific policy groups, and options for custom error pages to facilitate self-service license management and reduce tickets. –Harvard University will share how they transitioned from relying on individual applications for access control to implementing a centralized Grouper “front door” for coarse-grained authorization. This approach enhances scalability and user experience by providing frictionless access to the right resources for the right identities at the right time, while ensuring that only individuals with a current Harvard affiliation can access applications. –University of Alaska will present their training-based access management solution, which integrates a centralized training and certification database with Shibboleth. UA utilizes the same “front door authorization” approach to enable sign-ins to stop at the IdP if they do not have required training or certification. Some training providers are integrated in real-time so that user action to complete training or certification can by itself enable access, which will be demonstrated in this webinar. Join us to learn how these institutions transformed their IAM systems from siloed authentication / authorization to centralized and easy-to-manage frameworks to block invalid access. You’ll gain practical insights, architectural blueprints, and implementation strategies to address your own authorization challenges. Speakers: –Chris Hyzer, Application Architect, University of Pennsylvania —Garick Hamlin, IAM Architect, University of Pennsylvania –Alpha Sanneh, Associate Director, Identity and Access Management,Harvard University –Erin Rankin, Senior Software Engineer, Harvard University –David Bantz, Identity and Access Management, University of Alaska –Orlandis Brown, Identity and Access Management, University of Alaska Slide Presentation: https://drive.google.com/file/d/1UJ8_...