CAMP: Bridging Security and Identity Management

Major Initiatives Resources Professional Development Community About EDUCAUSE

You are receiving this message because your browser is not JavaScript-enabled. We recommend you enable JavaScript in your browser, which is required to exploit the full functionality of the EDUCAUSE Web site, to ensure the best possible experience on our site.

CAMP: Bridging Security and Identity Management

February 13–15, 2008
Tempe Mission Palms, Tempe, Arizona

Wondering how your campus will comply with the growing number of state and federal privacy requirements? Struggling to keep up with the increase in the number of applications and ensuring that their security and access requirements adhere to your policies? Concerned about using outsourced services and the need to supply personally identifiable information to third-party providers for access control?

Consider attending this workshop to learn about practical approaches for addressing these questions. We will explore issues surrounding the three themes of privacy and compliance, threat and risk mitigation, and scalability, each of which requires a bridge between security and identity management.

To address privacy, identity and access management (IAM) is used to reduce exposure of personally identifiable information and other important resources and services.
To address compliance, IAM and related functions of logging, tracking, and provisioning access are critical to achieving this goal.
To scale all of this requires an eye toward reducing complexity, which IAM does by correlating identity and access across campus applications and systems and enabling the consistent application of institutional policy.

This workshop will offer interactive education and guidance to higher education CIOs and IT managers, IAM architects, security professionals, and application developers. Institutions are encouraged to send a cross-functional team, particularly from the IAM and security areas, to work through the planning process together. You will leave with concrete management and technical approaches for:

Balancing the use of access control methods at the application and network layers
Leading an effort to define roles and groups for managing access to systems
Building Web applications using the right identity-based approach for your security requirements
Leveraging IAM principles for authenticated guest access to your wireless network
Using a risk assessment to drive your authentication infrastructure
Using IAM to abate your use of Social Security numbers
Meeting compliance requirements and how IAM can help

Participants are also encouraged to have a working knowledge of IAM and security to learn the most from the sessions. For those interested in introductions to either topic, consider attending the preworkshop seminars "Security: The Big Picture" or "Identity and Access Management: The Big Picture." Additional IAM references include the Enterprise Directory and Authentication Roadmaps or the Getting Started section of the NMI-EDIT Web site. For more information on security, see the EDUCAUSE/Internet2 Computer and Network Security Task Force Web site.

CAMP is sponsored by the National Science Foundation Middleware Initiative-Enterprise and Desktop Integration Technologies (NMI-EDIT) Consortium: EDUCAUSE and Internet2. Additional support was provided by the National Science Foundation Cooperative Agreement OCI-0330626.

For more information on the CAMP sponsors, please see the NMI-EDIT Web site.

Need Help? | Feedback | Privacy Policy

Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances).