managing user access how to manage the herd
play

Managing User Access: How to Manage the Herd August 8, 2018 UCCSC - PowerPoint PPT Presentation

Apr 06, 2023 •304 likes •503 views

Managing User Access: How to Manage the Herd August 8, 2018 UCCSC 2018 UC Davis Jeffrey Crawford UCLA IDM Solutions Architect Warren Leung UCLA IDM Program Manager Information Technology Services Information Technology

  1. Managing User Access: How to Manage the Herd August 8, 2018 UCCSC 2018 – UC Davis Jeffrey Crawford – UCLA – IDM Solutions Architect Warren Leung – UCLA – IDM Program Manager Information Technology Services Information Technology Services

  2. What challenges do you face when managing access for your users? Information Technology Services Information Technology Services

  3. The Challenges ● Takes too long ● Repetitive ● Unsure of what access users need or have ● Removing access? 3 Information Technology Services

  4. Why is Identity no longer enough? Information Technology Services Information Technology Services

  5. Problems ● Access based on account status ● Modify access on account change ● Access under departmental control ● Audit access across the enterprise ● Maintain access sanity ● Exception cases 6 Information Technology Services

  6. Internet2 Grouper Information Technology Services Information Technology Services

  7. What is Grouper ● Distributed enterprise access management system ● Trust and Identity in Education and Research (TIER) Initiative ● NIST 800-162 – Attribute Based Access Control (ABAC) 8 Information Technology Services

  8. Key Grouper Features ● Auditing ● Delegation ● Group Math ● Grouper Rules (Triggers) ● Web Service ● Attestation ● Time based Management 9 Information Technology Services

  9. Examples: Data Center VPN Access 10 Information Technology Services

  10. Delegation ● Departments know their access best ● IAM doesn’t need to know the details ● Access granting/removal is tracked ● Departments can use reference groups ● Based off the Grouper Deployment Guide 11 Information Technology Services

  11. Grouper at UCLA Information Technology Services Information Technology Services

  12. Distributed Administrative Computing Security System (DACSS) at UCLA ● Legacy system ● Delegated administration ● Fine grained access control ● How do we transition to Grouper? 13 Information Technology Services

  13. UCLA Grouper Use Cases ● Multi-factor Authentication ● MyUCLA (Student Portal) ● BruinCard (Door Access Management) ● AWS Management 14 Information Technology Services

  14. UCLA Proposed Grouper Architecture 15 Information Technology Services

  15. Grouper at UCSC Information Technology Services Information Technology Services

  16. UCSC Grouper Architecture 17 Information Technology Services

  17. UCSC Grouper Use Cases ● VPN Access ● CruzID Manager (Access Control) ● Public Groups ● Campus Group Access 18 Information Technology Services

  18. Best Practices for Deployment ● Note the lack of structural differences ● Use TIER as a starting point ● Talk to your developers and functional teams to understand their application ● Talk to Security about sensitivity of groups 20 Information Technology Services

  19. Resources ● Grouper: https://www.internet2.edu/products- services/trust-identity/grouper/ ● IAMUCLA: https://www.it.ucla.edu/iamucla ● TIER Grouper Deployment: https://spaces.at.internet2.edu/x/mgAZBg ● Contacts: jcrawford@it.ucla.edu, wleung@it.ucla.edu 23 Information Technology Services

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Implementation, Visualization and User Interfaces Advanced Herd Management Thomas N. Madsen

Implementation, Visualization and User Interfaces Advanced Herd Management Thomas N. Madsen

Implementation, Visualization and User Interfaces Advanced Herd Management Thomas N. Madsen Technology | Network | Management Advanced Herd Management - Implementation, Visualization and User Interfaces Outline GUI Design Making

318 views • 11 slides
GUI Design Making the Right Choices Causes: 1.Lack of graphical representation of your

GUI Design Making the Right Choices Causes: 1.Lack of graphical representation of your

Advanced Herd Management - Implementation, Visualization and User Interfaces Outline GUI Design Making the Right Choices Case Examples: Implementation, Visualization and SimHerd User Interfaces FarmOnline Advanced Herd

333 views • 6 slides
Protection Drivers Objectives By the end of todays session we will 1. use File Access to

Protection Drivers Objectives By the end of todays session we will 1. use File Access to

Protection Drivers Objectives By the end of todays session we will 1. use File Access to restrict access to files from applications and manage any known exceptions 2. manage application access and manage any known exceptions 3. block

291 views • 17 slides
Navigate Client Account Access Navigate offers the ability to manage and view your accounts

Navigate Client Account Access Navigate offers the ability to manage and view your accounts

