Terminology used as part of the IAM Roadmap is defined below:
Active Directory (AD)
A directory service from Microsoft which implements Internet standard directory and naming protocols. See Austin Active Directory (Austin AD) in the service catalog for the university’s local implementation.
An affiliation is an attributes which designates, at a high level, how an individual is related to the university. For example, and individual may be a current student, a future faculty member, a former employee, or all three. For more information, see the knowledge article KB0014971: What are affiliations, classes, and entitlements?
Application Programming Interface (API)
A set of routines, protocols, and tools for building software applications.
Austin Active Directory (Austin AD)
The Active Directory service offered and supported by ITS Campus Solutions for the university. See Austin Active Directory (Austin AD) in the service catalog for more information.
A future, standards-based, consolidated web authentication service for the university. See the Transition to Enterprise Authentication project for more information.
An entitlement is an attribute which defines what an account is allowed or authorized to do. For more information, see the knowledge article KB0014971: What are affiliations, classes, and entitlements? for more information.
The fiscal year at the university runs from September 1 through August 31 of the following calendar year. Broken down into quarters:
Q1: September – November
Q2: December – February
Q3: March – May
Q4: June – August
A fit-gap analysis determines the extent to which a solution meets the established needs and requirements and identifies areas where those requirements are not met.
A future offering which will allow individuals not closely tied to the university (e.g., admissions applicants, job applicants, alumni) to authenticate using an identity (e.g. Google, Microsoft) other than their UT EID. See the Guest Authentication Project for more information.
Identity Governance & Administration (IGA)
A sub-team of the IAM Team who handle identity management and authorization.
Identity Life Cycle
This concept covers the entire lifetime of an identity from creation to deletion and every possible step in between.
The university’s authentication offerings are part of the InCommon federation, which allows the university to collaborate with other members of the InCommon federation.
Information Security Office (ISO)
The university’s information security team.
The university’s authentication offerings are part of the Lonestar Education And Research Network (LEARN) federation, which allows the university to collaborate with other members of the LEARN federation.
Multi-Factor Authentication (MFA)
Authentication makes use of one or more factors of authentication: something you know (e.g., a password), something you have (e.g., your smartphone), or something you are (e.g., a fingerprint). Multi-factor authentication makes use of two or more factors when authenticating you.
Proof of Concept (POC)
The implementation of a functional prototype for the purposes of validating that a technology or approach is possible.
The Message Broker service offered by ITS Campus Solutions.
Functionality implemented by the university’s Multi-Factor Authentication solution which reduces the number of times an individual needs to authenticate. For more information, see the knowledge article KB0017380: What is the “remember me” feature?
SailPoint IdentityIQ (IIQ) provides group- and role-based authorization management services for the university. See the IAM Modernization Program for more information.
Security Assertion Markup Language (SAML)
A standard, XML-based language for exchanging authentication and authorization data between identity providers and service providers. This standard is currently used by the identity providers on UTLogin, Legacy Shibboleth, and the forthcoming Enterprise Authentication (as well as hundreds of service providers that integrate with our identity providers).
The Shibboleth consortium provides the Shibboleth Identity Provider (IdP) and Shibboleth Service Provider (SP) software packages which power the SAML-based authentications at university performed via the Legacy Shibboleth service (formerly known as “UT Shibboleth”). The Shibboleth IdP software will power the forthcoming Enterprise Authentication service.
Simplest Functional Product (SFP)
A product which provides the absolute bare-minimum of desired functionality. Similar to a proof of concept (POC).
Single Sign-On (SSO)
A service which allows a user to use one set of credentials to access multiple applications.
Technical Support Contact (TSC)
A technical support individual designated for a particular college, school, or unit.
University of Texas Electronic Identity (UT EID or EID)
The public records identifier for principals at the university. See EID in the service catalog for more information.
uTexas Enterprise Directory (TED)
The university’s enterprise directory. See uTexas Enterprise Directory (TED) in the service catalog for more information.
uTexas Identity Manager (TIM)
The university’s identity manager. See uTexas Identity Manager (TIM) in the service catalog for more information.
The university’s centralized authentication service which is being replaced with Enterprise Authentication.
Web Policy Agent (WPA)
A proprietary software package which allows university customers to integrate with the authentication services offered by UTLogin.
White Pages (WHIPS)
The university’s public directory.