October IM Forum meeting

Europe/London

Present: Tom Dack (Minutes), David Crooks, Paul Jeffreys, John Powell, Andrew Christian, Eliot Hall, Ian Collier, Jens Jensen, Jonathan Dearden, Michael Hopkins, Paul Clayson, Simon Hodder, Anton Lawrence, Paul Barrett

Apologies: David Kelsey, Niaz Khan, Rob Williams, Colin Morey, Hannah Griffin, Philip Garrad, Giles Case, Dave Pepler, Emma Roberts,

  • Welcome
    • Goal: in parallel to UKRI work, STFC should be aware of its use-cases, and feed back into UKRI development as progresses
  • URKI IAM Project Update
    • UKRI is currently waiting for return of report from ProofID
    • Waiting for CDR review/update
  • Catchup and discussion
  • Technical Meeting Topics
    • Questions from the whole panel and thoughts for the technical delivery team
    •  
    • CDR replacement:
      Originally thought to be a drop-in replacement, but now seems to be a larger piece of work/change - surprised it is different
      Is this the case?
      Technology changes - no longer a direct SQL, rather a shift to API and changes in protocols. The functionality will be the same, but interactions may change.
      David C and Simon H note the API is of particularly important - test enivironment, and work to be done with QA/Integration testing
    • Jens: How are identities used outside the organisation?
      Not Office365 questions, but rather UKAMF and eduGAIN questions.
      How can the backend be migrated so that the transition is as smooth as possible for uses
      Ian: specific question of the Shibboleth IdP - how STFC identities are made available to eduGAIN. Is of particular value, and must be as good or better
      Primary concern is that identities do not change, as if they did this would cause notable pain for users.
      David: stfc.ac.uk identities are exceedingly important for STFC work
    • John P: alongside the CDR work, looking at methods of how identies are managed, and data retention, etc and in particular how this can mature
      First face is no-impact to business processes, and will be considering maturity and future business impacts.
      Jens notes that this is encouraging. Notes the Refeds assurance framework. A common approach wherever there is identity management would be useful.
      3rd of March deadline for current phase of governance work, before moving into analysis
      Diamond concerns about fit-for-purpose of changes
    • Password Resets
      A method for getting passwords securely to users is important - as long as there is  a mechanism, the implementation is not a problem

    •  
    • Next phase: return from John & John for review and further discussion
      One single playback to all (this group and the workshops) will likely be the method of recap, rather than splintering the discussion
      Proposes 13th March for CDR replacement review, as that gives the UKRI side team to review and plan
       
  • AOB & Next Meeting
    • Next meeting in a few weeks, to coincide with the CDR review status. To be circulated by Tom and David.
There are minutes attached to this event. Show them.
    • 1
      Welcome
    • 2
      UKRI IAM Project update
    • 3
      Technical meeting topics
      • Gather technical topics to bring to our next meeting
    • 4
      AOB and next meeting