Charles Sturt University
Charles Sturt University

Identity and Access Management

CSU's Identity Management (IDM) architecture and processes relate to the management of information pertaining to people and their access to computerised systems. 

Key Concepts

  • Identity Data Capture: Collection and electronic storage of attributes relating to individuals and how they are affiliated with the University
  • Identity Verification:  The process of gaining a level of assurance that a person is who they claim to be
  • Identity Reconciliation: Comparing new identities against existing identity records to identify duplicates
  • Credential Allocation: Issuing and management of usernames, passwords or any other methods of authentication
  • Grouping: Automatically or manually assigning identities into cohorts to ensure the correct access to services is granted
  • Access Federations: Managing participation in federated authentication organisations to extend access control to offerings of other service providers
  • Authentication services:  Comparing asserted credentials against those on record to prevent unauthorised access to services
  • Auditing: Comprehensive logging of changes to identity data, cohort membership and access to services

IDM at CSU

The CSU IDM architecture is a distributed, rather than centralised, model. 

In a centralised model, identity data is captured in a central Identity Management Application that reconciles the identity against all existing identity records, establishes an identity record and then distributes the details to other information systems.  

This differs from a distributed approach where the identity data is collected in contributing applications (Identity Gateways) and then transferred to a central identity repository.  This central IDM application performs the functions listed above.

Key Artefacts

TitleDescriptionDate

CSU IDM Architecture

Diagrammatically shows:

  1. The interrelationship between systems that constitute the IDM architecture.
  2. The procedural and functional aspects of the IDM process

Dec 2015

Trust-Level Framework

Proposed framework relating to Trust Levels for identities that have an affiliation with CSU

Nov 2015*

IDM Roadmap

Roadmap for ongoing expansion of IDM capability

April 2017

IDM PSI Considerations

Identity and Access Management – current state and considerations for prospective students

Aug 2015

 PSI Proposal

Prospective Student Identities - project proposal

Dec 2015

*- Document currently under review / redevelopment