- DRAFT -

UC Identity Management Project Deliverables

This document is the end-product of Phase I of UC's federated Identity Management project.  It describes what the project will deliver.  While a detailed schedule will be determined in Phase II, completion is expected in the August, 2004 time frame.

The overall objective of this project is to enable members of UC campus communities (initially, UCSD, UCI, and UCLA) to access UC For Yourself (UCFY), Your Benefits Online (YBO), and CDL-licensed resources through the use of their local campus login systems.  More specifically, the project will deliver:
  1. Business criteria governing the use of campus identity management and authentiction infrastructures by system-wide services.  This will include the distinction between business and personal use of the campus logins.
  2. Standards governing the definition, release and appropriate use of a set of attributes that may be released from campus identity management systems to system-wide services.
  3. An initial set of attributes that will be released to UCFY/YBO and the CDL's content vendors.
  4. Technology selection to support federated identity management within UC.  [This has already been determined to be Shibboleth.]
  5. Integration of Shibboleth "origins" into the identity management infrastructures at UCLA, UCI, and UCSD.
  6. Integration of a Shibboleth "target" into UCFY, which bridges user identity information to YBO.
  7. Coordination with CDL vendors that have integrated Shibboleth "targets" into their services.
  8. A support plan that recognizes shared responsibilities between UCOP's support for UCFY and YBO, as well as the campuses' support for their authentication infrastructures.
Rollout will be phased.  We will introduce services to different communities of users on schedules that match the needs (and capacity for change) of the services and the services' users.

David Walker - 4/5/2004