Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID


An Introduction to TIER Reference Architecture

Sep 19, 2016, by Meredith Lovelace
Tags: TIER, TIER Software, Trust & Identity, Trust and Identity in Education and Research

By Tom Jordan, University of Wisconsin-Madison and Marlena Erdos, Independent

A small team of TIER architects has been working hard to define a "Reference Architecture" for the higher education community. 

What's a "Reference Architecture?" you might ask. Answer: A Reference Architecture is typically a set of diagrams and supporting text that describe the functional components in an overall distributed system. The TIER Reference Architecture shows components specifically for identity and access management in a higher education institution, and shows their relationship to each other.

The TIER Reference Architecture components consist of:

  • A Person Registry -- records of student, staff, faculty, guests, and other community members.
  • Authentication and Federation-related services -- components that enable verified, privacy-preserving user access to services both locally and at remote partners
  • Groups Service -- named collections of users for use in mailing lists and authorization rules
  • Provisioning -- a single point of management for user accounts at multiple local services and systems (e.g. legacy OSs, databases, etc)
  • Messaging Queuing Service -- "publish and subscribe" and reliable delivery functionality

In the TIER Reference Architecture, we provide a diagram aimed to help executives understand the business context of TIER components (business context diagram), and we also provide a more detailed technical view of the Reference Architecture  through the technical component diagram. Additionally, we've produced a Glossary of TIER Reference Architecture Components that provides definitions for each of the functional components that comprise the TIER architecture.

But wait, there's more! We have also created a series of narrative walkthroughs that describe how TIER components fulfill typical campus identity and access management needs, such as onboarding a new user, giving a user a new role, etc.

The team consists of Tom Jordan, TIER Reference Architecture lead (UW-Madison), Rob Carter (Duke), Warren Curry (University of Florida), Marlena Erdos (Independent) Gabor Eszes (Old Dominion), Keith Hazelton (UW-Madison), Michael Hodges (University of Hawaii), and Brian Savage (Boston College).

For more information about the TIER Reference Architecture, please visit this wiki page.

Thank you!

TIER Reference Architecture Diagram (technical view, click for larger view) as of September 2016. For additional TIER Reference Architecture diagrams and context, please visit the wiki page, The TIER Reference Architecture.