A Division of Information Services
Identity Management Services
Overview
Identity Management Services is responsible for:
- The identification, authentication, and authorization
infrastructure (IAA) at the Lawrence and Edwards
campuses;
- Central resources computer account creation and
management;
- Data provisioning into enterprise and department
systems.
To perform these functions, we aggregate information from
various university databases of record, creating a "registry"
database from which business logic can make decisions about
authorizations and roles in the university.
This registry, along with the business logic used to interpret it,
is called a "metadirectory". This metadirectory, known as AIMS
(Account and Identity Management System) along with the LDAP
directory service it provisions, and associated group and
authorization databases, provide our enterprise directory at KU.
We use the Enterprise Directory to provision our Exchange address
book, our Blackboard courses, our Exchange distribution lists, and
many other systems.
Click to see an Identity
Management Architecture diagram. The systems listed are not
a complete listing, but are suggestive of the types of systems.
Yes, there should be something about PKI on these pages. It will
come.
Copyright
© 2005 by the University of Kansas
