SGHE Summit – Banner Enterprise Identity Management (BEIS)

by | April 27, 2010

SGHE Summit – Banner Enterprise Identity Management (BEIS) – Dan Sterling and Mark B

Definitions (Identity Management in Action)

  • Provisioning (Create IDs)
  • Authentication (AuthN) – is the user allowed to access the system
  • Authorization (AuthZ) – is the user allowed to access services within the system

Identity Mgmt in Banner ODC

  • Standardization
  • Banner Database Components
  • Middle Tier Components
  • Provisioning Support and Architecture
  • Authentication Architecture
  • Authorization Architecture

IDM Goals

  • adopt a standard UDC Identity definition with UDC Identitfier (GUID for SGHE apps)
  • support user provisioning from Banner
  • support user provisioning to SGHE apps

Common Identity Definition

  • foundation of BEIS architecture is common
    • using W3C XML Schema – using SPML and HR XML standard
      UDCIdentity some of the data can be mapped to eduPerson attributes
  • if you license any Banner product you can download, install and use BEIS without any licensing

Software Prerequisites

  • Banner General 8, Intcomp, Oracle 10gR2 DB and App Server
  • Data mining via Oracle Streams and Advance Queuing
  • Banner Streams Capture and Apply API – gp_streams_utils
  • Banner Streams Metadata Form – guasadm
  • Banner General Rules Form – gorrsql
  • CAS and

Identity Data Export Utilities

  • UDCIdentifier Assigner
  • UDCIdentifier Extractor
  • LDIF Generator
  • SPML LDAP Adapter

Authentication Support

  • local native authn
  • ldap authn
  • claims based authn – applications are configured to not authn and accept an assertion (CAS is an example)

Supported are INB, BSS, Travel & Expense, BDMS

One thought on “SGHE Summit – Banner Enterprise Identity Management (BEIS)

  1. Pingback: Tweets that mention Enterprise Architecture in Higher Education » SGHE Summit – Banner Enterprise Identity Management (BEIS) --

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.