Higher Education increasingly relies on services delivered electronically to accomplish its mission of delivering education and engaging in research. Most such services need some form of electronic based identity to control access to these services and ensure the security of the information contained in the services. At the same time, individual members of the community desire access methods that are user-friendly and non-intrusive. The investment by UW-Milwaukee in identity and access management services drives the continual improvement of technology and processes to meet these often conflicting goals in as effective a manner as possible. The objective of this document is to outline strategic goals that guide the decisions necessary to deliver and maintain the identity and access management services for UW-Milwaukee. These goals will be reviewed and revised each spring.
- maintain an electronic identity (ePantherACCOUNT) that is a secure method to identify, authenticate, and assert attributes about individuals to services provided to the UWM Community.
- maintain provisioning services for both the ePantherACCOUNT and enterprise application service profiles that are stable, and responsive.
- provide business processes and authentication infrastructure that meets the requirements of the UW System Credential Assessment Framework (CAF) and the InCommon-Silver Assurance Framework.
- provide business processes and authentication infrastructure that support the collaboration needs of local research efforts and meet the requirements of Federal granting agencies.
- provide an authentication function for application services delivered via the web that favors the use of the UWM SAML Service.
- provide an authorization function based on the passing of attributes to application services.
- participate in UW-System governance groups related to IAM and align local IAM efforts with the outcomes of those groups.
- participate in the InCommon Federation and consider participation in the InCommon Federation during the selection of externally hosted services that wish to use the ePantherACCOUNT for authentication.
- Approved by the IAAM Steering Committee 7/12/2013