Identify Local Users
Go back |
---|
This section guides you through a process to collect all known information about your organization's users and collect it for use as a basis for a NIEF Identity Provider (IDP).
To implement a NIEF IDP, you must gather existing sources of information about your local users. These sources may consist of a user directory, a database system, applications that manage user identities, various web services, and organizational policies and other documents.
A user directory may be implemented as LDAP or Active Directory or some other in-house or commercial system. A database may be implemented as a system such as Oracle or SQL Server or one of many other commercial or open-source systems. Other sources may include user applications such as criminal information systems, case management systems, or records management systems. These systems will then serve as the providers of local user information to the federation member's IDP.
Each source about local users should provide information such as the following:
- Name, address, phone number
- E-mail address
- Unique user ID
- Home organization, employer, assignment, job classification
- Certifications and clearances
- Permissions and privileges
- Electronic or digital identity
In addition, there may be other, more indirect sources of information about users. Organizations typically have documented security policies. Users may also be required to sign user agreements, which typically specify levels of training or qualifications for the user. These may specify conditions of employment such as background checks, user qualifications, certifications, or security clearances.
Three specific instances of these types of documents include the following:
|
A document that describes the security policy currently in place within your organization. |
|
A document that describes the terms and conditions to which your users must agree as a prerequisite for using an electronic identity issued by your organization. |
|
A document that describes the user-vetting policies and procedures that are currently in place within your organization. |
Implicit or derived information from the above documents can add to the knowledge base about your users, either individually or as a group. At this point, you should collect these documents from your organization and use them as a basis for additional knowledge about your users. In addition to serving as sources of information about users, the three documents listed above will likely be used to attain additional Trustmarks from your Trustmark Provider.
After you finish this section, your NIEF Information Sharing Plan should include details about all your sources of user information and also document details about which specific information is available for users from each source. This information will eventually be configured within your Identity Provider Product to map to appropriate NIEF Attributes.
Go back |
---|