Contact Us Phone: 704-841-2424 www.princeparker.com Navigate Client Account Access Navigate offers the ability to manage and view your accounts through a user friendly, secure website. You can upload accounts, view accounts, upload

358 views • 12 slides
ACCESS FY17 ACCESS o What does ODS do? Who do we serve, ADA/Rehabilitation Act o How I have seen

ACCESS FY17 ACCESS o What does ODS do? Who do we serve, ADA/Rehabilitation Act o How I have seen

ACCESS FY17 ACCESS o What does ODS do? Who do we serve, ADA/Rehabilitation Act o How I have seen other universities manage access o Two main funding Source- IFC & General Funds o ODS & Access IFC Same department, different areas of

418 views • 10 slides
RISKY BUSINESS: How To Manage Your Best Interest Duty And Manage Claims Effectively Mark

RISKY BUSINESS: How To Manage Your Best Interest Duty And Manage Claims Effectively Mark

RISKY BUSINESS: How To Manage Your Best Interest Duty And Manage Claims Effectively Mark Everingham Managing Director of Personal Risk Professionals AGENDA Insurance inside vs outside of Superannuation Top 5 lessons to learn regarding

757 views • 43 slides
1 Herd Immunity Herd Immunity Herd immunity protects not only yourself, but those who are

1 Herd Immunity Herd Immunity Herd immunity protects not only yourself, but those who are

Background Influenza Vaccination Influenza is also known as the flu Contagious respiratory illness which can cause severe illness can result in hospitalization or death Spreads by droplets (e.g. infected person coughs, sneezes,

430 views • 4 slides
Herd management for the 21 st century www.bovisync.com What is ? Herd

Herd management for the 21 st century www.bovisync.com What is ? Herd

Herd management for the 21 st century www.bovisync.com What is ? Herd management software for dairy and beef operations of any size The software is customized to your dairy allowing you to improve management while

661 views • 37 slides
virtual machines 1 last time access control lists user ID and group ID tracking IDs in kernel

virtual machines 1 last time access control lists user ID and group ID tracking IDs in kernel

virtual machines 1 last time access control lists user ID and group ID tracking IDs in kernel delegating naming, authentication to user programs set-user-ID programs: controlled access to priv. functions extremely tricky to write securely

1.3k views • 109 slides
Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at BlaBlaCar pgDay Paris, Mar 15, 2018 BlaBlaCar Overview Todays agenda PostgreSQL usage at BlaBlaCar Switching to a new implementation

844 views • 40 slides
A System to Specify and Manage Multipolicy Access Control Models Elisa Bertino Barbara Catania

A System to Specify and Manage Multipolicy Access Control Models Elisa Bertino Barbara Catania

Policy 2002: IEEE 3rd International Workshop on Policies for Distributed Systems and Networks Hosted by the Naval Postgraduate School , Monterey, California, U.S.A. June 5-7, 2002 A System to Specify and Manage Multipolicy Access Control Models

671 views • 29 slides
Distributed Systems User-directed connection to access remote resources We want more

Distributed Systems User-directed connection to access remote resources We want more

Accessing files FTP, telnet : Explicit access Distributed Systems User-directed connection to access remote resources We want more transparency Distributed File Systems Allow user to access remote resources just as local ones Paul

247 views • 3 slides
Managing Notices of Allowance, Issue Fee Payment and Continuation Practice How to Manage Final

Managing Notices of Allowance, Issue Fee Payment and Continuation Practice How to Manage Final

Managing Notices of Allowance, Issue Fee Payment and Continuation Practice How to Manage Final Office Actions and Responses and RCE Practice Presenters: Ann McCrackin, President, Black Hills IP, LLC Peter Rebuffoni, Manager of Legal

440 views • 13 slides
Managing Stress How to help your student (and you) manage stress Agenda/Goals Brain

Managing Stress How to help your student (and you) manage stress Agenda/Goals Brain

Managing Stress How to help your student (and you) manage stress Agenda/Goals Brain Development and Education on Brain Function in relation to stress Strategies and tools to manage stress Practice Brain Development and Function Dr.

