Most universities deal with multiple systems of record for identities - HR, student systems, alumni systems, etc. Many campuses have developed home-grown identity match tools to reconcile the same identity from more than one system of record. Higher Education has yet to produce a generic, community source identity match engine that can be used at multiple institutions. Such a generic ID match engine is one goal of the CIFER project, and UC Berkeley has made considerable investment in this goal. This presentation will describe the ID Match engine, the CIFER ID Match API, integration between the ID Match Engine and Open Registry, and administrative interfaces for resolving fuzzy matches. The goal is to submit this project as an Apereo incubation project during calendar year 2013, and hopefully recruit additional campuses to support the migration of this ID Match engine to a community project.
Many schools adopt Sakai because, as an open-source platform, each campus can meet local needs by making changes to the source code. Yet when is it sensible and sustainable to make local customizations? How do you weigh and prioritize the feedback and requests of a diverse population of faculty and students? And once you've committed to making changes, how do you establish an effective and repeatable process for implementing, testing, and evaluating efficacy?
With such a vibrant development community, we don't always have to reinvent the wheel. How can we discover and leverage customizations made by other schools in a sometimes chaotic, open-source community? And how best to manage campus expectations regarding new development, when just because we can make local changes doesn't always mean we should?
Interest in Multi-factor Authentication (MFA) has been growing for a number of reasons, including increasing attack vectors for compromising passwords, use cases for higher levels of identity assurance, and expanded technologies to provide MFA (e.g. phone-based approaches). Combining MFA with one's Single Sign-on (SSO) system (CAS, Shibboleth) allows one to leverage MFA for many on-campus and federated services. Both the NSTIC-funded Internet Scalable Privacy Project ( https://spaces.internet2.edu/x/Y... ), and the InCommon Assurance Program ( http://www.incommon.org/assurance/ ) are helping to fund efforts to define and implement standard patterns for effective integration of MFA with Shib and CAS. This presentation will describe how MFA is being integrated into both the Shib Identity Provider and CAS Server, and provide some demonstrations of current MFA integrations with both.
by Russ Little
High Level overview of the Student Success Plan (SSP), a status update on the project, and a chance to see the new 2.x features including the new Academic Advising tools (MAP). SSP is a thriving project, and moving ahead with new features, implementations and actively building community. We invite you to come learn more about how technology can support student success, retention and completion.
Integrating third party site information into your Sakai CLE course should be seamless and free from pain. This session will highlight some best practices as well as potential trouble spots with highlights from our experiences integrating with Kaltura, ScormCloud and other third party sites or services.
by Jeff Davidson and Jason Smith
In this session, we will review and articulate the benefits of integrating third party tools into our instance of Sakai. These include single methodology for course evaluation delivery, enhanced communication tools, improved integrity of testing procedures, resolution of limited quotas for storage media, and supplemental tutoring. We will also look at some of the challenges such as technical glitches, accessibility issues, support, authentication (single sign on versus separate authentication), instructional design, training, and system upgrades. Our review will focus on the following tools:
This presentation describes the top ten security issues associated with coding. Examples are included. Discussion centers around the application of this knowledge to coding practices. There will be a section on integration best practices and avoiding common pitfalls. Subjects like TLS certificates, backup regimes and monitoring will be explored. Further, the security processes around Sakai CLE are explained. How to write a security bug report and how it ends up as a security alert.
The presentation will be centered around advice from OWASP. Coding examples will be based on Java and will be applicable to Java based projects such as CAS/uPortal and Sakai.
This is a great opportunity for further reach out to those interested in this field and across projects. The target audience are developers and integrators. This is a good place for people to start meeting and discussing cross cutting concerns, especially between projects.
The last several quarters have brought us game-changing new innovations for bringing content from your SIS and LMS into uPortal. Many of these focus on the Courses portlet, but the Calendar, Map, and Notification portlets also play an important role.
We will look at the cool new advances that are available now, and some that are under development. We will hear about or directly from several schools working with these technologies and the methods they've found to be effective in this area.
> University of Wisconsin - Madison has developed a suite of portlets that display a dashboard into the university's HR system. Employees can view pay stubs, tax statements, benefits enrollment information, time recording, and their contact information. Managers can view pending employee time management tasks such as approving absence, payable time and leave requests. The portlets have existing integration implementations with PeopleSoft HR and Cypress, a document management solution, but are pluggable to be usable with any backend data source.
by Benjamin Oshrin and Chris Hyzer
When needs for exchanging identity data across applications cannot be met using simple standards like LDAP, custom integration work is generally required. Operations such as creating identity records, provisioning identity data, and managing group data are common across institutions, yet are implemented using custom code.
This session will introduce the REST-oriented CIFER APIs, designed to provide a common mechanism for these sorts of integrations. A status report will be provided on the active development of the Core Schema, SOR-Registry API, ID Match API, Registry Extraction API, and Group API.
2nd–7th June 2013