OIT Identity Management Services

Background

The Office of Information Technology (OIT) provides a suite of identity management and authentication services collectively referred to as Identity and Access Management services. Our mission is to provide secure and reliable enterprise identity and access management, and authorization services to the UCI community.

Our identity management database was developed by OIT using modern technologies and a relational database management system.

Glossary of Services and Technologies used at UCI

Campus Directory – The Campus directory contains identity information (Name, DOB, Title, etc.) and other (Office Address, Telephone Number, Fax Number, Department, etc.) about UCI affiliates including Faculty, Staff, Students, Applicants and others.

LDAP– LDAP (Lightweight Directory Access Protocol) is the service used by campus applications and end-user applications such as e-mail clients to obtain information (e.g. Names, E-Mail addresses, Phone Numbers, etc.) from the campus directory.

Kerberos – Kerberos is the network authentication protocol and the application suite that is used for authenticating UCInetID passwords. Kerberos is published by the Massachusetts Institute of Technology (MIT). Kerberos was developed by MIT, Digital Equipment Corporation and IBM in a joint project called Project Athena.

UCInetIDs – UCInetIDs are identifiers issued to each UCI affiliate to uniquely identify them to various campus services. UCInetIDs are activated through a process where the UCI affiliate associates a secret password and password reset question and answer with their UCInetID identity credential. UCInetIDs are currently limited to 8 alphanumeric characters, however, we are planning on increasing this limit by 2010.

WebAuth – WebAuth was developed by OIT to provide web applications with a secure, single sign-on authentication solution.

UC Trust – UC Trust is a working group and pilot project created by the UC Information Technology Leadership Council tasked with creating a unified identity and access management infrastructure for the University of California.

Shibboleth – The Shibboleth System is an open-source software package that provides web single sign-on across or within organizational boundaries. Shibboleth is a key component of the UC Trust federated identity management project. There is a growing list of UC Trust enabled applications.