An Identity Management Framework and Maturity Model for the Australian and New Zealand Higher Education Sector

Date Added: Jan 2010
Format: PDF

The CAUDIT Standing Committee for Technical Standards has developed an online compendium of information to assist large institutions and research centers with Identity and Access Management (IAM). This compendium was developed from the Middleware Action Plan and Strategy (MAPS) Project that comes under the Australian Government's Systemic Infrastructure Initiative. This compendium provides a framework so that higher institutions are able to ensure safe IAM. This compendium also illustrates the spectrum of processes, policies, and technologies involved in such identity management. The framework defined in this paper works on six different classes that are based on a logical timeline of significant processes in case of identity management. The six classifications include - governance and policy; identification and credentialing; attribute aggregation; authentication and assertions; transport; and relying parties and resources. This compendium for identity management has been provided with a maturity model will help organisations in defining what improvement means for an organisation and in prioritising actions. This resource available from the CAUDIT Standing Committee is living and can be improved and changed with the contributions of the community. The paper suggests identity and access management as critical for higher education institutions because it helps in mitigating security risks, while protecting confidentiality and integrity of information. AIM also helps to maintain availability of data and resources, while ensuring authenticity and non-repudiation of transactions.