674 views • 9 slides
Insurance alone is not enough! From managing policies to managing risks Onno Bloemers First Day

Insurance alone is not enough! From managing policies to managing risks Onno Bloemers First Day

Insurance alone is not enough! From managing policies to managing risks Onno Bloemers First Day Advisory Group | InConnect | Kruzr Basel, Open-Insurance Day - 02 | November 21, 2019 About me a brief introduction Reinventing how we manage

686 views • 43 slides
setroubleshoot A User Friendly Tool to Diagnose & Manage AVC Denials John Dennis - Red Hat

setroubleshoot A User Friendly Tool to Diagnose & Manage AVC Denials John Dennis - Red Hat

setroubleshoot A User Friendly Tool to Diagnose & Manage AVC Denials John Dennis - Red Hat http://hosted.fedoraproject.org/projects/setroubleshoot Why is adoption slow? Developers won't work with SELinux enabled Perceived as

401 views • 25 slides
Wastewater reuse in the Mediterranean region: Case of Morocco Hirich Abdelaziz, Agronomic and

Wastewater reuse in the Mediterranean region: Case of Morocco Hirich Abdelaziz, Agronomic and

World Wide Workshop for Young Environmental Scientists Wastewater reuse in the Mediterranean region: Case of Morocco Hirich Abdelaziz, Agronomic and Veterinary Medicine Hassan II Institute, Morocco 0307 June, 2013 Paris, France 1/13

194 views • 16 slides
www.tanzaniahorticulture.com WHAT IS TAHA? An apex private sector member based

www.tanzaniahorticulture.com WHAT IS TAHA? An apex private sector member based

www.tanzaniahorticulture.com WHAT IS TAHA? An apex private sector member based organization, established with a key purpose of transforming the industry: mobilize, connect and build capaciti es. A platform to catalyze actions and

353 views • 32 slides
OBT Formation in Night Experiments and OBT Formation in Night Experiments and OBT Formation in

OBT Formation in Night Experiments and OBT Formation in Night Experiments and OBT Formation in

OBT Formation in Night Experiments and OBT Formation in Night Experiments and OBT Formation in Night Experiments and Modeling Trials at CRL Modeling Trials at CRL Modeling Trials at CRL January 25-29, 2010 Sang Bog Kim, Ph.D. Research

688 views • 39 slides
UNNAT BHARAT ABHIYAN Prof. R. K. Panda UBA Coordinator & Dean (R&D) INDIAN INSTITUTE OF

UNNAT BHARAT ABHIYAN Prof. R. K. Panda UBA Coordinator & Dean (R&D) INDIAN INSTITUTE OF

UNNAT BHARAT ABHIYAN Prof. R. K. Panda UBA Coordinator & Dean (R&D) INDIAN INSTITUTE OF TECHNOLOGY BHUBANESWAR Adopted Villages under UBA Jorkul (Block: Banki, Dist: Cuttack, Odisha) 1. Argul (T ehsil: Jatni, Dist: Khurda, Odisha)

343 views • 15 slides
WILD FISH CHALLENGE! QUESTION: HAVE YOU EVER GONE FISHING? DID YOU CATCH EXACTLY WHAT YOU WANTED

WILD FISH CHALLENGE! QUESTION: HAVE YOU EVER GONE FISHING? DID YOU CATCH EXACTLY WHAT YOU WANTED

BIGGEST CHALLENGE: WILD SUPPLY FLUCTUATIONS RELATIVELY CONSISTENT DEMAND WILD FISH CHALLENGE! QUESTION: HAVE YOU EVER GONE FISHING? DID YOU CATCH EXACTLY WHAT YOU WANTED TO? SOLUTION! KNOWLEDGE COMMUNICATION

525 views • 8 slides
Tab B No. 4(a-1) Red grouper stock is neither overfished or experiencing overfishing based on

Tab B No. 4(a-1) Red grouper stock is neither overfished or experiencing overfishing based on

Tab B No. 4(a-1) Red grouper stock is neither overfished or experiencing overfishing based on SEDAR 42 (2015) SSC recommendations included: Yield stream projections for 2016-2020 A constant catch yield stream projection Year

173 views • 15 slides
Status Determination Criteria and Optimum Yield for Reef Fish and Red Drum Steven Atran Gulf

Status Determination Criteria and Optimum Yield for Reef Fish and Red Drum Steven Atran Gulf

Tab B, No. 6(a) Status Determination Criteria and Optimum Yield for Reef Fish and Red Drum Steven Atran Gulf Council, Reef Fish Committee Gulfport, Mississippi April 17, 2018 Action 1 MSY Proxies Action 2 MSST Action 3

346 views • 34 slides
Goliath grouper management stakeholder project Kai Lorenzen Kai Lorenzen, Jessica Sutt, Joy ,

Goliath grouper management stakeholder project Kai Lorenzen Kai Lorenzen, Jessica Sutt, Joy ,

Goliath grouper management stakeholder project Kai Lorenzen Kai Lorenzen, Jessica Sutt, Joy , Jessica Sutt, Joy Hazell Hazell, , Kai Lorenzen Kai Lorenzen , Jessica Sutt, Joy , Jessica Sutt, Joy Hazell Hazell , , Bryan Fluech Bryan

890 views • 21 slides

More recommend