future guest system (fgs) not fps note: the fgs does not represent a real name. i just made it up
TRANSCRIPT
Future Guest System (FGS)not FPS
NOTE: the FGS does not represent a real name. I just made it up.
What is FPS?
• An authentication system that allows users outside of Penn State to access Web-based applications inside of Penn State.– Currently FPS has 1.6+ million identities.– Features include:• Web-based account management system (
https://fps.psu.edu/).• Developer APIs.
Today’s Architecture
CACTUS
FPS
KerberosAccess
LDAPAccess
KerberosFPS
LDAPFPS
FPS Benefits
• Mitigates risk in that FPS users cannot use wireless and computer labs.
• Provides an identity instantly as opposed to the standard University process which can take up to 1-3 days.
FPS Problems
• Data Collection• Matching• Migration• Disjoint Name Space
THE FUTURE
The Future
• Penn State is currently developing a new Central Person Registry (CPR) that will consolidate identity information that is currently stored in separate non-integrated sources throughout the University.
CPR Architecture
Systems of Record
Registration Authorities
DatabaseWeb
Services
Service Providers
Data Views
Central Person Registry
Systems of Record
Registration Authorities
Service Provisioners
Data Views
DatabaseWeb
Services
Future Architecture
CPR
FPS
KerberosAccess
LDAPAccess
KerberosGuest
LDAPFPS
Benefits
• New system still mitigates risk as users cannot get on wireless or use lab machines.
• Matching is improved because it is done in the CPR as opposed to FPS, CIDR and CACTUS.
• A uniform name space will exist, the CPR will be responsible for provisioning identities, not the individual systems.
Benefits
• Migration will be a thing of the past.• The user will always have the same identity.