jump to navigation

Identity Management in Education July 28, 2012

Posted by ajackl in Education, Enterprise Architecture, Schools Interoperability Framework, Standards.

Over the next few months I am going to be attacking the issue of Identity Management in education.  As I  started framing this I was struck by the large number of different approaches and facets to this topic.  So I am going to post about three times a month or so and I will start by laying out in this post the topics I might cover.    Hopefully this will encourage some dialogue and give people a chance to react, ask questions and clarify anything that might be critical or interesting.

One set of questions my friend Wayne Ostler, from Pearson, asked me is:

  • What is this blog series trying to communicate?
  • Is it just wanting to inform readers about the issues/problem space?
  • Is this blog trying to suggest best practices?
  • Is this blog trying to set the stage for “standards”?

I am not sure… I think my intent is to explore this topic in a public space and use the conversation to inform the standards and to generate some best practices.

So here is a list of topics that  I hope to refine into a reasonable set of topics over the upcoming weeks:

Privacy: FERPA, HIPPA, record-level access, identifying data access, notification , disclosure, and consent
Security: encryption, authentication
Access: authorization, small-cell-size, drill through
Use of Social Security Number and other Personally-Identifiable-Information (PII) issues
Government mandates or funding:  “ARRA calling for cross-state, cross-segment data trails” (the government has many heads- not all of them realize what the implications are of what they are asking)

Types of Identifiers:  GUIDS, dot notation, URIs, content-based identifiers, biometrics

Person Identity vs. Record Identity:  Often people confuse these two and it is a critical issue when dealing with longitudinal data systems and identity.

Single-Sign-On (SSO) and Federated Identity

The dimensions of Identity Management: horizontal, vertical, cross-organizational, and time.

Building systems to manage identity in all its dimensions

The data elements needed to establish identity


Please let me know if there are topic areas I should include that I missed.  I look forward to exploring this topic!    Thank you!




1. RonK - July 28, 2012

These are a fairly ambitious list of topics, but I’d venture to suggest one more. Which of the competing technologies holds the most promise for education, and how / can they be combined to solve common identity management problems in an educational organization: OpenID, Shibboleth, SAML, LDAP, ….

ajackl - July 28, 2012

Good idea – I will add that to the list….

2. Brandt Redd - July 30, 2012

Hey Alex: Great set of topics! Recently I’ve been thinking about federated permissions. It’s probably a part Federated ID but one that doesn’t get enough attention. In May I wrote up a couple of use cases on my blog here: http://www.ofthat.com/2012/05/federated-permissions-post-facebook.html.

ajackl - July 30, 2012

Thanks Brandt. Yes- one of the issues with this topic is that there are dozens of child topics underneath it that are directly relevant. The question becomes what to talk about first and how. I will definitely continue the conversation from your blog when I get to federated identity. As always the issue starts to become who manages a portable identity.

To have a clean user interface you need to have some centralized context but people resist the id of a “directory”that is in any way authoritative because of the control issues and lack of trust of the body controlling the registry. It is an exciting topic and one we need to resolve if we are going to provide ubiquitous access to a learner’s “profile” and “record” to the learner themselves and their designated educators.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: