This session from Caleb Racey and Richard James from Newcastle University.

• FAM requires attributes. For example, if you want to offer resources to (for e.g.) a member of the medical faculty – you need to know which users these are.
• At Newcastle the systems Grouper and Talend provide this
• Federated identity is a subset of campus identity

Data management is the key to access control:

• User identity
• Unit (granularity) of access contorl
  • Department membership
  • Module enrolment

Identity data is aggregated from several different sources/systems across the University.

What is ‘Grouper’?

• Toolkit to manage institutional and personal groups
• Collaborative project from internet2
• API for managing groups
• UI + web services + shel interfaces to access API
• http://www.internet2.edu/grouper/

Newcastle use Grouper to provide access control to different resources – wikis, lecture capture system, room book system. They populate Grouper with the institutional

Grouper has a user-facing interface – gives control to the user, enables local teams to manage memberships of groups etc. Grouper then releases it’s ‘”Groups” to Shibboleth as attributes.

Talend is used to structure the data before import into Grouper – there are more details at http://research.ncl.ac.uk/idmaps/videos.php