Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID


Campus Success Program – Creating A Model for Campus Collaboration

Jun 18, 2018, by Dean Woodbeck
Tags: Recent Posts, TIER, Trust & Identity

By Jack Suess, Vice President of Information Technology and CIO, University of Maryland-Baltimore County

In 2000, UMBC was picked as one of ten institutions for a program named the Internet2 Early Adopters program. The aim of that program was to establish LDAP-based identity services and set up an Identity Management System. Doing a quick Google search, I found a presentation from fall 2000 on the Internet2 website. The Early Adopter's program was one of the most important efforts our campus ever did, due to the fact that it built human relationships that still last today. Some of the people who were involved included Ann West and Tom Barton as campus representatives and Ken Klingenstein as the director of the Internet2 Middleware Initiative. What benefited me as CIO was the opportunity to learn from the thought leaders and the other campuses to rethink our approach and greatly improve our services. This effort led us to be an early adopter in InCommon and dramatically changed how we deploy services.

One of the downsides of being in the Early Adopter program was that we created our identity management system in 2000 and 2001, before tools like Grouper or CAS were released. In addition, over the last 17 years our local identity management system has evolved into approximately 100k lines of code with a number of customizations. When the TIER project was announced in 2015 we jumped at the opportunity to participate as an investor and were thrilled when we were selected to participate in the Campus Success Program (CSP).

UMBC is taking the opportunity to use the CSP program to fundamentally rethink how we do identity management. We are implementing all three software components and looking at how we can use this opportunity to retire some of our technical debt from the custom identity code and replace that with a system that is extensible and will be supported for the foreseeable future. Our plan is to leverage the TIER approach to microservices for deployment and rethink how we manage access control through Grouper. We hope to leverage community tools and best practices to build our identity registry.

What makes the CSP program so valuable is the collaboration that takes place among the CSP schools. UMBC has benefited from the work that other CSP schools have done on documenting Grouper and the shared training for midPoint. The regular calls and face-to-face meetings have been essential to building the expertise of my team and the relationships formed have made a real difference in shaping our direction.

I'll end with a thought for the TIER investor community. The $75,000 we each committed was necessary to get us to this point; however, to achieve the overarching goals of the project we need investor schools to adopt some or all of the TIER components. To do this we need to continue to build community expertise and best practices through efforts such as the CSP or whatever program follows on. Participating in these efforts can be a big commitment in staff time but the benefits of building the community will pay dividends to your institution for years to come.